More than 10% of enterprise IT assets are missing endpoint protection and roughly 5% are not covered by enterprise patch management solutions.
The figures come from new research by Sevco Security, which the company has compiled in the State of the Cybersecurity Attack Surface report.
“Attackers are very adept at exploiting enterprise vulnerabilities. Security and IT teams already have their hands full mitigating the vulnerabilities that they know about, and our data confirms that this is just the tip of the iceberg,” James Darby, vice president of customer success at Sevco told Infosecurity Magazine.
The document analyzes data aggregated from visibility into more than 500,000 IT assets and underlines existential and underreported cybersecurity issues in relation to securing enterprises’ assets.
“The uncertainty of enterprise inventory – the elements that make up an organization’s cybersecurity attack surface – upends the foundation of every major security framework and presents a challenge to security teams: it’s impossible to protect what you can’t see,” said Sevco Security CEO J.J. Guy.
For instance, the data found that roughly 3% of all IT assets are “stale” in endpoint protection, while 1% are stale from the perspective of patch management coverage.
“In the case of a stale device, the agent is installed, but it’s not checking in. That results in missing updates and probable malfunctioning agents,” Guy said. “This is particularly insidious because someone might think the agent is installed and working – and therefore the asset is protected – but it isn’t.”
In terms of protecting server assets, Sevco Security suggested that nearly 20% of Windows servers lacked endpoint protection (compared to about 10% of Windows clients and MacOS assets). At the time, the report shows that MacOS assets are two or three times more likely to be missing patch management than Windows clients and servers.
The report comes on the hill of the Equifax 2017 data breach that exposed the personal information of 147 million people.
“Given the success that attackers have exploiting hidden IT assets, it is highly likely that malicious actors will continue to target them until organizations do a better job of developing comprehensive IT asset inventories that accurately reflect their dynamic attack surface,” Guy concluded.
More recently, Marriott International suffered a data breach in July, followed by the UK army website going offline for more than a month following a similar incident.