Learn more at Carah.io/Cyber-Expanse
Eliminating
security blind spots
Agencies can’t be secure without internet-scale discovery and monitoring of their attack surface
Matt Kraning
CTO and Co-Founder, Expanse
DIGITAL TRANSFORMATION HAS brought
about rapid change in the way government agencies and commercial organizations leverage technology to accomplish
their goals. However, the rise of cloud and the decentralization of IT have made it challenging for agencies to track, govern and secure all of their internet-connected assets.
The bottom line is you can’t protect what you don’t know about.
If you’re validating the security of your department or agency but do not know where all your assets are, then your policies and procedures can have substantial and material gaps, leading to a false sense of confidence in your security posture.
Attackers are actively looking for unmonitored assets
When assets aren’t managed or monitored by IT, they are less likely to be updated or patched and are more likely to be vulnerable. This is how the WannaCry ransomware attack shut down operations
at multiple companies worldwide in 2017. More recently, medical- testing giant LabCorp was hit with a ransomware attack because an unmonitored internet-connected asset was compromised and the attack spread to internal networks.
Assets critical to successfully executing government missions are increasingly on networks that agencies don’t own or even directly manage. As a result, the attack surface now extends to the networks of contractors and suppliers that house critical data and support critical supply chains on behalf of their government customers. Compromise of those contractor and supplier networks directly leads to compromise of agencies’ missions.
Last year, Chinese hackers broke into a Navy contractor’s system and stole sensitive materials on military technologies. Despite the Navy’s efforts to protect its own systems, officials had no visibility into what was happening on a private contractor’s network that housed sensitive Navy data.
The need for a centralized security strategy
Agencies must strive for continuous technical validation of the internet-connected assets on their systems and those of their contractors and suppliers so they can constantly monitor them for potential vulnerabilities. The Defense Information Systems Agency recently chose Expanse to dynamically map and monitor the internet attack surface for the massive Department of Defense Information Network. Expanse was selected because of our ability to scale continuous discovery and monitoring to the planetary-sized networks that comprise the DODIN.
It is possible for agencies to reap all the benefits of modern network, communications and IT systems in a secure way, but they need to develop a strategic plan for the entire organization, including their contractors’ and suppliers’ systems.
This is an opportunity for agencies to take the initiative and gain a central, comprehensive view into the security of the technology that powers the government and our nation.
Matt Kraning is CTO and co-founder of Expanse.
SPONSORED CONTENT S-39
SECURITY BEGINS WITH KNOWING WHAT TO PROTECT
Control your global internet attack surface and identify risky communications
R E D U C E RISK FROM
On-prem and Cloud Asset Exposures Supply Chain Networks
Prohibited Internet Communications Unsanctioned Infrastructure
No installation or instrumentation required.
LARGE FEDERAL AGENCIES USE AND TRUST EXPANSE