Trend Micro has published the results of a survey revealing issues in how UK organisations manage growing cybersecurity risks tied to unknown or unmanaged IT assets.
The survey, which included responses from 100 cybersecurity leaders in the United Kingdom, highlights that seven in ten organisations in the country have experienced security incidents linked to unknown or unmanaged IT assets. Expanding attack surfaces, driven by generative AI tools, remote working trends, and the proliferation of Internet of Things (IoT) devices, are cited as factors behind this challenge.
According to the research, 96% of UK cybersecurity leaders expressed concern about employees' use of third-party AI tools, suggesting that such usage is intensifying the complexity of organisational attack surfaces.
Shadow IT appears to be a notable worry, with 38% of respondents identifying the spread of unauthorised technology as a source of blind spots that act as triggers for security incidents. These blind spots, stemming from IT assets that are not centrally managed or even known to IT teams, are perceived as a significant source of vulnerability.
Despite the reported incidents and growing challenges, a significant majority (82%) of UK respondents say their current cybersecurity resources are sufficient to address attack surface challenges and reduce business risk. Respondents indicated that, on average, 29% of their cybersecurity budget is dedicated to attack surface management.
This confidence, however, appears at odds with the frequency of security incidents linked to unknown assets. The study points to a "clear disconnect between these confidence levels and the number of organisations experiencing breaches via unknown IT assets."
Analysis of the survey responses suggests that part of this misalignment stems from varying levels of proactivity among security teams. Over a quarter (28%) of cybersecurity leaders admitted their organisations address cybersecurity issues primarily on a reactive basis. In terms of using dedicated tools, only 43% reported proactively leveraging attack surface management solutions.
Periodic audits remain the main risk management technique for many. The study found that 52% of UK security leaders carry out periodic audits or rely on third-party assessments to manage cyber risk. Meanwhile, less than half (48%) reported that they regularly update and patch software and systems.
The research suggests that addressing cybersecurity issues only after they arise makes it "inevitable that organisations will be on the back foot in the event of a compromise via unmanaged or unknown IT assets." Even for organisations that consider their approach proactive, a lack of regular auditing, updates, and comprehensive use of management tools can still result in unaddressed vulnerabilities.
Supply chain security emerged as another area of interest. The study reveals that 56% of UK cybersecurity leaders now regularly assess and monitor third-party vendors for security weaknesses, including factoring security checks into the process of onboarding such vendors. This appears to reflect growing awareness of the cyber risks posed by supply chains, particularly in light of several major incidents in recent years.
In terms of testing and assessment, 89% of surveyed leaders indicated their organisations are carrying out penetration testing or vulnerability assessments monthly, with 38% doing so weekly. These practices are viewed as efforts to bolster defences against potential risks introduced by third-party suppliers.
"The enterprise AI genie is out of the bottle and IT security leaders need to get a grasp on the implications. Attack surfaces are expanding through both authorised and unauthorised uses of IT. A proactive strategy leveraging techniques that anticipate and limit cyber threats before they cause damage is the only answer. Our study shows real progress that's being made in managing growth in attack surfaces via third-party suppliers, but also food for thought on where our industry can go further to establish truly proactive defences that tackle new AI-based threats as well as attack surface blind spots that act as an entry point for attackers," Bharat Mistry, Field CTO at Trend Micro, said.
The survey was conducted by Sapo Research and forms part of a global study that reached more than 2,200 respondents across 21 countries. Of these, 100 were based in the UK. The study aims to provide insights into how organisations are managing increasing complexities in their attack surfaces and responding to the rise of Shadow AI, among other trends in the threat landscape.
