Trend Micro has published a study revealing that seven in ten UK organisations have experienced security incidents due to unknown or unmanaged IT assets as attack surfaces continue to expand with the rise of generative AI, remote working and use of IoT devices.
The research, which surveys 100 UK cybersecurity leaders as part of the global study finds that almost all (96%) of respondents point to employees’ use of third-party AI tools as an area of concern that’s widening attack surfaces.
Added to that, 38% believe that the proliferation of Shadow IT is creating blind spots, which are likely acting as “unknown” assets serving as the trigger for security incidents.
Misalignment on the impact of Shadow IT and AI
When asked about their approach to attack surface management, however, 82% of UK respondents say their current resources are adequate for addressing attack surface challenges and reducing business risk. On average, 29% of their cybersecurity budgets are allocated to attack surface management.
There is a clear disconnect between these confidence levels and the number of organisations experiencing breaches via unknown IT assets.
Gaps in attack surface visibility
When digging deeper, the data reveals that a misaligned view of attack surface management could also be due to how proactive teams are in discovering what the real risk is. Over a quarter (28%) admit their organisation is addressing cybersecurity issues on a reactive basis, and only 43% proactively leverage dedicated attack surface management tools.
Added to that, 52% of UK cybersecurity leaders only carry out periodic audits or third-party assessments to manage risk, with fewer than half (48%) regularly updating and patching software and systems.
Addressing cybersecurity issues on a reactive basis makes it inevitable that organisations will be on the back foot in the event of a compromise via unmanaged or unknown IT assets. Even for those who claim to be responding to issues proactively, a lack of auditing, regular updates and use of dedicated attack surface management tools amounts to blind spots that can still see these organisations caught by surprise.
Promising supply chain awareness
Elsewhere in attack surface management, the study found that 56% of UK cybersecurity leaders report regularly assessing and monitoring third-party vendors for security vulnerabilities and factoring security into vendor onboarding.
This indicates a growing recognition of the cyber risks lurking in supply chains highlighted in major cyber incidents over the past three years. Almost all (89%) surveyed are pen testing or conducting vulnerability assessments monthly, with 38% doing so weekly. This will further strengthen efforts to manage cyber risks posed by third parties and the role they play in attack surfaces.
Bharat Mistry, Field CTO at Trend Micro said “The enterprise AI genie is out of the bottle and IT security leaders need to get a grasp on the implications. Attack surfaces are expanding through both authorised and unauthorised uses of IT. A proactive strategy leveraging techniques that anticipate and limit cyber threats before they cause damage is the only answer. Our study shows real progress that’s being made in managing growth in attack surfaces via third-party suppliers, but also food for thought on where our industry can go further to establish truly proactive defences that tackle new AI-based threats as well as attack surface blind spots that act as an entry point for attackers.”
