When cybersecurity professionals lack a clear understanding of their network topology and layout, they expose their organization to several significant threats.

Lawrence Nunn and Ricky Tan are the co-founders of Cyberspatial. Their need for visualization of virtual landscapes and the experience gained while working against nation-state-level threat actors in Army Cyber, led to the creation of Teleseer.

"Ricky and I were, some of the first officers to branch cyber and we got an opportunity to work in, special programs over at Army Cyber," says Nunn.

In working with the Defense Industrial Base program and defending against nation-state threat actors, Nunn found that many businesses and entities did not truly understand their network.

"They have a whiteboard up, they've got 'Do Not Erase' on it." Nunn says. "They've got a smart guy or gal who's running their network. And they themselves, leadership, and even the technical leadership, they don't know what their network looks like."

As a former armor officer commanding tank platoons, Nunn explains that his experiences led him to understand the need for proper virtual terrain analysis of the cyber domain to be effective.

"We would spend a lot of time understanding the terrain before we went out to do anything," Nunn says. "So it just made sense to me that we would need to understand the terrain in cyberspace."

In military doctrine, Cyber Warfare Publication 3-0.1 [outlines the identification of mission-relevant terrain in cyberspace.

"As defined, mission-relevant terrain in cyberspace includes devices, internal and external links, operating systems, services, applications, ports, protocols, hardware, software, and other technical aspects of a system required for the function of a critical asset."

Teleseer is a tool that can inventory, map, and visually display network traffic at the click of a button.

Nunn further shares some of the risks associated with ineffective network understanding:

1. Ineffective Defense: Without knowing how their network is structured, security professionals may not be able to implement proper security measures. This can lead to vulnerabilities that cybercriminals can exploit.
2. Blind Spots: Incomplete knowledge of network topology can result in blind spots where malicious activities can go unnoticed. Cybercriminals can exploit these blind spots to maintain persistence within the network.
3. Lateral Movement: Understanding network layout is crucial for detecting and preventing lateral movement by cybercriminals. If professionals cannot visualize the network, they may miss signs of lateral movement, allowing attackers to move freely within the environment.
4. Data Exfiltration: Without a clear understanding of the network, it becomes challenging to detect data exfiltration attempts. Cybercriminals can steal sensitive data without detection, leading to data breaches.
5. Slow Incident Response: In the event of a security incident, not knowing the network layout can slow down the incident response process. This gives cybercriminals more time to carry out their activities and potentially cause more damage.
6. Complexity in Patch Management: Understanding network topology is crucial for patch management. Without this knowledge, professionals may struggle to identify which systems need critical updates, leaving vulnerabilities unaddressed.
7. Targeted Attacks: Cybercriminals may study the network topology to conduct targeted attacks. If professionals are unaware of their own network's structure, they are at a disadvantage in defending against such attacks.