As manufacturing enterprises adopt digital transformation, integrating SCADA with cloud-based solutions introduces serious cybersecurity risks. This case study highlights how a Fortune 500 manufacturer inadvertently exposed SCADA systems to the internet, making them vulnerable to attacks. Traditional security tools failed to detect these exposures due to blind spots in asset inventory and reliance on predefined IP ranges. By leveraging external exposure management, the company identified and remediated these risks before exploitation. This incident underscores the need for continuous attack surface monitoring, risk-based prioritization, and automated asset discovery to secure operational technology (OT) environments against emerging threats.
Read more about Security Risks in Internet-exposed SCADA in ManufacturingPosts by Rob Gurzeev
Search the Blog
There are three approaches to External Attack Surface Management (EASM) for securing complex and evolving attack surfaces in modern organizations. Each has its own set of considerations, including the limitations of traditional methods and the resource-intensive nature of human reconnaissance, which clearly underscore the benefits of an automated and comprehensive EASM solution like CyCognito.
Read more about Three Approaches to External Attack Surface ManagementWe’ve seen across our customers that the typical attack surface changes by one to three percent every day.
Read more about Addressing Attack Surface Cyber Risk: An Interview with Rob Gurzeev, CEOImagine a cybersecurity team that is working hard with the usual tools and best practices. All seems on course for protecting the enterprise attack surface.
Read more about Principles of Attack Surface Protection: Discover EverythingBusiness risks lurk in many places. For cybersecurity, the worst risks are often the ones you never saw coming. A Real World Example To illustrate, consider this real example: A manufacturing conglomerate has an engineer build a Javascript connector for remote access to a mainframe but inadvertently exposes it to the internet. How do you discover this risk and its potential damage? A penetration test will not help unless you happen to be testing that particular machine among hundreds or thousands of servers. A vulnerability scan also will not help, as the risk will be invisible because it is not…
Read more about Principles of Attack Surface Protection: Assess All Assets to Detect All RisksWith a global pandemic affecting everyone, prioritization has determined Covid-19 vaccination eligibility and in what order people receive their vaccine.
Read more about Principles of Attack Surface Protection: Prioritize Risks that Endanger Your BusinessRisk remediation is a wildly unequal race between attackers with advanced processes and attack tools and defenders struggling to keep afloat with tedious, manual processes and 20-year-old technology.
Read more about Principles of Attack Surface Protection: Winning the Remediation RaceEvery time a new security gap is created, it is an all-out race between attackers and defenders, with the winner taking all.
Read more about Principles of Attack Surface Protection: Time Crowns the Winner in SecurityToday is a monumental day for CyCognito and another strong move in our journey to reshape how organizations discover and protect their attack surface. Over the last few years we have enjoyed a great partnership with Accel, Lightspeed Venture Partners, Sorenson Ventures, UpWest and Dan Scheinman, and now we just announced our $100M Series C funding round led by The Westly Group, with new investors Thomvest Ventures and The Heritage Group joining the team. These new and continued investments, along with the trust of our rapidly growing customer base, validate our platform approach to helping organizations protect their external attack surface from even the most sophisticated attackers.
Read more about Accelerating Our Journey: CyCognito Celebrates US$100M Series CHear from Rob Gurzeev, CEO thoughts regarding EASM and why machine learning & cybersecurity protection capabilities have passed manual, human-led efforts.
Read more about The State of External Attack Surface Management (EASM)