Demo of the CyCognito PlatformSee the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. More...
State of External Exposure Management, Summer 2024 EditionDownload the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. More...
The Total Economic Impact™ of The CyCognito PlatformRead The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...
The attack surface is often larger than security teams realize. Internet exposed assets hide in plain sight, not only on primary corporate networks, but also on infrastructure belonging to subsidiaries that isn’t directly managed by corporate IT security teams. This is a common issue that isn’t going away soon.
At CyCognito, we believe that sharing what we learn in managing attack surfaces can help progress the security community as a whole. Data we observed is a normalized aggregate of the attack surfaces of our customers, primarily Fortune 500 global organizations. Through this External Risk Insights report, we track insightful trends over time and aim to share our findings with the community on a semi-annual basis.
We found interesting, and even sometimes surprising, insight. Let’s consider a stat: the average organization has 104 subsidiaries and the core security team is unaware of 10 to 31 of them – that is, until they started using CyCognito. For context, we use subsidiaries to mean any entity owned by the parent company, which can be a business unit, brand, standalone company or something similar. Those unknown subsidiaries contain assets and issues that can cause major issues for the rest of the organization.
Subsidiaries contained an average of 56% of the critical and high vulnerabilities affecting customer assets. Tracking these assets and issues is not a one-and-done process — once issues are found and traced back to the owners, they must be fixed and validated. For organizations with unknown and under-managed subsidiaries, this process is even more difficult for parent IT security teams, particularly when it comes to ensuring vulnerabilities are successfully remediated. Issues among the subsidiaries can affect the larger organization, but without a comprehensive mapping and monitoring system, security teams in the parent org have limited visibility into these issues.
A goal of many security teams is to reduce the average amount of time between a vulnerability being discovered and the moment that issue is fixed — called the mean time to remediation (MTTR) — across their organization. A critical, but sometimes overlooked step of that process is after a fix is applied, validating that it’s been fixed correctly.
CyCognito offers an in-platform remediation validation function that verifies if issues marked as remediated are actually fixed and in this report we looked to see how customers were using this feature. When users did revalidate, we found that the issue still existed 54% of the time. While some users could be simply testing the feature on issues they know haven’t been resolved, there are several other reasons that issues may go unresolved:
This shows how easy it is for remediation efforts to fall short unless security teams are proactive about monitoring their success and measuring external risk in the organization.
With the frenetic pace that new vulnerabilities are being discovered and publicized (on average, based on metrics from the CVE program, in 2022 a new CVE was published every twenty minutes), security teams can expect more major security incidents that affect multiple parts of organizations, are difficult to track down for external risk events, and require communication across the organization to ensure fixes are successful.
Without a comprehensive and up to date map of the attack surface that shows where issues are and which teams should remediate them, security teams are fighting an uphill battle.
CyCognito is an external attack surface management platform designed to empower operations and security teams of risk managers to identify, prioritize, and help remediate externally exposed IT risk. We were founded in 2017 by ex-intelligence agency reconnaissance experts that asked a simple question: “what if we could simulate an attacker’s reconnaissance plan starting only with the target company’s name?” Since then, we’ve helped organizations map their attack surfaces and prioritize and accelerate their remediation efforts.
For more insights into external risk assessments that might affect your organization, check out our new External Risks Insights brief. If you’d like to chat with an expert about managing risk, you can schedule a demo at cycognito.com/demo/.
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure.
Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. Based in Palo Alto, CyCognito serves a number of large enterprises and Fortune 500 organizations, including Colgate-Palmolive, Tesco and many others.
For more information, follow us on Twitter @cycognito.
Privacy Policy Terms of Service Sitemap