73% of CISOs admit security incidents due to unknown or unmanaged assets

Source: 73% of CISOs admit security incidents due to unknown or unmanaged assets | CSO Online

Author: unknown

URL: https://www.csoonline.com/article/3980431/more-assets-more-attack-surface-more-risk.html

Key Takeaways:

  1. Lack of Asset Visibility and Accurate Management
    Almost three-quarters (73%) of cybersecurity leaders experienced incidents directly linked to unidentified or improperly managed IT assets. Without full visibility into their digital environments, organizations struggle to fully grasp the extent and nature of their potential vulnerabilities, significantly weakening their cybersecurity.

  2. Recognition of Impact on Business Risk
    Approximately 9 out of 10 executives recognize the critical importance of effectively managing the digital attack surface as it directly affects business risk. Security issues stemming from mismanaged or unknown IT assets can have serious consequences, including interruptions in business continuity (42%), harm to customer trust and brand reputation (39%), diminished competitiveness (39%), weakened supplier relationships (39%), and negative impacts on employee productivity and financial performance (38% each).

  3. Inadequate adoption of Proactive Risk Management
    Despite clear recognition of the threat and the potential negative impacts on business operations, only 43% of companies actively use specialized tools for proactive attack surface management. A large majority (58%) stated they lack continuous monitoring processes—even though such proactive security management tools and monitoring are essential for promptly mitigating and containing cybersecurity risks.

  4. Urgent Call to Action
    The survey highlights an increasing urgency for improving cybersecurity posture. Many enterprises remain behind the curve, reluctant or slow in adopting robust security strategies, tools, and ongoing monitoring processes needed to contain their rapidly expanding cyber risks. Cyber risk management must be prioritized at the highest levels to safeguard enterprises effectively.

In conclusion, the Trend Micro survey points to a common cybersecurity challenge: while businesses are aware of the problem and its serious consequences, actual implementation to proactively manage and reduce the attack surface remains limited and inadequate. Chief security officers and business leaders must urgently prioritize comprehensive visibility, proper asset inventory management, continuous risk monitoring, and proactive management to minimize cybersecurity incidents and shield their organization from severe business disruptions.