In unprecedented times, even government bureaucracy moves quickly. As a result of the heightened likelihood of cyberthreat from Russian malactor groups, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) — part of the Department of Homeland Security — issued an unprecedented warning recommending that “all organizations — regardless of size — adopt a heightened posture when it comes to cybersecurity and protecting their most critical assets.”
The blanket warning is for all industries to take notice. Indeed, it’s a juxtaposition of sorts to think the cybersecurity industry is vulnerable to cyberattack, but for many nation state groups, this is their first port of call.
Inspired by the spike in attacks on cybersecurity agencies globally, a report from Reposify assessed the state of the cybersecurity industry’s external attack surface (EAS). It coincides with CISA’s warning, and highlights critical areas of concern for the sector and how they mirror trends amongst pharmaceutical and financial companies, providing vital insight into where organizations can focus their efforts, and reinforce the digital perimeter.
The first step to resiliency is to reduce the likelihood of a damaging cyber intrusion in the first place.
The report examined 35 cybersecurity companies and their 350+ subsidiaries with shocking results: during only a two-week period in January 2022, more than 200,000 exposed assets were uncovered at top firms, 42% of which were identified as high-severity issues.
As CISA outlines in its “Shields Up” guidance, the first step to resiliency is to reduce the likelihood of a damaging cyber intrusion in the first place. Recognizing the problem is only the first in a series of actionable moves organizations can make to minimize their external weaknesses to bad actors.
If addressing digital perimeter exposures is the foundation, zoning-in on problem areas is the framing. A deep dive into these deficiencies points to clear solutions all industries – cybersecurity or otherwise – can embrace to protect themselves.
What do companies need to do?
Many factors, including the transition to remote work environments, increased reliance on third-party vendors, digital transformation and offloading services onto the cloud, have significantly increased companies’ external attack surface.
According to the report, the rise of remote access sites saw 89% of identified assets classified as part of the unofficial perimeter. Similarly, 87% of databases were unaccounted for, along with 67% of development tools and 62% of all network assets.
Databases were found to be among the most vulnerable to cybersecurity threat, with over half (51%) of cybersecurity companies hosting an exposed database. Nearly all (97.14%) of security agencies have exposed assets on their Amazon Web Services (AWS), and 86% of those analyzed have at least one sensitive remote access service exposed to the internet.