In a post-pandemic digital world where IT solutions have often been hastily implemented, companies can be vulnerable to malicious cyber security attacks that can be averted by resilient infrastructure, secured application, threat monitoring and detection.
In a report on Top Trends in Cybersecurity1 released in March 2022, Gartner, a global IT (Information Technology) research and consulting firm, identified ‘Attack Surface Expansion’ as the number one trend that Chief Information Security Officers (CSIOs) should watch out for.
What is an attack surface when it comes to Cyber Security, and why is it expanding? An ‘Attack Surface’ is quite literally the point(s) from which you are exposed to cyber-attacks. For individuals, it could be vulnerabilities in the operating system, applications or malware resident in their laptops, mobile devices, or USB drives.
For large organisations, it gets more complicated. Attack surfaces are all those described earlier for individual employees, plus hundreds of other devices and systems permitted access through firewalls. This could include, for example, email servers, mobile applications, public cloud architecture and devices and machines connected via the Internet of Things (IoT) or directly to internet.
The reason that these attack surfaces are expanding is apparent. Since the start of the pandemic two years ago, most companies have been forced to transit to a digital and remote model of working. A survey by the Harvard Business Review2 of 332 senior executives of organisations worldwide found that 83% of the respondents said the pace of digital transformation efforts at their organisations accelerated. The response to questions relating to the expansion of collection and use of data and employees’ ability to work from home was similarly overwhelming.
“To manage the equally swift move to online-only business, many companies hurriedly adopted software-as-a-service (SaaS) technologies, expanded cloud-based storage, and onboarded new partners and suppliers — very often while short on staff and resources. Hurry, change, and disruption can mean confusion, omissions, and mistakes that create openings that cybercriminals are masters at exploiting,” the HBR survey report2 further noted.
The Gartner report1 above underlined the risks emanating from this hasty and crisis-stricken move. “Enterprise attack surfaces are expanding. Risks associated with the use of cyber-physical systems and IoT, open-source code, cloud applications, complex digital supply chains, social media and more have brought organisations’ exposed surfaces outside of a set of controllable assets. Organisations must look beyond traditional approaches to security monitoring, detection, and response to manage a wider set of security exposures”, it said.
As Trend Micro, a global leader in Cyber Security in its 2021 report3 remarked, “The fast-tracked digital transformations that enabled the continuity of many organisations also opened them up to a slew of threats, both old and new, as cybercriminals proved savvy to opportunities for abuse and attack, including those that had emerged since the onset of the Covid-19 pandemic.
“Targeted attacks gained popularity among different kinds of malicious actors, including those in cyber-espionage and cyber-mercenary groups, who were armed with upgraded toolboxes that made their operations even more effective.
“From large-scale ransomware campaigns to high-risk vulnerabilities, the far-reaching impact of these security incidents showed that no user, enterprise, or industry was immune to compromise. The massive disruptions caused by high-profile attacks underscored the need for visibility over the ever-evolving attack surface across an organisation’s entire digital infrastructure.”
The pandemic has drastically changed how we live, work and socialise. It has decisively changed how large organisations operate, throwing their IT infrastructure to far higher risks of malicious cyber security attacks. The measures that may have been sufficient before the pandemic and before this drastic transformation are no longer enough. CSIOs need to reevaluate and redefine them. The mounting risks, as the Trend Micro report says, “can be averted only by an adaptive threat monitoring, detection, and response strategy with which organisations could continuously assess and enhance their security postures.”
With many years of experience, domain specific know-how, and regulatory expertise, TÜV SÜD’s experts support organisations in complying to international security standards and improve their cybersecurity postures. Learn how we can partner with organisations to eliminate security vulnerabilities and increase the overall resilience of business operations through our portfolio of cybersecurity services including the ISO/IEC 27001 Information Security Management System, Vulnerability Assessment, and Penetration Testing.
To know more about how TÜV SÜD can support you in your cybersecurity journey, please click here.
Cybersecurity Services Manager, TÜV SÜD PSB