A new trend analysis for 2023 compiled by Armis, an asset visibility and security company, shows organizations struggle to prioritize and focus on key security projects against an onslaught of alerts, rising threats and ever-increasing attack surface.
Competing requests from the board and executives alongside a rapid progression in digital transformation projects and compliance regulations cause hidden risks in organizations. Business and IT leaders don’t believe they have these blind spots and exhibit a false sense of confidence in their real-time awareness of these areas of vulnerability.
Analysis of Armis’ 2023 Cyber Security Trends and Cyber Asset Visibility survey showed these trends:
- The biggest cyber challenges identified this year by respondents were:
- Keeping up with threat intelligence (70 percent)
- Allocating cybersecurity resources and budget (47 percent)
- Visibility into all assets connected to the network (44 percent)
- Compliance and regulation (39 percent)
- Convergence of IT and OT (32 percent)
- 94 percent of respondents said they had a live view of all their connected assets, yet when asked how often they updated the inventory, 46 percent said weekly, 30 percent said daily, 15 percent said monthly and 5 percent said quarterly.
- When asked how many devices they think are on their organization’s network, 34 percent said 5,000-15,000, 29 percent said 15,001-25,000, 26 percent said 25,001-35,000, and 10 percent said 35,001-plus. According to proprietary data from the Armis Asset Intelligence and Security Platform collected between January 1 and March 27, 60 percent of Armis’ U.S. customer base has more than 35,000 devices on their network, while nearly a third (32 percent) have more than 100,000 network devices.
- 64 percent of respondents said they had suffered a breach or ransomware attack in the last five years, with 43 percent stating that it had been caused by employee phishing and 26 percent because of an IoT device hack. 20 percent of respondents said that they had suffered a breach due to a known vulnerability that had not been patched, while 12 percent indicated the breach was caused by an unpatched device.
- 62 percent of respondents registered growing concern over the threat of China-made devices in their network. However, respondents consistently ranked connected Chinese or Russian-made devices last in a list of 10 challenges their organization experienced in terms of cybersecurity over the past six months.
- With the escalation in nation-sponsored cyberwarfare and given guidance from CISA, 76 percent of respondents stated that they will prioritize gaining full visibility into their organization’s attack surface.
- However, nearly half (48 percent) of respondents still use spreadsheets, like Excel or Google Sheets, to track their connected asset inventory, with 55 percent saying they use multiple tools.
- Six percent of respondents admitted they do not track unmanaged devices that are connected to their organization’s networks.
- 21 percent of respondents said they only monitor corporate devices.
- 33 percent of respondents also stated they had 10 or more different tools to monitor their asset landscape, with 58 percent saying they used five to 10 different tools.
- 83 percent of respondents expect to connect non-traditional devices, like operational technology (OT), to their corporate network in 2023.
- Respondents ranked in order of priority the importance of securing network infrastructure equipment such as routers, switches (38 percent), personal devices such as laptops, mobile phones (28 percent), IoT devices (25 percent), building systems like HVAC (24 percent) and lastly medical.
The Armis Collective Asset Intelligence Engine tracks more than 3 billion devices. This massive, crowd-sourced, cloud-based asset behavior knowledgebase provides device information such as how often each asset communicates with other devices, over what protocols, how much data are typically transmitted, whether the asset is usually stationary, what software runs on each asset and more. These real-time, contextual insights enable Armis to understand what the asset is, what it is doing, and what it should be doing, comparing asset behavior to “known-good” baselines.
When an asset operates outside of its baseline, Armis issues an alert or can disconnect or quarantine an asset.
Armis will be attending the RSA Conference, April 24-27, in San Francisco at the Moscone Center. Visit the company in booths S-1127 and S-4411. For more details of what the company has planned at the event or to book a meeting, visit: https://www.armis.com/rsac-2023/