In cybersecurity, the attack surface represents all the entry points to an information system through which an unauthorized user could attempt to gain access.
The larger a company grows, the more exponentially it multiplies its entry points, expanding not only its attack surface, but also the risk that just one of these poorly-secured points will result in a successful attack that can cost huge sums of money: in France, the average cost of a data breach was $4.34 million in 2022.
This figure can climb much higher in certain sectors. In the medical sector worldwide, the average cost of a data breach reaches $10 million, as recently observed at the Corbeil-Essone hospital.
The evolution of the cyber attack surface in recent years
The health crisis has precipitated a digital transition with far-reaching consequences for the security of corporate information systems.
Remote working, initially a necessity, has been democratized over the long term. This means that employees are no longer using networks protected by corporate security policies, but personal connections that are far easier to hack.
Another necessary arrangement for remote working has been the deployment of appropriate software solutions to ensure access to company files and to communicate with employee teams. Messaging programs have always been prey to phishing attacks, and these third-party programs are no exception.
The consequences of these changes
This transition in companies' relationship with digital technology has increased their number of access points, thereby considerably expanding their attack surface and, consequently, the risks of successful attacks. New challenges and adaptations to the cyber plan are becoming too much of a burden for companies that have no control over their information systems or cyber risk, and cybercriminals have multiplied their attacks by taking advantage of the new potential loopholes.
TheANSSI estimates that during the year 2020, the number of victims of cyber attacks has increased fourfold. It also notes that hospitals and logistics services have become prime targets.
Faced with these new risks, how can you protect your surface from cyberattacks?
To reduce the risk of data breaches, several solutions are available.
On the human side, it's important to make your teams aware of good cybersecurity practices, so as to create good cyber hygiene in their working environment. Whenever possible, get them to adopt two-factor identification solutions, and educate them about the reasons behind the company's security policies. In cybersecurity, it only takes one weak link to go from phishing to ransomware. Having a minimum level of understanding and application of the basics of security among every employee greatly facilitates the work of the information system security manager.
On the software and operational side, to protect your attack surface you need to reduce it, which means understanding your information system. Analyzing your attack surface is a time-consuming and costly activity, but a necessary one. It involves, among other things :
- Identify every access point on your information system
- Find the vulnerabilities present in each of them
- Identify poorly configured exposed components (default password, overly permissive security policy, etc.)
- Create a full discovery report
These operations can take months, and it's on this pillar that OverSOC proposes to shorten the process to make it easier for you to control your attack surface. Contact us for more information.