Around the world organizations are facing unprecedented cyber risk due to blind spots in their environment with security teams overwhelmed with threat intelligence data which lack actionable insights. 61% of global organizations confirmed they had been breached at least once over the last 12 months, with 31% experiencing multiple breaches during the same period.
Watch the VideoIn May 2023, Armis surveyed 900 IT security and IT decision makers of large global organizations in the U.S., UK, France, Germany, Singapore, Australia and New Zealand seeking to understand the key challenges they faced managing their ever-changing attack surface.
Data Breaches on the Rise
61% of global organizations confirmed they had been breached at least once over the last 12 months, with 31% experiencing multiple breaches during the same period.
Unmonitored Assets Pose Threats
On an average business day, 55,686 physical and virtual assets are connected to organizational networks. Global respondents shared that only 60% of these assets are monitored on average, leaving 40% unmonitored.
Threat Intelligence Data Overload
45% report using 10 or more different sources to collect data relating to threat intelligence. Only 58% of the information gathered is actionable, leading to 29% of respondents saying their cybersecurity team is overwhelmed.
Shadow IT Rampant
75% of global respondents say employees are downloading shadow IT to connected assets in the work environment at least some of the time, with a quarter (25%) reporting that this happens all the time.
United States
78% report that their organization had been breached as part of a cyber attack in the last 12 months.
Ten or more sources are used to collect data relating to threat intelligence, 59% rely on 10-20 sources. 28% said that their organization’s cybersecurity team feels overwhelmed by cyber threat information.
The U.S. is the most likely to report (71%) having an official BYOD policy that is enforced across all employees, far higher than the global average (54%).
United Kingdom
39% of IT security and IT decision-makers admit to feeling challenged by the U.K.’s increasingly complicated regulations and governance requirements.
77% of respondents indicated a lack of visibility over employee owned assets connected to the business environment, and 78% reported a lack of control and management.
67% of employees are putting their businesses at risk by downloading apps and software without the knowledge of IT or security teams information.
France
53% of French organizations lack complete control and management over the company owned and managed assets connected to their environment.
55% say their organization was breached in a cyber attack in the last 12 months, 28% experienced multiple breaches during the same period.
Loss of productivity (45%) and reputational damage (42%) are the most common consequences of being breached.
Germany
Two-thirds of assets connected to business networks are not completely controlled and managed, introducing critical cybersecurity gaps.
Only 29% of organizations report having complete visibility over assets connected to the company network, the lowest average globally. Consequently, 91% believe improvements are needed in this area.
66% of companies lack complete control and management of the assets connected to their network.
Singapore
70% say their organization was breached as part of a cyber attack in the last 12 months, and 26% experienced multiple breaches in the same period.
On an average business day, 56,400 physical and virtual assets are connected to organizational networks. Only 51% of these assets are monitored, leaving half (49%) unmonitored.
IoT security is the top challenge in region, followed by outdated legacy infrastructure and balancing the need for security with the desire to innovate and adopt new technologies quickly.
Australia and New Zealand
74% say their organization was breached in a cyberattack in the last 12 months, 41% experienced multiple breaches.
10 different sources are used to collect threat intelligence data. However with just 49% to 53% of related processes automated, only 55% of the information gathered is actionable.
Organizations account for only 57% of asset attributes i.e. asset location or support status.
Highlights from the Report
New research from Armis and VansonBourne uncovers critical trends and challenges that many organizations around the world are facing in safeguarding their entire attack surface.