Cybersecurity teams need to develop and maintain a set of practices around their online attack surface. These practices must include attack surface visibility and mapping of third-party connections as well as constant assessment of the risks of these connections. Controls must include the ability to detect and alert on risky or broken connections, coupled with automated remediation when feasible.