The Question Your Cyber Team Must Answer: What’s (Unintentionally) Exposed to the Internet?

By Ray Rothrock, CEO and Chairman, RedSeal

The rush to remote work and hastily expanded cloud networks made 2020 the year of unintended opportunities for malicious cyber actors, who wreaked havoc on organizations and inflicted damage with long-term consequences. Recognizing these forcing factors are here to stay, it’s time for organizations to assess their network and ask themselves: What’s exposed to the internet?

Situational Awareness Fosters Confidence
Most networks are hybrid, spanning multiple public and private cloud environments along with physical network infrastructure. Many organizations employ cybersecurity tools for each environment. However, they likely can’t see how their entire network is woven together. Without this overarching understanding of what’s on the network – where valuable information is, and if it’s even indirectly accessible to the internet – it’s almost impossible to be confident in your security.

With confidence being the end goal in the enterprise’s security posture and its digital resilience, organizations continue to acquire more security solutions. RedSeal’s argument is that more context is the answer. Not more tools.

Ideally, cybersecurity teams would have one up to date model of their hybrid multi-cloud networks. This complete and dynamic visualization of all network environments – as well as the access paths across and between them – would give teams valuable context. Especially as it relates to where their high value assets are, and all the ways they are vulnerable to attack. To find confidence, context – and the understanding it can provide – is invaluable.

Informed Prioritization is Key
To paraphrase “Animal Farm” by George Orwell, “all connections may be equal, but some are more equal than others.”

Prioritizing your assets is important; you have to know what’s most valuable in order to protect it. However, you also need to know all the ways it could possibly be accessed. Then the much more complex work of prioritizing network vulnerabilities begins. Context is critical here: a severe vulnerability on a database that can’t be reached from the outside is much less important to fix than a less severe vulnerability that can be.

When security teams finally see a dynamic visualization of their entire network, it always leads to unwelcome surprises. We’ve seen everything from unintended connections – from an Xbox on a corporate network to forgetting to deactivate short-term set-ups – like routing around a firewall “until a network transfer happens” and then leaving it up for years.

Trying to prioritize without this understanding is challenging at best and perhaps a complete waste of time.

Human Error Across Complex Clouds
Cloud environments are fairly secure if they are set up correctly. But because cloud networks are managed by people – who are prone to error – most are not as secure as they should be. Gartner predicts that by 2022 at least 95 percent of cloud security failures will be the customer’s fault. It is critical that organizations can validate that their cloud networks comply with industry best practices. Plus, because networks are always changing, they need to do this on a continuous basis.

As the use of cloud and hybrid cloud environments increase, organizations can improve their digital resilience by ensuring they have an accurate map of their network, and how everything is connected.

While 2020 brought an unprecedented number of unknowns, if your cyber team can answer “what’s exposed to the internet,” then you’re well-positioned to address whatever security challenges may lay ahead.