Skip to main content

What about outsourcing cyber security?

 ACHANGEL 2.0 GFW from PT SYDECO

One of the fundamental principles of cyber security is to reduce the attack surface of an IT infrastructure as much as possible, in order to limit the target of a cyber attack and minimise, as far as possible, the damage that such an attack can cause to the infrastructure as a whole.

Each author has his own definition of the attack surface, but personally I opt for Phil Muncaster's definition, which - even if it seems incomplete - unlike the other authors, defines it by its objective and not by its means. In essence, he writes that the attack surface "can be defined as the physical and digital assets of an organisation that could be compromised to facilitate a cyber attack "(1).

However, this definition seems to me to be incomplete, because the attack surface encompasses not only what could facilitate a cyber attack, but also and above all what could be targeted by the cyber attack or, in other words, what the attack could target, i.e. all the physical assets, such as hardware, and digital assets, such as software, of an organisation.

Just like a burglar, a hacker will always find a way to penetrate a system or a home, no matter how secure it is.

Hence the recommendation to limit the attack surface by creating micro-segmentation so that, in the event of an attack, it is not the whole system that is affected but only the part that is first targeted.

For example, if the German hospital which, during the pandemic, had to refuse to admit a sick patient because its entire computer system was down following a cyber attack, had protected its computer system by segmenting it, the patient would not have died.

This fundamental principle of cyber security is therefore clearly opposed to the introduction of elements that will only increase the attack surface.

So any cyber security solution applied to an infrastructure that requires the intervention of a third party only increases the attack surface of that infrastructure.

I'm thinking here of security systems sold as SaaS or based on the Cloud, which necessarily involve systems and software from outside the company, as well as physical people for operations and maintenance over which the customer has no control.

When you use a SaaS solution, you don't necessarily know how secure it is. However well secured it may be, it is not immune to access by a privileged user from a compromised medium. In 2022, 3 leading companies fell victim to compromised SaaS solutions. I'm thinking here of Microsoft, Okta, and HubSpot.

Darktrace has observed a significant increase in the number of attacks against SaaS (2) platforms. It's not hard to understand why, when you consider all the cyber-attack risks that are specific to a SaaS platform.

These risks may relate to a possible misconfiguration of the cloud, to the intervention of the platform itself as a third party, whose level of security we do not know, nor that of the physical people working on it, the level of protection of its API, the dangers that staff may run, intentionally or unintentionally, by exposing sensitive data or disrupting the service through their actions, data breaches, denial of service attacks... (3)

And what are we to think of SolarWinds and Kaseya, who offer their customers IT security as a SaaS service, when we know the irreparable damage these companies have caused them when they themselves have been the victims of a cyber attack?

In conclusion, it can be said that the cyber security of an IT infrastructure can never be delegated to a third party, be it a physical entity, a platform or the Cloud, without broadening the scope of attacks.

The best protection against cyber-attacks is one that is built in-house and in which you have personal control over all its components at every level.

The best protection against cyber-attacks is, in addition to the most advanced traditional means of defence, to segment your infrastructure to limit the attack surface, as ARCHANGEL 2.0 enables you to do. This new-generation firewall offers defence in depth with real-time control of the network and its components, and creates micro-segmentation within the network.

1.     https://www.welivesecurity.com/fr/2021/09/15/surface-attaque-definition-reduction/

2.     https://darktrace.com/blog/the-anatomy-of-a-saas-attack-two-threats-caught-and-investigated-by-ai

3.     https://medium.com/@bryanlack.co/dont-get-hacked-the-10-most-common-saas-security-risks-e4b67eec489


#cybersecurity #firewall #SaaS #Cloud #Archangel #network #segmentation 

Comments

Post a Comment

Popular posts from this blog

 Hospital Security in Question In a recent article titled "Cyberattacks: Public and Private Hospitals, Is the Worst Yet to Come?", Jean-Michel Tavernier1 provides a detailed analysis of why the medical sector is a prime target for hackers. He highlights the vulnerabilities that allow hackers to access sensitive data such as medical records, insurance information, and payment details. The compromise of this data can have severe consequences for individuals' privacy, financial security, and even personal safety, not to mention the financial damage to institutions and the risks to the quality of care provided to patients. System Vulnerabilities Tavernier points to the "excessive interdependence of the entire healthcare chain." Hospitals collaborate with a multitude of interconnected providers and partners, creating numerous opportunities for attackers. He suggests managing the attack surface (ASM), which means controlling and securing all entry points where unautho...
Post a Comment
Read more
                                                                     ERRARE HUMANUM EST   The Inescapable Nature of Human Error and Its Implications in Cybersecurity To err is human; one could even say it is a defining characteristic of humanity. Who has never made a mistake, whether out of distraction, ignorance, or because it was provoked? No one is immune to making mistakes, and most of the time, they are forgivable, even if their consequences can be very damaging. However, the fundamental, unforgivable error is doing nothing to avoid situations that lead to mistakes. Thus, to minimize errors due to distraction, one should avoid multitasking (for example, a surgeon operating should not be distracted by a nurse recounting her latest adventures) and refrain from performing actio...
Post a Comment
Read more

KEUANGAN & DATA PRIBADI PEMAIN GAME ONLINE DALAM BAHAYA

Melindungi Gamer Online: Memahami Risiko dan Solusi Dalam beberapa tahun terakhir, dunia game online telah mengalami pertumbuhan eksponensial, sejalan dengan meningkatnya nilai aset game. Namun, lonjakan popularitas ini juga membawa segudang risiko yang mengancam para pemain dan operator. Dari upaya peretasan dan pencurian akun hingga transaksi yang tidak sah dan eksploitasi data, bahaya yang mengintai di dunia digital selalu ada. Mengingat tantangan-tantangan ini, sangat penting untuk menjelaskan pentingnya langkah-langkah perlindungan yang kuat dan solusi inovatif. Memahami Lanskap Aset game, yang terdiri dari mata uang virtual, item, dan akun, adalah sumber kehidupan ekonomi game online. Nilainya melampaui ranah virtual, bahkan sering kali melampaui transaksi di dunia nyata. Meskipun demikian, perlindungan konsumen tradisional yang diberikan oleh layanan perbankan dan pembayaran tidak ada di ranah game. Operator platform game sering kali mengadopsi pendekatan laissez-faire, membuat ...
Post a Comment
Read more