Accenture forges own path to improve attack surface management

In order to build an attack surface management framework, says Burkhardt, an organization must first have:

• Tech hygiene — making sure your infrastructure, cloud objects, and workstations are configured, patched, and hardened against attacks. 
• Strong asset management — knowing all the assets you own, where they are located, and ensuring they are under proper governance.

“If your tech hygiene and asset management are not in a good place, it will get in the way of ASM,” says Burkhardt. “They were in a good place at Accenture, but that doesn’t always protect you against edge cases and unique attack scenarios.”

Like most organizations, Accenture has standard defenses to detect and prevent largely autonomous attacks: endpoint protection, firewalls, email filtering, multi-factor authentication, patching and configuration management, and URL blocking.