Around a quarter of Fortune 500 companies have vulnerabilities in their external IT network that threat actors could exploit to access sensitive data, a new survey has found.
Experts from cybersecurity firm Cyberpion performed a cursory single-pass scan of the public and internet-facing assets of every Fortune 500 company in the first half of 2021.
The survey revealed that nearly three quarters (73%) of the scanned companies’ IT infrastructure exists outside their organization, of which 24% is considered at risk or has a known vulnerability.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- These are the best endpoint protection tools
- Here's our choice of the best malware removal software on the market
- Check our list of the best firewall apps and services
“Security teams often can’t effectively defend against attacks stemming from third-parties because they lack visibility into the total inventory and volume of assets they are connected to. They are unaware of the exposure to these external vulnerabilities, and can’t identify and mitigate against these risks,” said Cyberpion CEO Nethanel Gelertner.
Security blind spots
Cyberpion thinks of total IT infrastructure as IT assets that are owned and operated by vendors of the Fortune 500 companies, such as servers, cloud storage, email servers, CDNs, DNS servers, and such.
The survey revealed that 71% of the total cloud-based IT assets exist outside the organization, of which 25% failed at least one security test. On average, Fortune 500s connect to about 951 cloud assets, of which nearly 5% are vulnerable to severe abuse.
Similarly, on average, a Fortune 500 IT infrastructure is composed of about 126 different login pages for either customer or employee portals or services, and nearly 10% were found to be insecure either due to the transmission of unencrypted login data, or because of issues with SSL certificates.
“This extensive ecosystem creates an external attack surface that is uniquely appealing to hackers to attack, and extremely complicated for enterprises to manage securely,” reasons Cyberpion.
Mapping the realm
The security company argues that traditional third-party risk management solutions tend to focus on IT infrastructures that’s directly under the control of the enterprise. However this creates blind spots in the company’s defense strategy.
Cyberpion is using the results of the survey to push for the need for external attack surface management (EASM) solutions.
It backs its results with insights from Gartner, which stresses that “EASM should be part of a broader vulnerability and threat management effort aimed at discovering and managing internal- and external-facing assets and their potential vulnerabilities.”
- Protect your devices with these best antivirus software
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.