Can you explain Cymulate’s position in the cybersecurity industry?
Cymulate provides a platform which offers exposure analytics and security control validation. Both of these techniques aid organizations in ensuring that cybersecurity resilience for the organization, and the tools and systems used to support resilience, are operating as expected, having the desired impact, and can be viewed within the framework of organizational priorities.
What role do Attack Surface Management and Breach and Attack Simulation tools play in improving the capacity of cybersecurity specialists to view the digital world from an attacker’s point of view?
Visualizing infrastructure from the attacker’s point of view can be challenging to even experienced defensive cybersecurity specialists. The natural tendency to view things as defenders – including concentrations on tools and techniques used for defensive purposes – can lead to missing critical gaps which align to form viable attack paths.
By discovering the attack surface using the same tools and techniques used by threat actors, organizations can identify shadow IT, misconfigurations, and other issues that may have been overlooked – not due to any negligence, but merely due to how a different point of view can bring different information to the table. Breach and attack simulation then allows an organization to confirm if compensating controls are providing a defense for those areas of concern, or if additional remediation actions are required to defend the organization.
How is Cymulate’s Attack Surface Management product expansion helping boost cybersecurity solutions available in the market today?
Attack surface management (both internal and external) allows the defensive teams of an organization to visualize their infrastructure and systems in the same way a threat actor would. This different point of view can lead to the discovery of unprotected or misconfigured infrastructure, but also can provide proof of the efficacy of defenses where strengths exist. Seeing both parts of that equation can lead to better targeted and more effective security operations.
What steps can companies take to decrease the chances of mistakes caused by humans and enhance people management for the sustainability of their security program.
There are a significant number of things an organization can do to mitigate the impact of human error in cybersecurity. Security awareness training can reduce the overall number of incidents that occur from users being misled or coerced by threat actors; though it is unlikely to completely eliminate such incidents.
Compensating controls can block an attack from being successful if the human element should fail. Proper control over provisioning and permissions can restrict what access an internal or external threat actor has, and therefore limit the damage they could conceivably do within an environment should compensating controls fail. Knowing the overall attack surface of the organization can highlight where additional training, resources, and controls should be brought to bear for the most impact against successful threat activity with or without human factors. In short, a multi-layered methodology which includes strengthening both human and technological defenses is the best path forward.
What is the Role of Cybersecurity in the Finance Sector?
The overwhelming majority of modern financial operations are digital in nature. Everything from basic retail banking transactions to market-moving securities trades are performed electronically, and often with a fully automated methodology. Because of this, proper control over and defense of these digital systems and processes is vital to the health of individual financial organizations and the economy as a whole. Cybersecurity is therefore an absolute necessity, as if a threat actor can gain control of the digital systems performing financial operations, they can re-direct, shut down, manipulate, or otherwise alter any transaction or operation that is governed by those systems as well.
The BFSI sector experiences higher rates of attacks per application than the industry average, since most of your clients in India are banks and Insurance companies. What according to you are the best measures to curb this?
No single operational change can solve the problems that the BFSI sector is experiencing. Exposure Management is the best path forward for the industry, and EM is a process which is composed of multiple areas of operations. First, business and technical stakeholders must both come to the table to begin to map out not just what technology exists, but what impact each technology asset has on one or more business contexts. Then, those contexts must be prioritized based on the impact each process has on the overall operations of the business.
Defensive systems and processes must be tested and evaluated to determine their efficacy in protecting the various business contexts defined – identifying both gaps (to be closed) and strengths (to be preserved). Remediation paths must be drawn up to address uncovered issues in order of priority within business contexts in light of technical concerns, considerations, and complexity.
Finally, this should be a process, not an operation. Instead of a once or twice per year operation as most organizations perform this type of work today, this must be an ongoing process happening continuously. There are two reasons for making this an ongoing process. The first is that threat actors and the threat landscape change rapidly, which alters significant variables frequently.
The second is that the process helps to reduce overhead and workload on already over-burdened cybersecurity professionals by allowing for fewer false positives and false negatives, and allowing defenders to focus more narrowly on areas which are more likely to be attacked and/or are of higher value to the business. This reduces burnout and helps retain employees, while at the same time increasing overall effectiveness of cybersecurity programs and resilience.
What are Cymulate’s future plans and developments? Are there any new features or improvements in progress?
Cymulate is a platform that will never be “finished” until threat actors stop inventing new ways to compromise systems and organizations. Because of this, there are always new developments within the Cymulate platform. Most recently, the Exposure Analytics component has received a significant increase in the number of 3rd-party integrations supported, dozens of scenarios and hundreds of resource objects have been implemented in Breach and Attack Simulation and Continuous Automated Red Teaming (CART), and more new development is occurring every day.
Future efforts include expansion of Attack Surface Management to include native vulnerability scanning functionality (while retaining the ability of Exposure Analytics to ingest data from 3rd-party platforms as well) and extending CART to automate even more complex assessment methodologies to meet the needs of more cybersecurity testing situations which can be safely and effectively automated.