{"id":392747,"date":"2020-12-03T09:03:36","date_gmt":"2020-12-03T14:03:36","guid":{"rendered":"http:\/\/www.marketnewsdesk.com\/?p=392747"},"modified":"2020-12-03T09:03:36","modified_gmt":"2020-12-03T14:03:36","slug":"cycognito-and-esg-report-shows-attack-surface-management-is-critical-but-few-organizations-do-it-well","status":"publish","type":"post","link":"https:\/\/www.marketnewsdesk.com\/index.php\/cycognito-and-esg-report-shows-attack-surface-management-is-critical-but-few-organizations-do-it-well\/","title":{"rendered":"CyCognito and ESG Report Shows Attack Surface Management is Critical But Few Organizations Do It Well"},"content":{"rendered":"

\nOrganizations mostly monitor what they already know about, leaving unknown assets unprotected and open to attackers
\n<\/h2>\n
\n

PALO ALTO, Calif., Dec. 03, 2020 (GLOBE NEWSWIRE) — CyCognito<\/u><\/a>, the leader in attack surface protection and digital risk protection, today announced new research in partnership with Enterprise Strategy Group (ESG) that revealed most security professionals recognize that attack surface protection is important, but their operational practices and tools used aren\u2019t up to the challenge.<\/p>\n

The new report, Gaps in Attack Surface Monitoring and Security Testing for Cyber-risk Mitigation<\/u><\/a>, was based on a survey of 200 cybersecurity and IT professionals who are directly involved with their organization\u2019s cybersecurity strategies, controls, and operations. Respondents came from companies with at least 4,000 employees in industries like technology, manufacturing, financial services, and healthcare, among others. According to 98 percent of survey respondents, attack surface monitoring is a \u201cTop 10\u201d security priority at organizations. But that positive perspective belies what is actually being done. A deeper analysis of survey responses reveals significant gaps across attack surface monitoring coverage and cadence.<\/p>\n

The reality is that organizations struggle to get even limited visibility into their complete attack surface, despite investing resources across a broad range of piecemeal solutions and processes. The report finds that organizations focus only on assets they already know exist and therefore never know about significant portions of their attack surfaces. That exposes them to attackers that target blind spots specifically because they are unmonitored by organizations. The practice of scrutinizing the known and ignoring the unknown is a form of \u201csecurity theater<\/u><\/a>\u201d where security teams are doing something<\/em>, but it does little to improve the security of their organizations. Additionally, despite its self-evident criticality, many organizations use an assortment of tools and manual processes for attack surface monitoring, making the process fraught with operational complexity, human error, and best-guess analysis.<\/p>\n

\u201cWhy is attack surface monitoring so critical? To paraphrase an old business adage, \u2018You can\u2019t manage what you can\u2019t measure,\u2019\u201d said Jon Oltsik, ESG senior principal analyst and fellow. \u201cBy discovering and monitoring these assets, security professionals can then find the \u2018path of least resistance\u2019 that hackers may use as a doorway to penetrate corporate networks and commence a cyber-attack. Armed with this intelligence, security teams can close the gaps, fine-tune security controls, and develop countermeasures.\u201d<\/p>\n

Other key findings from the report include:<\/p>\n