In the simplest terms, the “attack surface” is the sum total of resources exposed to exploit within your enterprise. Defending the attack surface was a lot less complicated when a defined corporate “perimeter” existed, neatly separating a company’s assets from the outside world.
But, next-gen technologies (e.g., cloud computing and software-defined networking) have dissolved the perimeter, causing the attack surface to grow exponentially. The Internet of Things (IoT) is a good example of how the window of opportunity for cybercriminals has been blown wide open. Any device connected to the internet can now be the target of a cyberattack.