The Russian aggression against Ukraine has highlighted an asymmetry between defensive and offensive cyber security. What I mean by this is that while nations pour money into their offensive capabilities, the spend on defense is much smaller. Even if Russians are great at attacking everybody, the state of their cyber defense is appalling at best – as has been demonstrated by the ongoing free-for-all against their critical infrastructure.
We see this imbalance in our daily work, while helping organizations reduce their external attack surface. Even if organizations are mature and have a great security posture, asset management and its relation to what is actually exposed to the Internet is often inadequate. This is why our free network asset discovery has become one of the most sought after capabilities we offer our customers. Of course, asset discovery has to be a continuous activity, since in one-shot assessments age real fast.
On 2022-03-08, we launched a new blog on defensive cyber security called Public Exposure.Our aim is to raise awareness on systemic cyber security issues affecting us all. It is not a closed forum, rather we hope it will become a platform where experts from the industry and government can voice their opinion on how to improve the status quo. The first step in that direction is to understand that you have a problem and unfortunately too many organizations are lulled into complacency, until they get held for ransom through a publicly exposed RDP service for example.
Quoting the great philosopher Mike Tyson:
Everybody got a plan until they get punched in the face.
Of course his plan was to avoid being hit and punch back, but in cyber it is more useful to execute a systematic attack surface reduction program before you get hit. This is now more important than ever and it is not too late to start today.