Cybersecurity leader Katie Inns gives her top tips for spring-cleaning the digital clutter that is exposing your company to more than just dust mites.
As we pass the midway point of spring, many of us will be casting an eye around our homes and considering if it’s time for some more spring-cleaning before the summer sun draws us outside. But that spirit of renewal isn’t just good for our homes – it extends to our businesses too, especially the digital side of things.
Just as a house accumulates dust and clutter, digital environments tend to gather unused applications and outdated tools. These unmanaged and overlooked assets can easily create attack paths for cybercriminals looking for a way into the network. With risk level steadily expanding alongside the digital footprint, it’s essential for organisations to take stock and clean up their digital spaces.
Here, we discuss the necessary steps to not only clean up a digital environment, but keep it maintained to enhance cyber resilience.
Digital clutter
In the race to keep up with technological advances, organisations frequently amass a maze-like array of digital tools and systems. Most businesses are steadily increasing their spending, and Gartner estimates global IT investment will reach $5trn in 2024, up nearly 7pc from last year.
These investments are helping organisations to become more agile and unlock new opportunities through capabilities like automation. However, this unchecked proliferation also leads to more complex digital environments, cluttered with outdated and seldom-used technologies.
Neglected digital assets significantly enlarge the attack surface, presenting cybercriminals with numerous vulnerabilities to exploit. As digital tools and applications multiply rapidly, the security measures needed to protect these environments often lag behind, compounding vulnerabilities.
The result is a pressing need for organisations to reassess and streamline their digital landscapes, removing unused and obsolete technologies to mitigate the growing risk of cyberthreats. Such measures not only tighten security but also improve the operational efficiency of IT environments, making them less prone to cyberattacks.
The risks of ignoring the mess
It’s common for businesses to build up old assets. Few companies can honestly claim they don’t have at least a couple of storage cupboards or dusty corners full of old equipment that should have been disposed of years ago.
But while purely physical items may be unsightly and wasteful, digital clutter can also be dangerous. The risk stems from the fact that they are often left connected to the main IT network, or worse, exposed to the internet.
As organisations continue to add new technologies without retiring old ones, they inadvertently create a complex maze of outdated, poorly secured and often forgotten digital assets. These assets can easily become entry points for cybercriminals. For example, an unmaintained server with known vulnerabilities could serve as a gateway for attackers to infiltrate deeper into the network, potentially leading to data breaches or ransomware attacks.
So, unlike a storage cupboard full of dusty old CRT monitors and slightly broken office chairs, businesses cannot afford to ignore their digital assets.
Alongside these digital dumping grounds, many organisations struggle with assurance processes for their active infrastructure. It’s common to find widespread shadow IT, with software implemented without going through proper security checks. The rush to hit deadlines also means applications sometimes bypass security testing processes, or else unsecured test applications are left with live internet connections.
Without vigilance, the digital dumping not only grows but also becomes increasingly hazardous, making it difficult for security teams to manage and protect. This negligence could result in substantial financial losses, reputational damage and legal consequences. Also, security and privacy regulations such as the GDPR won’t look kindly on enterprises that have invited threat actors in through neglected digital assets.
Addressing this requires both active and ongoing digital asset management. By continuously monitoring and updating the digital estate, organisations can close off these vulnerabilities and reduce the risk of cyberattacks. The concept of exposure management is key to tidying up this mess.
Exposure management as a clean-up tool
Exposure management plays a crucial role in cybersecurity, acting as a strategic approach to understanding and mitigating risks associated with the digital assets of an organisation.
It’s a mixture of mindset, framework and process to help understand, prioritise and reduce cyber risks across the entire attack surface. Central to this is the IT environment from the point of view of an attacker, considering where a hostile threat actor will see vulnerabilities, how they might be exploited and how defences will fare if this happens.
By defining and continuously analysing the attack surface, exposure management helps organisations identify which assets are most at risk and why. This is crucial for prioritising security efforts where they are most needed, rather than spreading resources too thinly across all potential vulnerabilities. It also helps deliver visibility to ensure that forgotten older systems are brought into the fold and accounted for.
For mid-market companies, which often operate with more limited cybersecurity resources than larger enterprises, integrating exposure management into regular security protocols can be particularly beneficial.
It allows these companies to make informed decisions about where to allocate their limited security budgets for maximum impact. Exposure management also enables enterprises to apply business context to their assets to determine their priorities. For example, two servers may be technically identical and facing the same risks, but one is full of unimportant image files, while the other holds sensitive customer data and must take precedence.
This integration also delivers benefits including streamlined security operations, improved efficiency in risk management and enhanced ability to respond to threats with agility.
Ultimately, exposure management empowers organisations to not only clean up existing messes but also prevent future ones by maintaining a clearer understanding of their evolving digital landscape.
Implementing a clean-up strategy
To effectively clean up the digital clutter, organisations must start by identifying which digital assets are most at risk and why. Prioritising these assets is crucial for focusing efforts on the most vulnerable areas of the attack surface. The steps for implementing this strategy include the following.
Comprehensive asset inventory
Create a detailed inventory of all digital assets, identifying and categorising each by its importance and vulnerability. Automated, AI-powered systems are valuable here, helping teams to swiftly map out the environment.
Risk assessment
Evaluate the risks associated with each asset, considering factors like exposure to potential cyberthreats and the severity of possible breaches. Automated tools are useful here too but should be combined with human knowledge of the business’s unique structure and priorities.
Prioritisation and remediation
Focus on the most critical vulnerabilities first, directing resources to where they can make the most significant impact in strengthening security. Enterprises should look to establish their own bespoke risk scoring here to help prioritise their actions using contextualised threat intelligence, rather than relying on pre-existing systems that might not relate to their needs.
Regular reviews and updates
Continuously monitor and update the security measures to adapt to new threats and changes in the business environment. Teams should seek to establish a continuous threat exposure management (CTEM) approach to identify new issues that emerge over time.
Maintaining long-term digital cleanliness
Regular digital clean-ups are not just a one-time effort but a continuous commitment essential for safeguarding an organisation’s digital health. By actively engaging in periodic evaluations and updates of their digital environments as part of an on-going exposure management programme, organisations can effectively mitigate risks and maintain operational efficiency.
These practices not only secure sensitive data but also ensure that the organisation can adapt to evolving cyberthreats, keeping their digital infrastructure resilient against potential vulnerabilities.
By Katie Inns
Katie Inns is head of attack surface management at WithSecure, a cybersecurity solutions provider. After completing a degree in criminology, Inns worked as part of an in-house security team focusing on vulnerability management and application security, before joining WithSecure to help organisations reduce and improve the security across their external attack surface. As a side project, she is involved in medical device security research, some of which she has presented at DEFCON.
Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.