Reducing the Attack Surface in an Expanding Digital World
- Date:December 09, 2021
- Author(s):
- Tracy (Kitten) Goldberg
- Report Details: 20 pages, 7 graphics
- Research Topic(s):
- Cybersecurity
- Fraud & Security
- PAID CONTENT
Overview
Businesses across the board are at greater cyber-risk today than ever before. For financial institutions, this is especially true, as they expand digital banking channels and ways to connect with consumers. But more fundamentally, all businesses are at greater risk of attack today because their attack surfaces keep expanding. Increased reliance on personal devices to access corporate systems and networks, coupled with the necessity to outsource security management, as well as some other critical functions, has put businesses in peril. Identifying risks and measuring the attack surface are the first steps toward blunting these attacks, for institutions of all sizes. Educating employees about cyber-risks needs to be a close second, and much more of a priority, as employees are the first and front lines of perimeter defense as well as the primary points of vulnerability. Third-party relationships need to be evaluated and rated for cybersecurity fitness with greater consistency and regularity. In this report, Javelin offers recommendations for how institutions can limit risks associated with a growing attack surface by, in part, by making their employee cybersecurity education more effective and more efficiently managing their third-party risks.
Key questions discussed in this report:
- How can organizations effectively use cybersecurity employee education to limit the cyber-risks posed by a remote workforce?
- What emerging risks do relaxed and loose bring-your-own-device (BYOD) policies pose?
- How does reliance on managed security service providers (MSSPs) increase cyber-risk?
Methodology
This report was adapted from Javelin Strategy & Research’s May 2021 survey of cybersecurity professionals in the United States. Javelin Strategy & Research maintains complete independence in its data collection, findings, and analysis. The data includes responses from 507 cyber professionals across five industry verticals: financial services, IT, health care, retail, and telecommunications. Approximately 300 respondents came from financial institutions that fall within one of these four asset-size ranges: $500 billion and more; $100 billion to $500 billion; $20 billion to $100 million; and $1 billion to $20 billion.
Learn More About This Report & Javelin
Related content
The Hidden Enemy: Iran’s Cyberthreat to U.S. Banks
Disinformation is among the leading cyber risks predicted in the wake of the June 21 U.S. strikes on Iran’s nuclear program. On June 22, the Department of Homeland Security issued ...
Zero Trust Hinges on Cyber Strategy, Not Technology
Compliance will never equate to security, and zero trust will never hinge on technology. Zero trust is built and secured via a solid corporate culture and cybersecurity strategy th...
Fake Deals, Real Trouble: Cyber Risks in Online Marketplaces
Online purchasing continues to flourish, as brick-and-mortar options have dwindled in a post-pandemic economy. Larger e-commerce brands, such as Amazon and eBay, are targeted by cy...
Make informed decisions in a digital financial world