|
Getting your Trinity Audio player ready...
|
The Holiday season is one of the most important periods of the year for e-commerce and retail organizations. Adobe estimates that “$253.4 billion will be spent online this holiday season (Nov 1–Dec 31)”. This means that retailers need to ensure that critical systems that support the customer buying journey – such as servers running transactional websites, point-of-sale terminals, third-party vendor integrations, and inventory tracking systems – aren’t susceptible to exposure.
The Cost of Down Time
Downtime during peak traffic is a financial hemorrhage and a nightmare for businesses. Not only is there the immediate cost of lost sales, but also the costs of recovery, costs to address the underlying issues, and longer term effects such as loss of buyer trust and negative PR.
From a financial perspective, the total costs can be huge. For example, during 2019’s Thanksgiving, Costco’s website crashed. The downtime, which lasted 16.5 hours, was estimated to have cost $11 million in lost revenue. And earlier this year, UK-based retailer Marks & Spencer estimated that a ransomware attack, which took down its online ordering systems, caused a loss of profits of approximately £300 million.
How Continuous Exposure Management Helps Organizations Beat the Holiday Blues
The industry has spent years selling the “Vulnerability Hose”. If you just patch more, you’re safer – but the math says otherwise:
- Visibility is Not Security: Static scans provide a snapshot of flaws, but they don’t show the attack path
- The Perimeter is a Myth: Attackers don’t stop at your firewall; they pivot from forgotten marketing subdomains or misconfigured APIs to reach your crown jewels.
- The 74% Problem: XM Cyber data shows that 74% of identified exposures are “dead ends” leading nowhere. And spending time and effort on fixing them is pure security theater.
The XM Cyber Continuous Exposure Management (CEM) platform helps organizations take a holistic approach to exposure discovery across the full attack surface. Here is how CEM changes the outcome:
1. See the Full Attack Surface—And How it’s Exploited
Vulnerability scans haven’t been on anybody’s gift list for a while. Today, retail organizations need continuous attack visibility for assets such as servers running e-commerce/transactional websites, point-of-sale terminals in physical stores, third-party vendor connections and legacy systems used for inventory tracking.
This visibility should be both the outside-in and inside-out view. An attacker’s journey doesn’t stop at the perimeter, and your visibility can’t either. They might start with an unknown, external-facing asset, like a forgotten marketing subdomain for a holiday promotion or an exposed API for a new third-party vendor. Standalone discovery tools might find this, but they won’t show you the real risk. The critical question is: can that exposed API be used to pivot to your internal payment processing system?
2. Understand the Tapestry of Risk
But just seeing isn’t enough. Organizations need to understand how individual exposures are sewn together into a tapestry of risk and keep track of assets as they are added or removed. CEM connects the dots between exposures, building a validated path between them that shows how attackers can reach business-critical assets – not just a list of theoretical exposures and dead-ends.
For example, consider a misconfigured AWS EC2 instance mistakenly left publicly accessible from the internet. If breached, an attacker can use an over-privileged account to spread laterally into the network, and eventually reach a POS system.
3. Know Where to Start
When everything is critical, nothing is. Alert fatigue is real and security teams don’t have time to chase every alert. CEM focuses on what matters most to an organization by making exposure prioritization based on risk to the most business-critical systems. For example, an exposure on a workload that powers an e-commerce website is higher priority than one that impacts non-critical systems.
This prioritization helps security teams focus efforts efficiently on more important areas. Additionally, guided remediation actions and MITRE ATT&CK techniques help unite teams with additional context relating to fixes and broader threat investigation efforts.
4. Communicate Risk Effectively
Tracking and communicating progress in security posture over time is a common challenge for security teams. CEM makes it easier to show the correlation between a validated exposure and the threat it poses to the business, moving beyond technical conversations around CVSS scores. It also helps teams demonstrate security posture improvement; by closing high-risk exposures, you can directly reduce the danger of business-critical processes being impacted and demonstrate the return on investment of the security program.
Conclusion
The holiday season is too important to leave to “hope-based” security. Don’t give your team more work—give them the ability to ignore the 98% and focus on what matters. That is how you actually protect the business, and how your team gets to go home on time.
To find out how XM Cyber can help your organization, grab your demo spot here.
