Accenture forges own path to improve attack surface management

Accenture’s Journey to Strengthening Its Attack Surface Management

In today’s digital age, cybersecurity threats are becoming increasingly sophisticated, and organizations must be proactive in protecting their attack surface. Accenture, a global consulting and technology company, has taken a unique approach to addressing this challenge by developing its own attack surface management program. This program has enabled the company to improve its security posture, prevent attacks, and respond quickly to potential threats.

The Need for Complete Attack Surface Visibility

Accenture’s Chief Information Security Officer (CISO), Kristian Burkhardt, understands the importance of having complete visibility of the company’s IP estate. This includes knowing all assets, their location, and ensuring they are under proper governance. However, achieving this level of visibility can be challenging, especially for organizations with a large attack surface.

To build an effective attack surface management framework, Burkhardt emphasizes the importance of tech hygiene and strong asset management. Tech hygiene involves ensuring that infrastructure, cloud objects, and workstations are properly configured, patched, and hardened against attacks. Strong asset management means knowing all the assets an organization owns, where they are located, and maintaining proper governance over them.

Accenture’s Custom ASM Program

In mid-2023, Accenture’s information security team began developing its own tools and performing custom activities as part of an initiative that became its attack surface management program. This program combines in-house tools with third-party tools that Accenture purchased and customized to scan for specific vulnerabilities.

The technologies and processes that make up Accenture’s ASM program include crowdsourced penetration testing for critical apps, threat intelligence response, custom-built advanced detection and complex hunt capabilities, monitoring Accenture’s internet footprint, management of Accenture’s external reputation, and breach and attack simulation.

One of the main goals of a custom-built attack surface management program is to prevent attacks and improve response times during attacks. According to Burkhardt, Accenture’s program has achieved both of these goals. The company has improved its visibility of the last 1% of its IP space, and it hasn’t been caught off guard by an attacker getting access to a system it didn’t know it had in over a year.

Real-Life Scenario: Accenture’s Rapid Response Process

Burkhardt describes a real-life scenario where Accenture’s rapid response process discovered and blocked a vulnerability triggered by a newly acquired company. The company had complied with the requirement to implement two-factor authentication for remote access, but Accenture’s tool found instances of a non-commercial remote access tool that was vulnerable to attacks. The company didn’t even know they were using this tool, and Accenture was able to shut it off before an attacker found it, saving them from a potential attack.

Looking Ahead: Injecting AI into Attack Surface Management

Burkhardt is now working on integrating artificial intelligence (AI) into the ASM program. The AI could learn how to analyze threat intelligence and penetration testing results to perform more advanced and faster attacks against Accenture. Unfortunately, threat actors are also using AI, and defenders need to catch up.

Conclusion

Accenture’s custom attack surface management program has been a success, and the company has earned a 2024 CSO Award for its efforts. The program has improved Accenture’s security posture, prevented attacks, and responded quickly to potential threats. As cybersecurity threats continue to evolve, it is crucial for organizations to stay proactive in protecting their attack surface. Accenture’s journey demonstrates the importance of developing a comprehensive attack surface management program and the potential benefits of integrating AI into such a program.