Webinar: Navigate the ASM Landscape with KuppingerCole’s Leadership Compass. Register now Webinar: Navigate the ASM Landscape
CyCognito Blog

Strategy

Search the Blog

By Rob Gurzeev

As manufacturing enterprises adopt digital transformation, integrating SCADA with cloud-based solutions introduces serious cybersecurity risks. This case study highlights how a Fortune 500 manufacturer inadvertently exposed SCADA systems to the internet, making them vulnerable to attacks. Traditional security tools failed to detect these exposures due to blind spots in asset inventory and reliance on predefined IP ranges. By leveraging external exposure management, the company identified and remediated these risks before exploitation. This incident underscores the need for continuous attack surface monitoring, risk-based prioritization, and automated asset discovery to secure operational technology (OT) environments against emerging threats.

Read more about Security Risks in Internet-exposed SCADA in Manufacturing
By Jason Pappalexis

This post guides CISOs and cybersecurity managers on maximizing testing value despite tight budgets. It defines security testing program value and provides examples of areas to reduce costs and increase effectiveness. A walkthrough for an organization using vulnerability scanning, app sec, manual pen testing, security ratings and bug bounties is included.

Read more about Need to boost the value of your security budget in 2025? Here’s how.
By Tim Matthews

External Attack Surface Management (EASM) is crucial for reducing risks associated with unknown and unmanaged digital assets, which are responsible for over 65% of breaches. This post provides practical guidance on budgeting for EASM, including cost ranges, staffing requirements, and justifications based on risk reduction, labor savings, and operational efficiencies. Learn how EASM can optimize your security investments while improving your organization’s overall cybersecurity posture.

Read more about How to Budget for EASM
By Jason Pappalexis

Gaps in security testing involve more than missed assets – infrequent and inaccurate security testing can be just as big. This blog provides a five-step plan to help you find testing gaps and tighten your testing program, improving risk management, decision-making, and cost efficiency. A must-read for anyone looking to strengthen their security across their external attack surface.

Read more about Common security testing approaches leave gaps. Here’s how to find them.
By Emma Zaballos

Networking equipment vendor Juniper Networks recently exposed current and former customer information due to a Salesforce misconfiguration. While incidents like these can give attackers valuable data and footholds into your network, leveraging exposure management best practices and processes can help organizations mitigate these risks.

Read more about The Long Tail of the Supply Chain: Leveraging Exposure Management to Mitigate Risk from Current or Former Vendors