Governance & Risk Management , Incident & Breach Response , Security Operations

What 'Indicators of Exposure' Reveal

Knowing Top Exposure Risks Means Better Triage, Skybox's Gidi Cohen Says
What 'Indicators of Exposure' Reveal

"Indicators of Compromise" are digital forensic elements that can be used to help assess if an organization has been hacked. One indicator, for example, is when endpoints have been communicating with known malware command-and-control servers.

By contrast, "Indicators of Exposure" refers to potential exploitable attack vectors that attackers could use to hack into an enterprise - for example by targeting software vulnerabilities or misconfigured devices - and the ease with which they could be exploited.

Gidi Cohen, CEO of cybersecurity software vendor Skybox Security, says the impetus for assessing Indicators of Exposure - a concept that his company has developed - is to help organizations know which flaws to fix first and which software to patch most quickly.

"The key is how to know what's really important - what's exploitable, what can [do] potentially really bad damage to the organization," he says. "And I believe that the only way to understand that is actually to map and associate those with Indicators of Exposure in the context of the total attack surface of the organization, which is basically the collection of all the possible attack vectors into the corporate network infrastructure, in the cloud or on premises."

In this interview with Information Security Media Group, Cohen also describes:

  • Using analytics to map an organization's biggest service and data-related risks;
  • Creating containment plans based on various types of exposure;
  • Knowing which flaws or risks to remediate first.

Before becoming CEO of Skybox Security, Cohen was chief strategy officer at the company, which he helped found. He also previously served as CEO of Vigil Technologies, project manager for Orbotech and an officer in the Israeli Defense Force.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.