Guest Column | April 27, 2023

The Growing Channel Opportunity In External Attack Surface Management

By Steve Malecha, CybelAngel


Channel partners working in security have an increasingly important role to play in helping their customers stay ahead of the latest cyber threats. Alongside fortifying defenses against the latest high-profile attack tactics and malware, organizations also need to ensure they keep up with the risk exposure caused by their growing IT footprint.

Managed Security Service Providers (MSSPs) and other security-adjacent partners have a powerful opportunity to act as valuable strategic advisors, helping their customers invest in tools and services such as External Attack Surface Management (EASM) best placed to secure their expanding IT estate.

Why Is Managing The External Attack Surface A Priority?

Even in today’s uncertain economic climate, most businesses are investing heavily in digital transformation. Gartner estimates global spending on the cloud to exceed $591.8 billion this year, for example, climbing over 20 percent from 2022.

However, rapid expansion also can quickly increase risk exposure as firms create a larger attack surface. Indeed, our investigations have found cloud storage to be one of the biggest contributors to data exposure. Leaks caused by external cloud storage shot up by 150 percent in 2021 compared to the year before.

As part of their expansion, most firms now operate within increasingly complex digital supply chains, and the innumerable connections serve to further increase data exposure. Many breaches are caused by attackers entering third-party partners or suppliers to exploit their network access. Data sets, such as customer databases, that are shared with third parties also will fall out of the scope of normal security monitoring, and organizations will usually be unaware if they are breached or leaked until it’s far too late.

Getting this expanded external attack surface under control is one of the biggest security priorities in the year ahead. Channel partners that are equipped with the right expertise and tools to solve this problem have a strong opportunity to deliver value.

How Monitoring And Managing These External Risks Creates Value For MSSPs

MSSPs should be taking the initiative in understanding their customers’ growing IT estates and helping them to identify potential risks ahead of time. Being a part of this conversation will help position them as trusted, proactive strategic advisors, rather than simply reactive transactional vendors.

Reining in the cyber risk caused by expanding attack surfaces requires comprehensive visibility. Security teams need to be able to see all potential threats and vulnerabilities across the entire external attack surface, including third parties.

Xtended External Attack Surface Management (EASMX) is one of the most powerful tools for the job. This approach discovers all exposed assets and threats, including those caused by supply chains and third parties. EASMX also actively monitors the dark web for relevant mentions, helping to identify existing data breaches early and buying valuable time to get ahead of the situation.

Channel partners can provide even more value by not only connecting customers with best-in-breed solutions like this but helping them to integrate them into the existing security stack to optimize performance.

How EASMX Is Delivering Global Growth

Armed with EASMX, our partners are seeing strong growth across Europe and the Middle East. Manufacturing, healthcare, telecommunications, retail, and financial services are some of the industries seeing the highest growth as businesses in these sectors are highly invested in digital transformation.

It is also an area that benefits from continual improvement to better keep pace with both digital expansions and threat actor tactics. For example, we recently enhanced our Asset Discovery and Monitoring capabilities to achieve an even more exhaustive search for unknown assets and added new functionality to intercept credentials from infostealer malware with our Account Takeover Prevention solution.

With almost every organization investing more in digital transformation and expansion, EASM will continue to be a high-growth area for MSSPs and other security-adjacent partners.

About The Author

Steve Malecha is Vice President, Global Partners and Alliances at CybelAngel.