This is your host Boris Agranovich and our guest today is Alex Tarter, CTO at Thalas UK Cyber & Consulting and director of TurgenSec, an innovative London based infosec startup. In this episode we discussed the following topics.
What is the state of attack surface management and threat intelligence. With the constant drive to innovate, digitally transform and move to the cloud many large businesses generate a large amount of orphaned assets, shadow IT or misconfigured cloud instances.
As a result of that, many companies end up with a core set of IT infrastructure that IT teams are aware of and managing and a whole bunch of others that they’re unaware of. This is what often leads to large data breaches and compromises - IT teams so focused on a vulnerability mgmt problem in known assets that they ignorant of those critical assets potentially causing a huge issue.
But as bad as it might be in a large company the same is true for their supply chain. Very often the supply chain partners holding critical customer and company data are not great at looking after their own infrastructure.
They might have security and audit requirements in their procurement contracts but the reality is they’re hardly ever exercised and mostly the language only applied once a data breach happens and a company wishes to claim compensation.
It would be much better if we could monitor their attack surface and if there’s issues point them out. After all it’s not the issues themselves that are always that important but to see how the supply chain partner reacts. If they’re mature and can respond then they’re probably taking good care of your data. If they can’t respond effectively then it’s likely they’re a bigger risk.
For CISOs it’s the fact that they’re typically operating on incomplete knowledge. If they knew about issues they could respond and allocate resources effectively.