IT leaders admit having blind spots in attack surface visibility: Report

Despite investing money into cybersecurity, many Canadian organizations — and their global peers — admit they still have visibility problems into their IT systems, which complicates their ability to secure vital data.

According to a recently-released global study for Trend Micro of 6,297 IT and business decision-makers across 29 countries, nearly two-thirds (62 per cent) of all respondents — including 60 per cent of Canadian participants — acknowledged having blind spots in trying to secure their attack surface.

Cloud assets were listed as the area where organizations have the least insight (37 per cent of all respondents and 41 per cent in Canada) followed by networks (34 per cent globally) and end-user assets (29 per cent globally).

Nearly three-quarters of all respondents said they are concerned with the size of their digital attack surface, with 31 per cent saying they are “very concerned.” Forty-three per cent said their attack surface is spiraling out of control.

The numbers are included in a study on why organizations are having trouble managing cyber risk called Mapping the Digital Attack Surface.

Greg Young, vice-president of cybersecurity and corporate development at Trend Micro Canada, said the high number of participants admitting there is a visibility problem is good news: At least officials aren’t denying there is a problem.

“It’s unfortunate technology is changing so much that it creates so many blind spots,” he said in an interview.

“I think what’s happened is a fascination with point solutions, and the James Bond-ian fixation with [protecting against] zero-day attacks has been very unhealthy. We saw this with some [security vendor] companies over-rotating their marketing and scare tactics around zero-days and the like, when technology changes like cloud and IoT are great challenges.

“The organizations that are leaning forward now are investing their time and money on attack surface management” — both external and internal — “and then can I get a picture of risk from that.”

Among the other findings, nearly half of all respondents said misconfiguration of cloud assets is their biggest risk exposure.

That’s a reflection of the fact that cloud security is different from IT security, Young said. And if the organization has moved to a multi-cloud environment, it’s even harder to manage. It doesn’t help that each cloud platform has its own tools for operations and security, he added.

“There’s some great technology to solve the great percentage of cloud misconfigurations. Cloud security posture management (CSPM) has been around for a few years, and it can work really well for a lot of the issues … This is one of the cases where you should use automation, use machine learning to see and fix a lot of things.”

The most disappointing response in the survey, Young said, was that only 44 per cent of respondents believe phishing emails are the primary way cyber attacks start. Trend Micro believes the vast majority of attacks start with phishing. “Clearly more work needs to be done there,” Young said.

The end goal of gaining visibility and control of the digital attack surface is ultimately to better understand and manage cyber risk, says the report.

It advises IT and security leaders to

–gain visibility into all assets and attack vectors;

–use that data to continuously calculate risk exposure;

–then invest in the right controls to mitigate that risk.

Read More

Leave a Comment