New research from F5 Labs examined over 200 billion web and API traffic requests from businesses with bot controls in place.
The post The Unseen Battle: How Bots and Automation Threaten the Web appeared first on Security Boulevard.
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this blog, we share three challenges cybersecurity leaders say exposure management helps them solve. You can read the entire Exposure Management Academy series here.
Traditional vulnerability management is undergoing a transformation. The core cybersecurity discipline is evolving into exposure management, which is built on a broader, more strategic approach to identifying, prioritizing and mitigating risk.
Modern IT environments have long been evolving beyond the on-premises data center to include cloud infrastructure, mobile devices, internet-of-things (IoT) systems and operational technology (OT).
To get a close look at this shift, the Tenable Exposure Management Academy regularly interviews cybersecurity leaders around the world. Our goal is to gain insights into their real-world experiences making the shift from traditional vulnerability management to exposure management. We conduct these discussions on the condition of anonymity. This blog reveals the three key challenges they're solving with cyber exposure management.
The three challenges exposure management addressesThe leaders we spoke with want to do more than just track vulnerabilities. They want to understand and reduce real-world cyber risk across their expanding attack surfaces. Exposure management empowers them to tackle these three challenges:
1. Lack of attack surface visibilityFor effective risk management, the leaders we spoke with are seeking a complete, unified view of all assets and their associated threat exposures across diverse environments. Visibility is essential because security teams can’t protect what they can’t see. In our discussion, a security leader working at a distributor noted that many organizations struggle with asset ownership and accountability in expansive environments.
"Sometimes, if you have a vulnerability happening, you just need to know who owns it,” the leader pointed out. “But no matter who owns it, we need to track it. We didn’t have a lot of visibility on that and we needed to know in order to effectively manage vulnerabilities.”
Security exposure management provides visibility beyond traditional siloed IT assets, including:
The key: With the right exposure management strategy, you can consolidate and standardize security data from multiple tools and environments, ensuring every detail is correct (including asset ownership), while reducing blind spots and improving response times.
2. Difficulty prioritizing remediationAn important point to remember: Not all vulnerabilities pose the same level of risk. But determining how much risk any vulnerability presents requires context specific to your environment. You need to understand who or what has access to that asset, their privileges and how critical the asset is to business functions. Traditional vulnerability management can’t help you connect these dots for effective risk prioritization.
When your security teams are overwhelmed by thousands of potential issues, they can’t effectively guide their IT counterparts tasked with remediation.
Exposure management in cybersecurity provides the additional context needed to practice risk-based vulnerability management, focusing remediation on the vulnerabilities with greatest potential impact in your unique environment.
Exposure management helps you understand whether bad actors are actively using a vulnerability in attacks (we call this “exploitability”), how important the affected system is to your organization (we call this “asset criticality rating”) and how an attacker could exploit a vulnerability in real-world scenarios (also known as “potential attack pathways”).
As a security leader for an industrial real estate firm explained, the challenge is not just fixing vulnerabilities but also measuring security progress in a meaningful way.
"We're trying to move to a risk-type of reporting instead of ‘You fixed a thousand exposures,’” this security leader told us. “Say you have 10,000 exposures and the team knocks out 2,000 in a month. But Microsoft releases 3,000 more. Now you have 11,000. What did you actually accomplish? We have to shift to a risk approach."
The key: Risk-based exposure management ensures security teams focus on what matters most, rather than being buried under an ever-growing vulnerability backlog.
3. Staying stuck in reactive modeExposure management introduces a new way of thinking about cybersecurity. Instead of staying in reactive mode, responding to each new incident as it arises, continuous exposure management enables your teams to practice proactive security. You can anticipate potential attack scenarios and implement security controls to mitigate threats before attackers exploit them.
What does proactive cybersecurity look like? Here are three requirements:
One leader emphasized an important point: Cyber risk requires a shift in mindset and organizational culture.
"We’re quite reactive,” the security leader said. “And because we’ve been very manual, we needed a tool to help us get to the next stage. That means more automation to ease our workload so we can focus on more value-added work — like educating stakeholders to prevent repeat mistakes."
The key: By embedding best practices for cyber exposure management into daily operations, you can minimize risk before attackers can take advantage of vulnerabilities.
TakeawaysMaking the shift and practicing exposure management vs vulnerability management reflects a broader evolution in cybersecurity that aims to move from reactive security posture management to proactive risk management.
Leaders are tackling the three key challenges — lack of attack surface visibility, difficulty prioritizing remediation and staying stuck in reactive mode — by embracing exposure management to build a more resilient security posture that aligns with business priorities.