As we know, it’s not a question of if, but when, a cyber attack will occur against organizations of all sizes and types. Unfortunately, this does include global critical infrastructure that we all rely upon in both our personal and work lives..
New Armis research on Global Attack Surface Management (ASM) shows there’s much room for improvement in how organizations protect and manage their risk and threat landscape. Unmanaged assets continue to represent the fastest growing attack surface, while security teams are often using outdated tools and techniques which are unable to keep up with the evolving landscape or the sophisticated threats targeting its exposures. Independent market research commissioned with Vanson Bourne uncovers the challenges facing global organizations when it comes to managing their attack surface, the impacts breaches have on organizations and how organizations can achieve 20/20 vision when it comes to their attack surface.
Unseen Cybersecurity Risks
On an average business day, 55,686 physical and virtual assets are connected to organizational networks. This rate of growth continues to accelerate each year, reflecting the ongoing expansion of digital connectivity in today’s business landscape.
More problematic is the fact that global respondents shared that only 60% of these assets are monitored, leaving 40% unmonitored and posing the biggest threat to organizations. Even organizations who report having “complete visibility” over the assets connected to the corporate network report that only 65% of assets are monitored on average. This statistic is probably still too optimistic: analysis from our Armis Asset Intelligence Engine reveals that the number of devices monitored on corporate networks is even lower. For instance, in organizations equipped with vulnerability scanners, an average of only 34% of computers complete regular scanning. Notably, the percentage of scanned computers tends to decrease as the organization’s size increases.
Unseen, unscanned or unaccounted assets can introduce critical security exposures – especially if configured non-securely, security updates aren’t installed or patches cannot be applied. While organizations might feel confident that they can see everything on the network, when a security incident hits, it’s likely they don’t have the 20/20 vision they believe they have.
Too Many Tools, Too Many Feeds
Global respondents indicated that their organizations use 11 different tools on average to manage assets connected to their network. It’s hard to imagine in 2023: an organization under attack, sifting through excel spreadsheets when time is of the essence and any delay in response can have catastrophic consequences. Yet 44% of the respondents admit to still using manual spreadsheets to track company assets and related intelligence. Data analysis conducted by the Armis Asset Intelligence Engine reveals that within organizations using manual tools, an average of only 12% of the assets within their corporate network are covered by this process. Managing an asset inventory with spreadsheets means the inventory will never be up-to-date and due to the pace of change, related visibility gaps can only grow.
Another notable reality is the number of different threat intelligence feeds, with just under half (45%) of those surveyed reporting they use 10 or more different sources to collect data relating to threat intelligence. Beyond the number of sources, the main issue lies in the fact that only 58% of the information gathered from threat intelligence sources is actionable, on average. Even when actionable, the use of so many uncorrelated sources can result in both duplicative and conflicting insights. This situation only worsens with unactionable noise. It’s no wonder that cybersecurity teams feel overwhelmed by cyber threat information.
A Clear Correlation
The unfortunate result is 61% of global organizations confirmed they had been breached at least once over the last 12 months, with 31% experiencing multiple breaches during the same period. The top four countries with organizations most likely to report being breached were the U.S., Singapore, Australia and New Zealand.
We see a clear correlation between the large percentage of the attack surface remaining unmonitored and the high rate of breaches experienced over the past year. Unmanaged assets represent the growing attack surface yet organizational cyber tools and programs lack the visibility to understand and manage top cyber risks, exposures and threats. Threat actors are exploiting these material blind spots to execute today’s most impactful cyberattacks.
A New Era
A paradigm shift is needed: IT departments must modernize their approach by consolidating disjointed solutions and leveraging the latest innovative technologies to enable teams with real-time, automated insights and actionable plans. Only by taking an asset centric approach with true asset intelligence, can you truly protect yourself and your organization from modern day cyber attacks.
Armis does exactly that.
The Armis Asset Intelligence Engine feeds the Armis Centrix™ platform. It’s a collective AI-powered knowledge base that monitors billions of assets world-wide in order to identify cyber risk patterns and behaviors. It feeds our platform with unique, actionable cyber intelligence to detect and address real-time threats across the entire attack surface.
At Armis, we help our customers transition from fragmented tools, outdated approaches and unactionable alerts, to a consolidated modern platform with real-time, automated insights and actionable plans. We are committed to ensuring our customers and partners are protected 24/7 and to helping keep the world’s leading organizations, governments and their people safe and sound.
Further Insights and Information
To read the full research report and to understand how some regional trends differ from the global observations, please visit our interactive site https://www.armis.com/attack-surface-management.
Ready to see how Armis Centrix™ behaves in your environment? Check out our Free Trial.