所有組織不分大小，都熱切推動數位轉型，以建立新的商業模式和商業生態系統、供應新的產品和服務，並且在數位經濟時代更有效地運作。新的數位運算平台與發展的轉型，諸如雲端、行動、SaaS 與 DevOps，讓這些概念可化為日常運用。所有類型的實體裝置與系統，從企業會議系統到輸電網路，現在都已連網且可程式化，為數位轉型帶來更多機會。
有些人認為這些數位科技就是未來。但真相是，未來就在這裡、就在現在。在 2019 年前，將有超過 90 億的 IoT 裝置部署於企業內，且有超過 90% 的組織已在目前的雲端執行應用程式。
Cyber Exposure 缺口
The tools and approaches organizations are using to understand cyber risk don’t even work in the old world of client/server, on-premises data centers and a linear software development lifecycle where there is less complexity and more control over security.資產不再只是一台筆記型電腦或伺服器。現在的資產綜合了數位運算平台和資產，構成現代化的攻擊面，其中的資產本身和相關聯的弱點都在持續縮放和演化，就像活生生的生物一樣。
彈性攻擊面也讓組織真正瞭解其特定時間 Cyber Exposure 的能力產生重大缺口。我們稱此為 Cyber Exposure 缺口。
組織試圖用幾種方式關閉 Cyber Exposure 缺口
Throw 100s of security tools at the problem to protect from the ‘threat of the week’, creating siloed visibility, management overhead and reactive firefighting.
Rely on a CMDB to get visibility into asset configuration, but 85 percent of these projects fail in part due to stale data and they weren’t built to discover and map today’s modern assets.
Take a ‘scan the network’ approach to identify vulnerabilities.While this is foundational to understanding your cyber exposure gap, the old “one size fits all” techniques and tools haven’t adapted for the modern attack surface.
歡迎來到現代 Cyber Exposure 的時代
Cyber Exposure is an emerging discipline for managing and measuring cybersecurity risk in the digital era.Cyber Exposure transforms security from static and siloed visibility into cyber risk to dynamic and holistic visibility across the modern attack surface.Cyber Exposure translates raw vulnerability data into business insights to help security teams prioritize and focus remediation based on business risk.Cyber Exposure provides executives and boards of directors with a way to objectively measure cyber risk to help guide strategic decision making.Just as other functions have a system of record - including ITSM for IT and CRM for Sales - Cyber Exposure solutions will provide Security with a system of record to help them effectively manage and measure cyber risk.
Cyber Exposure builds on the roots of Vulnerability Management, designed for traditional assets such as IT endpoints and on-premises infrastructure, moving from identifying bugs and misconfigurations and expanding to the following:
Live discovery of any digital asset across any computing environment
Prioritization of remediation based on business risk
Benchmarking of cyber exposure compared to industry peers and best in class organizations
Measurement of Cyber Exposure as a key risk metric for strategic decision support
Addressing the full
Cyber Exposure 生命週期
Identify and map every asset across any computing environment
Understand the cyber exposure of all assets, including vulnerabilities, misconfigurations and other security health indicators
Understand exposures in context, to prioritize remediation based on asset criticality, threat context and vulnerability severity
Prioritize which exposures to fix first, if at all, and apply the appropriate remediation technique
Measure and benchmark cyber exposure to make better business and technology decisions
will be able to confidently answer four questions at all times:
Learn more about Tenable.io Lumin, the new Tenable solution that for the first time empowers CISOs to confidently visualize, analyze and measure cyber risk.With the industry's first Cyber Exposure command center, Tenable is arming CISOs to quantify and benchmark their Cyber Exposure.深入瞭解