The old ways of securing systems no longer work. Many modern cybercrime attacks are potent because they circumvent 'traditional' security thinking with new and seemingly unpredictable attacks.
These ambiguous attacks are posing new risks to organisations that think they are safe, says Performanta’s Executive Chairman and CEO, Guy Golan:
"We've heard about known knowns, known unknowns, and unknown unknowns. Traditional security from twenty years ago represents the first group, such as looking for software signatures. The second group consists of evolving attacks, yet we know about them. And the third group is often at the cutting edge of digital crime, where criminals try new techniques and exploit unknown vulnerabilities in systems."
Diligent security covers the first group, and smart investment in threat detection reduces the second's risks. But, the unknown unknowns remain a problem, and the other two's threat levels rise because criminals often combine different tactics. For example, criminals breach a system using a zero-day attack (unknown unknown attack) and then hijack unmonitored administrator accounts to gain greater control (known known attack).
The situation makes establishing consistent security monitoring and response uncertain and cumbersome. But there is an answer: Performanta's SafeXDR service incorporates Continuous Threat Exposure Management to reduce breach risks by 70 percent.
What is Continuous Threat Exposure Management?
What is CTEM? Gartner introduced the concept in 2022 as a set of five assessment steps to articulate a company's threat exposure:
Step No. 1: Scope for cybersecurity exposure
Determine the scope of your attack surface based on business risk and potential impact. Consider traditional devices, apps, and applications, as well as less tangible elements such as corporate social media accounts, online code repositories, and integrated supply chain systems.
Step No. 2: Develop a discovery process
While scoping will identify numerous focus areas, it primarily serves to determine the extent of threat exposure management. The discovery stage identifies visible and hidden assets, vulnerabilities, misconfiguration and other risks.
Step No. 3: Prioritise threats
Not all threats are the same and will vary based on your company's risk profile. Prioritise according to urgency, security, availability of compensating controls, tolerance for residual attack surface (risks that remain after mitigating a particular risk), and the level of risk posed to the organisation. Focus on high-value assets and a plan of treatment that addresses them.
Step No. 4: Validate how attacks might work
Analyse potential attack pathways to the asset, identify if the current response plan will mitigate those risks, and convince business stakeholders on what triggers lead to remediation.
Step No. 5: Mobilise
Operationalise your CTEM findings, reducing obstacles to approvals, implementation processes or mitigation deployments. Document cross-team approval workflows and communicate your CTEM plan to the security team and business stakeholders.
How Safe XDR helps you establish CTEM
Performanta realises Continuous Threat Exposure Management (CTEM) for customers through our Safe XDR platform—the first platform in the market built to enable CTEM. We believe it's the best way to provide comprehensive ongoing security protection at every organisation.
CTEM requires an elaborate and multi-disciplinary approach, which Safe XDR delivers through Performanta's experts, leveraging our Encore Attack Surface Management (ASM) service, Extended Detection and Response (XDR) service, and Risk Operations Centre (ROC).
Here is how Safe XDR addresses CTEM's five steps:
Step No. 1: Scope for cybersecurity exposure
A Performanta CTEM Optimisation Manager conducts a cyber risk assessment and security controls review.
Step No. 2: Develop a discovery process
Using our proprietary Encore ASM tool, Performanta's experts identify internal and external threat profiles, and monitor cloud and on-premise IT 24/7 with XDR.
Step No. 3: Prioritise threats
Performanta's ROC correlates system information with known vulnerabilities, and assesses compromise risks of specific assets against defined risk tolerance levels.
Step No. 4: Validate how attacks might work
Building on step 3, our ROC evaluates that the discovered exploitation risks are accurate and determines what the business impact could be if an attack compromised specific assets.
Step No. 5: Mobilise
Performanta develops risk priorities for certain exploitation scenarios, and one of our Security Optimisation Managers organises on-demand access to the right specialists.
This is how Safe XDR reduces breach threats by 70 percent, reduces mean time to remediate (MTTR) from days to less than 6 minutes, and achieves 90 percent automation of security tasks.
Start using CTEM
Modern, digitally-powered companies rely on complex systems layered with people, processes and technologies to maintain a business advantage. Online criminals constantly look for weak spots in that complexity or try new ways to circumvent security. CTEM is the answer to these ongoing threats, and Safe XDR is the single-package CTEM enabler that every company should consider.
"The bad news is that there are always new security threats; the good news is that CTEM lets you evolve security without constantly reinventing or reinvesting," says Guy Golan. "Performanta Safe XDR represents this modern approach to continual security improvements with a comprehensive platform, managed services, and the right security skills in your corner. Whether you are worried about someone hacking your servers or your CEO, CTEM provides remedies."
Comments