Change in security posture grows daily as threat actors, whether financially motivated or nation-state actors, evolve their tactics, tools and Procedures (TTPs). Like water finds ways into every available opening and cracks, so do the attackers. Enterprise drift occurs as the unintended consequences of daily configuration changes in the enterprise environment. From changes in routing configuration, firewall rules, group policies, proxy changes for URL whitelisting or SSL inspection, email domain whitelisting, to certificates expiring, and key processes dying due to software defects, these can potentially weaken enterprise cyber-resilience posture and security coverage gaps appear and expand over time.
Read more in this article for Help Net Security by VP of Customer Success Eyal Aharoni: