As the CISO at Armis, I’ve seen first-hand how the cybersecurity landscape is constantly evolving, and organisations across the globe are grappling with how to keep up. In the UK, the situation is no different. Our recent research shows that while UK organisations are prioritising contextually correlated and curated threat intelligence, they are struggling to find a clear path to effectively achieve such outcomes alongside the material challenges being encountered along the way.
The Immediate Cybersecurity Challenges
Organisations are facing immediate cybersecurity challenges due to a heightened regulatory environment, staffing and recruitment difficulties, and an expanded attack surface. Amid these complexities, asset and correlated threat intelligence have emerged as top priorities. However, with foundational asset inventories typically updated infrequently and focused primarily on traditional managed assets (e.g. laptops, mobile devices, servers), related efforts have not had the expected impact; security breaches are becoming more common and continue to go unnoticed until a material impact is experienced.
At a time when the attack surface has grown to an unprecedented level and with the greatest potential for significant business and brand impacts in kind, security programs cannot run on intuition. Organisations must have the continuous visibility and intelligence to understand the technical assets powering the business and how the corresponding attack surface can or is being exploited with the potential for material impact. Legacy technologies are unable to rise up to this challenge and necessary outcome. Only with the right technology partners can these modern resiliency outcomes be achieved.
Key Findings from Our Research
Our research has uncovered several key findings:
UK Organisations are Struggling
Keeping up with threat intelligence, compliance with cybersecurity regulations and frameworks, staffing and recruitment, the ever-expanding attack surface, and visibility into all assets connected to the network have been identified as the biggest challenges in the past six months.
Half (54.8%) of respondents said they had suffered a breach or ransomware attack in the last 5 years, underscoring the urgency of prioritising threat intelligence and ensuring robust cybersecurity measures. 43.8% stated that it had been caused by employee phishing and 23.3% as a result of an IoT device hack. 16.9% of respondents said that they had suffered a breach due to a known vulnerability that had not been patched, while 13.2% indicated the breach was caused by an unpatched device.
There is a Real-Time Inventory Gap
When asked how often they updated the inventory of assets connected to their network, 15.5% of respondents said annually, 14.1% said quarterly, 32.4% said monthly, 22.5% said weekly, only 9.9% said daily, and even 2.8% answered never. This infrequent updating of inventory information is a significant concern as it can lead to a skewed perception of network connections.
Armis passively monitors all assets on your network and in your airspace in real-time without any interference to your day-to-day operation to detect malicious behaviour and stop it as it happens.
Professionals Don’t Know What’s on Their Network
Everything is connected and ongoing transformations are driving a constant evolution of the technology landscape in support of the business. Traditional asset discovery and identification capabilities were built around typical IT assets, but that’s not where environments are evolving. The unprecedented growth of new connected IoT assets and the new focused exploitation of longstanding OT and legacy IoT (network gear, VOIP assets, printers, etc.) has created a massive gap between assets believed to be connected versus the reality of 2023 and beyond.
According to proprietary data from the Armis Asset Intelligence and Security Platform, 53% of Armis’ customer base has more than 35,000 devices on their network, while a third (35%) have more than 100,000 network devices. However, when asked how many devices they think are on their organisation’s network, 96% of IT professionals said 35,000 or less, indicating a significant miscount.
Understanding what is on your network is the foundation of a good cybersecurity strategy. At Armis, our customers say they discover five times more connected assets after deploying our Asset Intelligence and Security Platform.
Security Teams Have Tools Beyond Manageability
Most organisations use multiple tools to monitor their connected assets– EDRs, vulnerability scanners, MDMs, CMDBs, cloud environments –, with 60% using more than five tools and up to 50. These solutions are all managed separately, creating independent data points each of interest to the organisation. Managing and monitoring the vast number of devices connected to the network, and making truly informed decisions on risk is very complex when you have to juggle between tools. The potential for orchestrated outcomes in this situation is also extremely limited, often further compounding existing resource constraints and limiting the opportunity to address such challenges.
The Armis Platform integrates easily with the tools you already have in your security architecture, allowing you to leverage existing investments to achieve greater value and more automated response, while becoming a single source of truth.
Armis Can Help you Overcome Security Challenges with Asset Intelligence
These findings highlight the urgent need for organisations to gain a comprehensive understanding of their technology environments and to prioritise the contextualised use of asset intelligence in protection of business operations and strategic priorities. Without effectively curated and contextualised intelligence regarding what matters most, proactive and reactive prioritisation efforts will commonly be a shot in the dark. This approach is more commonly leading to known vulnerabilities becoming the catalyst of an attack due to an inability to correlate one of many exposures to the potential business impact; let alone identify its exploitation within undiscovered non-traditional assets.
To help organisations navigate these challenges, we at Armis enable you to create a comprehensive and precise asset inventory, understand connected assets and their exposures to reduce risk surface and manage and prioritise asset vulnerabilities and active threats by leveraging contextual intelligence. Harnessing the power of Armis you can achieve comprehensive asset intelligence which will help you make informed business decisions to safeguard your organisation and operations.
This is all thanks to the platform’s Collective Asset Intelligence Engine, the world’s largest asset knowledgebase, tracking over three billion devices and growing. The real-time, contextual insights delivered through the engine enable you and your team to understand not only what the asset is and what it is doing, but what it should be doing, comparing asset behaviour to “known-good” baselines.
Fortune 100 companies already trust the real-time and continuous protection of Armis to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. If you want to know more about our award winning platform book a demo now.
Join Us at Infosecurity Europe
We will be attending Infosecurity Europe in London at the Excel Center on June 20-22, 2023.
Further Insights and Information
To understand how the U.K. trends differ from the U.S., visit 2023 Cyber Security Trends and Cyber Asset Visibility Survey: Insights from Armis.
Share this Article
Get Updates
Sign up to receive the latest from Armis.