CyCognito Blog
Strategy
Strategy
Security Risks in Internet-exposed SCADA in Manufacturing
By Rob Gurzeev
CEO & Co-Founder
February 10, 2025
As manufacturing enterprises adopt digital transformation, integrating SCADA with cloud-based solutions introduces serious cybersecurity risks. This case study highlights how a Fortune 500 manufacturer inadvertently exposed SCADA systems to the internet, making them vulnerable to attacks. Traditional security tools failed to detect these exposures due to blind spots in asset inventory and reliance on predefined IP ranges. By leveraging external exposure management, the company identified and remediated these risks before exploitation. This incident underscores the need for continuous attack surface monitoring, risk-based prioritization, and automated asset discovery to secure operational technology (OT) environments against emerging threats.
Strategy
Need to boost the value of your security budget in 2025? Here’s how.
By Jason Pappalexis
Sr. Technical Marketing Manager
December 16, 2024
This post guides CISOs and cybersecurity managers on maximizing testing value despite tight budgets. It defines security testing program value and provides examples of areas to reduce costs and increase effectiveness. A walkthrough for an organization using vulnerability scanning, app sec, manual pen testing, security ratings and bug bounties is included.
Strategy
How to Budget for EASM
By Tim Matthews
Was Chief Marketing Officer
November 18, 2024
External Attack Surface Management (EASM) is crucial for reducing risks associated with unknown and unmanaged digital assets, which are responsible for over 65% of breaches. This post provides practical guidance on budgeting for EASM, including cost ranges, staffing requirements, and justifications based on risk reduction, labor savings, and operational efficiencies. Learn how EASM can optimize your security investments while improving your organization’s overall cybersecurity posture.
Strategy
Common security testing approaches leave gaps. Here’s how to find them.
By Jason Pappalexis
Sr. Technical Marketing Manager
September 16, 2024
Gaps in security testing involve more than missed assets – infrequent and inaccurate security testing can be just as big. This blog provides a five-step plan to help you find testing gaps and tighten your testing program, improving risk management, decision-making, and cost efficiency. A must-read for anyone looking to strengthen their security across their external attack surface.
Strategy
The Long Tail of the Supply Chain: Leveraging Exposure Management to Mitigate Risk from Current or Former Vendors
By Emma Zaballos
Product Marketing Manager
February 20, 2024
Networking equipment vendor Juniper Networks recently exposed current and former customer information due to a Salesforce misconfiguration. While incidents like these can give attackers valuable data and footholds into your network, leveraging exposure management best practices and processes can help organizations mitigate these risks.
Topics
Search the Blog
Featured Posts
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Top Tags
CyCognito Research Report
State of External Exposure Management, Summer 2024 Edition
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report
Moving from Vulnerability Management to Exposure Management
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan
See Exactly What Attackers See
Get a Free Scan of Your Attack Surface
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.