07 December 2023

Hitting the Target with Asset-Centric Security

We've partnered with our portfolio company Bolster for this article on asset-centric security.

Cybersecurity has always been and will continue to be a critical concern for organizations of all sizes and across various industries. In today's rapidly changing digital landscape, where new threats emerge daily, brands and organizations must stay vigilant and proactive in adopting robust security measures to protect their valuable assets, including intellectual property, customer data, and proprietary information, from unauthorized access, theft, and potential breaches.


There is a significant problem with the way we approach cybersecurity. All current security solutions, including Bolster, prioritize the protection of specific attack vectors used by attackers. An attack vector is a pathway or method used by a hacker to illegally access a network or computer to exploit system vulnerabilities. Examples of attack vectors include: 


- social media platforms

- attachments or links in emails

- web pages

- mobile applications


As a result, security organizes their solutions based on these vectors: social media protection, email protection, mobile device management, and more. 

Here lies the problem. Security vendors only look at the pathway or method the attacker is employing and not at the attacker's target. There can be multiple pathways or methods to reach a target and organizations looking to optimize security might find themselves in an endless game of whack-a-mole. Beyond just a serious risk concern, there is a large financial concern to buying solutions based on the attack vector. Oftentimes, organizations must purchase multiple security vendors to defend against each attack vector. Irrespective of how many solutions an organization purchases, a new attack vector will always be used to try to reach a target.


While this approach mitigates risks, it is neither a scalable nor effective approach to protecting against modern threats. Let's take another angle on this problem and ask a simple question. What are we trying to protect?


Every organization tries to protect its employees, executives, domains, sensitive information, trademarks, logos, and copyrights. In summary, every organization is trying to protect their assets. Why not consider an asset-centric approach instead? Why not consider a solution that can protect your executives on social media, the dark web, and third-party PII sharing sites, eliminating the need for three separate solutions: social media protection, dark web protection, and data protection?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Maecenas a fringilla tortor, et porttitor tort. Vestibulum non nisi interdum, blandit dolor in. laoreet magna. Suspendisse sit amet elit sit amet nisl. semper imperdiet. Suspendisse

Pitfalls of the traditional Vector-Centric Security

Let's take a closer look at the vector-centric approach. A snapshot of the system looks like the image above. If a brand/ organization wants to protect its employees, it must purchase email protection from a vendor (Vendor 1 in the chart above), social media protection from another (Vendor 2), dark web credential leaks monitoring from a third (Vendor 4), and so on. Then, repeat the cycle for fake apps, phishing URLs, and other attack vectors. This approach creates vendor bloat, making assessing threats across multiple vectors targeted toward your assets impossible.

Try answering a crucial question: What specific and emerging digital threats target your CEO? To comprehensively address this critical issue, there is a need to extract and analyze data from at least four vendors and build dashboards and reports on top of the data. This requires a significant investment of resources, even with assistance from multiple vendors. When we try to answer questions that are much more complex than this, the data collation gets more complicated. No tool can give the external threat posture of an organization’s assets.

And that is why we at Bolster want to change our approach towards external threat protection. What if one tool can inform you of the threats against your executives and protect your employees across multiple attack surfaces? 

Welcome to asset-centric protection, where the focus is on protecting an asset, the target, rather than defending against various specific attack vectors, the method or pathway of attack. 

Introducing Asset-Centric Security: getting to the core of the problem

The asset-centric approach focuses on protecting an organization's core: its assets.  Assets can be an organization’s domains, employees, devices, and more. For instance, to protect an organization’s domain, yourorg.com, a security vendor must monitor and take down typo squat variants, BEC scams, phishing pages, and more digital risks that are infringing on the domain and its trademarks. Moreover, an organization’s security team will also have to monitor the dark web for hacker chatter on possible past or future attacks on their domain. In an asset-based approach, you have one security vendor that can provide comprehensive coverage of all attack vectors that are associated with that particular asset, in this scenario: your corporate domain. The chart below shows how assets can require protection across multiple different attack vectors: 

The Asset-based approach is designed to provide a comprehensive level of threat detection, remediation, and correlation across various attack vectors, making it exceptionally powerful when defending against multi-channel l attacks. 

For instance, if an executive is being targeted in a BEC attack, the attackers are likely also targeting them on social media and discussing the attack on the dark web. In this scenario, there are multiple attack vectors that indicate a possible attack against an executive. In the traditional vector-centric approach, an organization must purchase two solutions to see the full breadth of the attacker's online activity. 

Organizations that approach security with an asset-centric model will see a more accurate risk profile of their aggregated digital risk. Organizations identify their critical assets, such as their executive team, and then generate a risk profile for each asset to understand who on the executive poses the most amount of threat of a security breach to that organization over time.  Another significant advantage of asset-centric security is that it eliminates the need to engage multiple security vendors or solutions, saving on administration and costs.

In an asset-centric approach, organizations can streamline their security infrastructure and reduce complexity by relying on a single, integrated solution that addresses all the various threat vectors associated with a particular asset.  In doing so, the management and maintenance of security systems are simplified, and the overall security posture is heightened.

Scaling Asset-Centric Security Through LLMs

Large language models (LLMs) play a vital role in scaling an asset-centric security approach because they can effectively organize data, categorize threats, and attribute them to specific assets. Traditional security approaches often struggle to handle the vast amount of data generated on the internet and categorize them accurately. However, with generative AI powered by LLMs, organizations can leverage advanced natural language processing capabilities to extract insights from massive amounts of data to understand the context and threat. The scalability provided by large language models empowers asset-centric security approaches by enabling comprehensive and efficient threat management at scale.  scalability provided by large language models empowers asset-centric security approaches by enabling comprehensive and efficient threat management at scale. 

Organizations can harness LLMs to gain valuable insights, act, and generate comprehensive reports. How easy would having an LLM summarize the digital threat landscape targeting an organization's CEO be? Furthermore, this approach enables the correlation of the summarized information with global and industry trends, providing a holistic view of the threat landscape. In contrast, such a level of sophistication and comprehensiveness is unattainable with the vector-centric approach due to the complexities of collating the relevant data.

Bolster's unique capabilities to apply large language models across massive datasets gives insights across vectors and provides a comprehensive risk understanding across various assets of an enterprise - employees, domains, and apps. We are working on the next generation of our platform to bring all the intelligence together, focusing more on assets, the target of attack. Asset-centric security will simplify the lives of our customers and their teams by providing both better security and lower friction. It will also provide visibility and easily accessible reporting for analysts who deal with digital threats daily and executives who require a quarterly summary of these threats.