Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Read this interactive Choose Your Own Cloud Adventure with Veeam and AWS E-Book
Study Shows 79% of Organizations Acknowledge an Asset Visibility Gap, Leading to 3X More Incidents

Axonius released its 2021 Cybersecurity Asset Management Trends report, which reveals the extremes to which the pandemic escalated lack of visibility into IT assets and how that is impacting security priorities. According to the study conducted by Enterprise Strategy Group (ESG), organizations report widening visibility gaps in their cloud infrastructure (79%, which was a 10% increase over 2020), end-user devices (75%), and Internet of Things (IoT) device initiatives (75%), leading to increased risk and security incidents. However, around nine out of 10 respondents report that automating IT asset visibility could materially improve a variety of security operations.

"Collectively, these assets represent an attack surface that organizations must protect against an ever-expanding threat landscape used by adversaries to compromise infrastructure and carry out malicious activities," said Dave Gruber, ESG senior analyst. "When IT and security teams lack visibility into any part of their attack surface, they lose the ability to meet security and operational objectives, putting the business at risk. In some cases, organizations were reporting 3.3 times more incidents caused by lack of visibility into IT assets."

The report, titled "The Current State of the IT Asset Visibility Gap and Post-Pandemic Preparedness," explores the impact that the pandemic has had on IT complexity and security, and explains the challenges that lie ahead. It also reveals how automating asset management can close visibility gaps caused by the rapid shift to remote work, IoT adoption, and accelerated digital transformation.

"This year's survey once again reinforces that lack of visibility into assets is one of the most critical challenges facing every organization today. Building a comprehensive inventory remains a slow, arduous, often inadequate process, and as a result, more incidents are occurring," said Dean Sysman, Axonius CEO. "However, automating cybersecurity asset management can dramatically improve security and compliance efforts. According to the study, eliminating visibility gaps results in a 50% reduction in end-user device security incidents."

Organizations Plagued by Pandemic-Driven IT Complexity

More than 70% of respondents report that additional complexity in their environments has contributed to increasing visibility gaps. More than half cite the rapid shift to remote work and changes to technology infrastructure necessitated by security and privacy regulations as key reasons for this increased complexity.

Nearly 90% of respondents say that the pandemic has accelerated public cloud adoption. The study also reveals that the majority of organizations have suffered more than five cloud-related security incidents in the last year. Half of the respondents report visibility and management challenges with public cloud infrastructure, mostly associated with data spread across different tools, clouds, and infrastructure.

Participants also anticipate a 74% increase in remote workers, even after pandemic restrictions lift. This requires organizations to develop long-term operating and security plans for hybrid work environments so that IT and security teams do not remain blind to the personal networks and devices supporting remote employees.

Although organizations furloughed many IoT projects during the pandemic, they may not be prepared when these initiatives reignite. Only 34% report they have a strong strategy for maintaining IoT device visibility, while 62% report facing continued challenges with the variety of devices in use.

Remote Work Shifts Priorities and Resources

The rapid move to remote work motivated a significant change in bring-your-own-device (BYOD) policies for 94% of organizations. Pre-pandemic, close to half of the organizations surveyed prohibited using personal devices for corporate activities, but this number has fallen to 29% in this year's study, adding new management and security challenges.

As device diversity increases, IT and security teams are putting more focus on identity and access management (IAM) solutions, with 65% reporting that IAM is more challenging. And security teams are facing increased workloads for investigations, with incidents on the rise.

Investment in Asset Management on the Rise

Organizations depend on an average of eight different tools to pull together asset inventories while reporting intensive, manual processes to pull together the data. On average, it takes more than two weeks to generate an asset inventory, utilizing a combination of tools that weren't built for this task, including endpoint management and security tools, network access controls, network scanning, configuration and patch management, and vulnerability assessments.

With this kind of effort, nearly two-thirds (64%) report asset inventory as an event versus a process, only updating inventories monthly or quarterly. This cadence leaves significant visibility gaps in between, resulting in unmeasurable business risk, and takes away from other priority tasks, such as vulnerability assessments and improved threat investigations and response. Fortunately, realizing the critical importance, more than 80% report plans to increase investments this year to combat the problem.

Published Tuesday, April 27, 2021 4:51 PM by David Marshall
Filed under: ,
Get This Featured White Paper: The Monitoring ELI5 Guide: Technology Terms Explained Simply
You may also be interested in this white paper: Modernized Backup for Nutanix Acropolis Hypervisor
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
DTX-UCX
illuminate
ITW-2021
ONUG Fall
vExpert
Calendar
<April 2021>
SuMoTuWeThFrSa
28293031123
45678910
11121314151617
18192021222324
2526272829301
2345678