Attack Surface Management , Business Continuity Management / Disaster Recovery , Events

Attack Paths: Just 4 Steps Can Compromise 94% of Assets

XM Cyber's Paul Giorgi on Using Attack Path Management to Simulate Break-In Points
Paul Giorgi, director of sales engineering, XM Cyber

Behind every so-called data breach is a more discrete "series of incidents," typically involving attackers or insiders first gaining access to system and then escalating privileges and moving laterally before gaining control of Azure Active Directory, dumping databases, unleashing ransomware or getting up to other unwelcome mischief, says Paul Giorgi, director of sales engineering at XM Cyber.

See Also: Ransomware Response Essential: Fixing Initial Access Vector

Based on research conducted by his firm into both on-premises and cloud-based environments, Giorgi says, "We've found that 94% of organizations have the ability to get impacted or to have their critical assets compromised within four steps or less" after an initial breach point. To help address this reality, he says organizations are increasingly turning to the disciple of attack path management to simulate the most likely ways that attackers will break into an environment, to help IT and security teams know which vulnerabilities and other problems they should mitigate first to best reduce their risk.

In a video interview with Information Security Media Group at RSA Conference 2022, Giorgi also discusses:

  • The various types of events that can lead to and comprise a data breach;
  • How to use attack path management to simulate all of the ways attackers might break in;
  • How to prioritize which systems to remediate first.

Giorgi got his start in cybersecurity in the late 1990s by working on multiple contracts with the U.S. government, including with the Department of Defense, that were largely focused on network security. In 2006, he joined FishNet Security, focusing on both sales engineering and solution architecture. Since then he has held a variety of positions - including CTO, solutions director and principal architect - primarily focusing on security architecture design, testing and integration testing, all in pursuit of helping large enterprises combat malware, ransomware and other threats.


About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.