Following METI’s Attack Surface Guidance with Bitsight

Following METI’s Attack Surface Guidance
Terence Cheong
Written by Terence Cheong
Senior Manager, Solutions Engineering APAC

On May 29 2023, the Cybersecurity Division of the Commerce and Information Policy Bureau of the Ministry of Economy, Trade and Industry of Japan (METI) released an introduction guidance on Attack Surface Management (ASM) as a response to the increased cyber threats as a result of companies’ rapid digital transformation has led to a dynamic and growth of their internet footprint and possible attack vectors. Limited visibility and controls of this internet footprint growth has allowed malicious actors the opportunity to exploit the exposures, leading to many damaging and high profile cyber incidents in Japan. As an example, in 2021, a public hospital in Tokushima Prefecture experienced a cyberattack, and general medical care was suspended for about two months.

METI recommends ASM as a means to discover, manage internet assets, and continuously monitor for associated exposures and vulnerabilities allowing for remediations. METI clearly explains the differences between ASM and Vulnerability Assessments (VA), the value that ASM can bring for an organization and how ASM can be implemented. 

Under METI’s definition of ASM, Bitsight is categorized as “Search Engine Type” ASM. Here are our External Attack Surface Management (EASM) key advantages:

Key Advantages of Bitsight for EASM

  1. Proactive Risk Management: Manage your attack surface risks, minimizing the risk of cyber attacks and maintaining a strong security posture.
  2. Increased Efficiency: Manage your attack surface by automating asset discovery, risk analysis and remediation recommendations, reducing the manual effort required.
  3. Enhanced Reputation: Protect your brand and reputation by preventing cyber attacks that could lead to data breaches, service disruptions, or other negative impacts.
  4. Faster response time: When new, widespread, and severe vulnerabilities are discovered, rapidly understand the impact on your external attack surface and vendor network to quickly move from data gathering to remediation.
  5. Reduced exposure from vendors: Manage your third-party vendor risks by identifying vulnerabilities and risks associated with vendor-provided assets, enabling more effective vendor management and risk mitigation.

Talk to Bitsight or our partners and discover how Bitsight can help you manage your attack surface and reduce your organization’s cyber risk.