The idea of security through obscurity has been universally rebuffed by laymen and experts alike. Even so, it is still widely relied upon in even the most security-aware organizations. But hiding an asset or vulnerability or weakness from people only works for so long. Eventually, people find it. And those people aren’t always the good guys.
While business has been occupied with digital transformation, attackers are taking advantage of the security gaps that result from the speed that assets are created and the lack of visibility that organizations have into these assets.
RDP and other productivity-enhancing tools leave organizations exposed to attacks on their ever-changing attack surface
In a previous post, we discussed advances in technology that have made it possible to scan the entire public Internet much faster than ever before. Because of these advances, the thought that exposures can simply hide on the Internet is no longer true. You may think that your organization isn’t a target for cybercriminals, but the ease through which an exposure can be found opportunistically means that you may end up a victim anyway.