Enterprises lack confidence in managing attack surface risk

Network security

According to a new report, 60 percent of enterprises have low confidence in their ability to manage attack surface risk.

The study from technology management firm Oomnitza finds businesses increasingly dealing with a hybrid workplace, hybrid cloud, and digital business growth, which makes the ability to manage cyber risk more challenging.

While 64 percent of organizations support a hybrid workplace, more than half (53 percent) have witnessed their remote workforce deviating from security policy. In addition, 80 percent of organizations are pursuing hybrid or multi-cloud infrastructure strategies while experiencing compliance, infrastructure, and misconfiguration visibility and control automation issues.

But against this background there’s a failure to fully understand the IT landscape, 40 percent of organizations have visibility of only 50 to 75 percent of their assets with inconsistent inventory, ownership, type, and lifecycle state information. In response to this changing technology and threat landscape, 46 percent plan to move to a platform approach to secure their IT estate.

“We are pleased that our report shares current attack surface management trends, challenges and issues, and where organizations can mature capabilities,” says Arthur Lozinski, CEO and co-founder of Oomnitza. “Clearly organizations must consider how to better leverage their endpoint, application, network infrastructure, cloud, and security management tools to improve their security posture and cyber resilience — highlighting the need for a platform approach to enterprise technology management.”

The full report is available from the Oomnitza site and there’s an infographic summary of the findings below.

Image credit: fotogestoeber/Shutterstock

Author: Martha Meyer