Understand Your Attack Surface:
What Organizations Can Learn from Election Security Challenges
As we venture into the final lap of the 2020 election season, adversaries are doing their best to disrupt key institutions, sow seeds of discord and disseminate information that furthers divisions. While this might seem a bit removed from securing your own organization, there is much for us to learn from the security challenges facing our election infrastructure. In this webinar we discuss our findings from a recent research report that documented the attack surface available to an attacker looking to slow down or disrupt the timely counting of votes and declaration of results. This research project illustrates why it is critical to identify the external facing infrastructure that could be targeted and infiltrated by an outside attacker to gain a foot hold and cause disruption or even to potentially establish a path to the organization’s crown jewels.
During this webinar, we will discuss why every organization should build and refine a threat model with an adversarial perspective. We will dive into our process and show how organizations can use open source and threat intelligence to constantly monitor their attack surface. We will also cover the challenges and solutions around handling both managed and known infrastructure, as well as the unknown attack surface, which includes, shadow IT, IoT, cloud and other infrastructure that may present backdoors to attackers. Finally, we will also cover recommendations for remediation and risk mitigation.
Join this webinar to learn about:
- The risks posed beyond election day by brittle state and county infrastructure.
- The lessons we can learn that apply to our own organization’s threat model.
- The risks of threats like ransomware that target the broad attack surface and how to mitigate those risks.
Param Singh, VP, Threat Research
Dig Deeper with These Resources
Awake Security 2 Minute Explainer Video
What if security could think? What if it could sense danger, calculate risk, and react quickly based…
The Internet’s New Arms Dealers: Malicious Domain Registrars
This report dives into the results of a multi-month investigation that uncovered a massive global surveillance campaign…