- This robot vacuum has a side-mounted handheld vacuum and is $380 off for Black Friday
- This 2 TB Samsung 990 Pro M.2 SSD is on sale for $160 this Black Friday
- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
#InfosecurityEurope Case Study: Attack Surface Operations at Nationwide
As the UK’s largest building society, Nationwide has 18,000 users on its IT systems, 400 domains and 750 servers. The business pushes out 25,000 technology changes and updates every year.
As a financial services provider, the society faces an increase in cyber-threats, as well as the need to comply with industry-specific legislation. As a result, the organization is trialing the use of a new team within cybersecurity, specifically to manage its attack surface.
According to David Boda, chief security and resilience officer at Nationwide Building Society, this includes both external and internal risks. Although the society has a wide range of tools managing the attack surface, it wanted a single team to respond to risks.
“It is about being threat led, looking at all of the attack surface with a dedicated, ring-fenced resource to work proactively on things that will have the greatest impact in reducing our risk exposure,” he told Infosecurity Europe 2023 during the closing keynote.
“We are looking for what is really going to move the dial on risk exposure, what is going to make a difference and give a real return on investment.”
Nationwide plans to provide the attack surface operations team with a “digital twin” of the organization. This will take data from its security tools and create a digital version of its technology.
“This allows us to have a more interactive visualization to work out how our assets fit together and how our data flows,” Boda said. “This can be really valuable to help us map our attack surface … it could also help us during an incident.”
The new team will also carry out deep-dive reviews of the society’s technology and identify where security could be improved.
In particular, Boda hopes the new unit will generate a better return on investment from existing security spending, for example by discovering security features that have been shipped but not implemented when applications or tools were upgraded.
The teams’ other goals will include prioritizing and delivering remediation activities, and putting in place changes that will help the Security Operations Centre (SOC) with incident response.
“The outcome will be to make the SOC’s job easier and the attackers’ job a lot harder,” Boda said.
Nationwide plans to have the new team in operation later this year.
Editorial image credit: monticello / Shutterstock.com