Understanding the attack surface to better allocate funds

Prioritize resources to protect the most critical assets

In the last few years, the attack surface has changed from defending the perimeter to protecting applications in the cloud, leaving CISOs wondering how they can best allocate funds to stay ahead of attacks.

Misha Govshteyn, co-founder and CISO at Alert Logic, said, "For a long time, when people thought about defensive strategies it was about their enterprise or their perimeters, where the infrastructure ends and the outside world begins."

According to Earl Perkins, research vice president, digital security, the IoT group at Gartner, "We now embrace multiple forms of wireless networks as an enterprise. We distribute smaller, fit-for-purpose devices that have some processor and memory function, but aren’t general-purpose platforms in the sense of traditional IT. All of these are now ingress points and vulnerable assets if they are inadequately protected."

Keeping up with these changes can be a challenge which is why understanding the attack surface has gained importance for startups and larger enterprises alike, especially in the cloud, Govshteyn said.

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!