Page 96 - Cyber Defense eMagazine forJune 2021
P. 96
See What Hackers See via the Outside-In Perspective
By Alex Heid, Chief Research & Development Officer, SecurityScorecard
There is value in seeking out multiple perspectives. Even the most elite athletes have coaches and
trainers observing them and telling them ways to improve their performance, and the same principle
applies in the world of cybersecurity. An organization locked into a narrow view of their cybersecurity
posture, confidently believing that they are secure, might miss any number of potential warning signs.
Unfortunately, the consequences are far worse than those that might befall an underperforming athlete,
and we continue to see them play out on an almost daily basis.
Today’s cybercriminals understand both the most common cybersecurity strategies and more
sophisticated approaches, and have engineered innovative new ways to circumvent these controls. And
while organizations may feel assured in their cybersecurity stance, they can only assess what they can
see and know about, which is often limited to a point-in-time assessment of a certain set of variables
such as IP addresses on a static asset list.
This lack of continuous network visibility can result in the exploitation of vulnerabilities that the
organization doesn’t know exist. Now, more than ever, it is critical for organizations to seek a continuous
outside-in perspective on their network security perimeters, allowing them to see their network the way
attackers do.
Why Now?
Networks have changed. In the past, enterprises were responsible for their own security, but today’s
mass adoption of cloud infrastructure has blurred the lines of who is responsible for what aspects of
security.
Think of it as a “fortress” model of security versus an “ecosystem” model.
Cyber Defense eMagazine – June 2021 Edition 96
Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
