U.S. Businesses Struggling to Prioritize Under Weight of Cyber Intelligence Information

New research shows organizations battling with multiple Cybersecurity Asset Management tools leading to huge miscount of devices connected to their networks

SAN FRANCISCO--()--New trend analysis for 2023 compiled by Armis, the leading asset visibility and security company, shows organizations are struggling to prioritize and focus on key security projects against an onslaught of alerts, rising threats and an ever-increasing attack surface.

Competing requests from the board and executives alongside a rapid progression in digital transformation projects and compliance regulations are causing hidden risks in organizations. Business and IT leaders don’t believe they have these blind spots, and exhibit a false sense of confidence in their real-time awareness of these areas of vulnerability.

Some of the trends we are seeing don't bode well in combating the escalation of global threats organizations are facing,” said Curtis Simpson, CISO, Armis. “A lot of progress has been made in bringing awareness and insights to organizations about the threats posed by different device types and threat actors. However, teams are struggling to effectively consume these insights in an agile manner, let alone prioritize tactical and strategic efforts with the greatest business value. The strategy of applying best practices at scale to every asset, everywhere with limited business context is no longer viable nor is it what businesses need today."

Analysis of Armis’ 2023 Cyber Security Trends and Cyber Asset Visibility survey showed the following key trends:

  • The biggest cyber challenges identified this year by respondents were:
  1. Keeping up with threat intelligence (70%)
  2. Allocating cybersecurity resources and budget (47%)
  3. Visibility into all assets connected to the network (44%)
  4. Compliance and regulation (39%)
  5. Convergence of IT and OT (32%)
  • 94% of respondents said they had a live view of all their connected assets yet when asked how often they updated the inventory, 46% said weekly, 30% said daily, 15% said monthly and 5% said quarterly.
  • When asked how many devices they think are on their organization’s network, 34% said 5,000 - 15,000, 29% said 15,001-25,000, 26% said 25,001-35,000, and 10% said 35,001+. According to proprietary data from the Armis Asset Intelligence and Security Platform collected between January 1, 2023 and March 27, 2023, 60% of Armis' U.S. customer base has more than 35,000 devices on their network, while nearly a third (32%) have more than 100,000 network devices.
  • 64% of respondents said they had suffered a breach or ransomware attack in the last 5 years, with 43% stating that it had been caused by employee phishing and 26% as a result of an IoT device hack. 20% of respondents said that they had suffered a breach due to a known vulnerability that had not been patched, while 12% indicated the breach was caused by an unpatched device.
  • 62% of respondents registered growing concern over the threat of China-made devices in their network. However, respondents consistently ranked connected Chinese or Russian-made devices last in a list of ten challenges their organization experienced in terms of cybersecurity over the past six months.
  • With the escalation in nation-sponsored cyberwarfare and given guidance from CISA, 76% of respondents stated that they will prioritize gaining full visibility into their organization’s attack surface.
  • However, nearly half (48%) of respondents still use spreadsheets, like Excel or Google Sheets, to track their connected asset inventory, with 55% saying they use multiple tools.
  • 6% of respondents admitted that they do not actively track unmanaged devices that are connected to their organization’s networks.
  • 21% of respondents said they only monitor corporate devices.
  • 33% of respondents also stated that they had 10 or more different tools to monitor their asset landscape, with 58% saying they used 5-10 different tools.
  • 83% of respondents expect to connect non-traditional devices, like operational technology (OT), to their corporate network in 2023.
  • Respondents ranked in order of priority the importance of securing network infrastructure equipment such as routers, switches (38%), personal devices such as laptops, mobile phones (28%), IoT devices (25%), building systems like HVAC (24%) and lastly medical.

Organizations need to think about their cyber/tech resiliency strategy in three key steps: firstly they need a single source of asset truth across every device that is connected to their network, not just the managed devices,” continued Simpson. “Secondly, visibility provides clarity into the technical and operational debt with the greatest potential for business impact and then lastly, action the intelligence so the technology environment can be optimized in support of resiliency. Regularly repeat the final two steps to ensure a continued focus on what is most likely to disrupt critical business operations and strategies.”

The Armis Collective Asset Intelligence Engine is the world’s largest asset knowledge base tracking over three billion devices – and growing. This massive, crowd-sourced, cloud-based asset behavior knowledge base provides unique device information such as how often each asset communicates with other devices, over what protocols, how much data is typically transmitted, whether the asset is usually stationary, what software runs on each asset and more. These real-time, contextual insights enable Armis to understand not only what the asset is and what it is doing, but what it should be doing, comparing asset behavior to “known-good” baselines. When an asset operates outside of its baseline, Armis issues an alert or can automatically disconnect or quarantine an asset.

Armis will be attending the RSA Conference in San Francisco at the Moscone Center on April 24-27, 2023 and will be located in booths S-1127 & S-4411. For more details of what the company has planned at the event or to book a meeting, please visit: https://www.armis.com/rsac-2023/

Methodology

Armis gathered insights from 230 senior IT decision-makers from organizations with 500+ employees across industries including manufacturing, government, healthcare, financial services, retail, telecommunications and more. Responses were collected in March 2023.

For additional insights and more information, please visit our website to read our blog about this survey here: https://www.armis.com/blog/2023-cyber-security-trends-and-cyber-asset-visibility-survey-insights-from-armis

About Armis

Armis, the leading asset visibility and security company, provides the industry’s first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

Contacts

Media Contact:
Rebecca Cradick,
Senior Director, Global Communications,
Armis
pr@armis.com

Social Media Profiles

Contacts

Media Contact:
Rebecca Cradick,
Senior Director, Global Communications,
Armis
pr@armis.com