Threat intelligence is a priority but organizations lack network visibility

New research from asset visibility and security company Armis shows threat intelligence has become a top priority, yet organizations don't have a clear view of their networks.

The study of 400 IT professionals across the UK shows the top challenges they faced in the last six months as: keeping up with threat intelligence, compliance with cybersecurity regulations and frameworks, staffing and recruitment, an ever expanding attack surface, and visibility into all assets connected to the network.

"Technology environments continue to become more complex through evolving multi-year transformations. Simultaneously, vulnerabilities are disclosed at an unparalleled rate and attackers are evolving their capabilities at scale. In these circumstances, security programs cannot run on intuition," says Curtis Simpson, CISO at Armis. "Businesses require continuous visibility and intelligence to understand the technical assets powering the business and how the corresponding attack surface can or is being exploited with the potential for material impact."

Most organizations are using multiple tools to monitor their connected assets, with 60 percent using more than five tools, and up to 50 in some instances. A quarter (27.5 percent) of organizations use three or four different tools to monitor their asset landscape, 7.7 percent use one or two and 0.8 percent of IT professionals don’t use any.

Over half (54.8 percent) of respondents say they have suffered a breach or ransomware attack in the last five years, with 43.8 percent stating that it had been caused by employee phishing and 23.3 percent as a result of an IoT device hack. 16.9 percent of respondents say that they had suffered a breach due to a known vulnerability that had not been patched, while 13.2 percent indicate the breach was caused by an unpatched device.

"These research findings show organizations are struggling to monitor all devices in their environment. Without the proper information, prioritization is going to be a shot in the dark and even a known vulnerability can become the catalyst of an attack. Having a real-time view of all the assets in your environment and understanding asset behavior will help determine what risk it may pose to the organization and prioritize remediation," adds Simpson.

You can read more on the Armis blog.

Image credit: artursz/depositphotos.com