Events from the last few months have accelerated digital transformation across all organizations. While your enterprise adapts and learns to thrive, it is vital for you to adopt best practices to retain your hard-won compliance certifications such as PCI, HIPPA, NIST-800-53, and others. As a CISO, you can identify the potential risk of losing your compliance certification only with a complete and continuous view of your attack surface. If your enterprise is not certified, then you can still derive value from the Expanse platform by comparing yourself against these frameworks to prevent potential breaches.
For example, if an RDP server (Remote Desktop Protocol) is accidentally left exposed to the internet, it implies a violation of least privilege, lack of access control on network, and loss of perimeter protection. All of which can endanger your Governance, Risk, Compliance (GRC) certifications. This is one of the many ways in which your customer data and other business-critical information can be breached.
Most organizations address this challenge by hiring expensive third-party GRC auditors to ensure they are not in violation. While laudable, these measures fall short in today’s continuously evolving cybersecurity world. Since the first and most important aspect of an audit requires a complete and accurate inventory list to be tested and 42% of organizations still track their assets manually using spreadsheets and emails to analyze cyber threats.1
It is no surprise then that in a recent PwC survey2 of CISOs, 39% mentioned that investing in better information governance across their enterprise was their priority in this new normal. One would surmise this is a direct result of not getting satisfactory answers to the questions: What are our most critical assets? Where are they? And who has access to them?
The Expanse platform helps you discover all of your internet assets, including your unknown unknowns. We also map these assets to your enterprise using a patented data technology that helps you identify account owners, business units, contact details, and other information to reduce Mean-Time-To-Remediation (MTTR). For a Fortune 100 company, we discovered over 200% more IPs than they were tracking giving them crucial visibility into their branch offices and managed property site networks.
When you don’t have clear visibility into your exposed assets, your third party-audits will take longer and cost more. Digital transformation projects that overlook unidentified legacy assets will reduce potential cost savings in the long-term. In the unfortunate event of a breach, it would also be hard to justify to regulators that you undertook ‘reasonable’ measures to stay compliant when you do not have complete and continuous visibility of your internet assets.
Beyond providing a comprehensive view of your attack surface, Expanse also helps you understand potential violations by analyzing your assets against key components of your compliance frameworks such as the following control families within NIST 800-53:
|Access Controls||Expanse can identify publicly accessible assets that might expose sensitive data or provide remote access, such as RDP, SNMP, and Telnet.|
|Audit and Accountability||Expanse also provides alerting on all appearances, reappearances, and disappearances of critical services and misconfigurations on your Internet assets to assist in any required audits.|
|Configuration Management||Expanse discovers your web servers and enriches this information by identifying their software version information to ensure that all web server software versions are approved and are not using EOL software versions.|
|Risk Assessment||Expanse scans your network daily and you can use the appearance and disappearance of services on your network to verify that system components subject to any significant change were scanned and remediated.|
|Security Assessment||Expanse can determine where some of your security controls have failed, such as the misconfiguration of a firewall or Internet asset or failed implementation of a WAF.|
|System and Communication Protection||Expanse helps identify inbound and outbound traffic that can possibly indicate unauthorized access, such as outbound connections from insecure protocols.|
|System and Information Integrity||Expanse monitors communications to and from your Internet assets that may be indicators of potential attacks, such as communications from known C2 nodes or to exposed databases.|
Using Expanse to monitor and maintain your GRC certifications:
- Gives you continuous visibility into violations of your compliance certification unlike third-party audits which only provide a snapshot at a point in time
- Saves costs on third-party audits by comprehensively discovering your unknown unknowns to reduce audit time and improve audit efficiency
- Accelerates your digital transformation initiative while ensuring you don’t unintentionally violate your certification
Expanse doesn’t require any installation or additional agents. Download a datasheet to learn how Expanse can help you reduce your attack surface. You can also request a demo and we’ll bring actionable insights about your enterprise to our very first meeting.
1 2020 SANS CTI Survey, 2 PwC’s Digital Trust Insights Pulse Survey