Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
New data released by Sevco Security examines the security risks enterprises face when they lack visibility across their IT assets, creating significant gaps in their cybersecurity attack surface. The first State of the Cybersecurity Attack Surface report analyzes data from visibility into more than 500,000 IT assets, identifying a surprising number of assets that are missing endpoint protection or not covered by enterprise patch management solutions.
The research shows that lack of visibility into IT assets has created enterprise attack surfaces riddled with vulnerabilities, with 12% of IT assets missing endpoint protection and 5% of IT assets going uncovered by enterprise patch management solutions.
Servers are missing endpoint protection or unpatched
The report also found that enterprises are over-indexing on Windows client protection and not paying enough attention to Windows servers. Windows servers are the most vulnerable target, with 19% of all Windows servers missing endpoint protection, compared to 11% of Windows clients and 12% of MacOS assets.
However, MacOS assets are 2-3 times more likely to be missing patch management than Windows clients and servers. 14% of MacOS are missing patch management vs. 5% of Windows servers and 4% of Windows clients.
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
The risks of stale assets
The report also highlights the emergence of “stale” IT assets, which pose an even more insidious risk to enterprises. The report defines stale IT assets as ones that appear in the security control console as being installed on the device but actually haven’t checked in for at least 14 days.
Data from the report shows that 3% of all IT assets are “stale” in terms of endpoint protection, while 1% of all IT assets are stale from the perspective of patch management coverage. The risks that these stale IT assets pose are more difficult to account for because they are essentially ticking timebombs posing as compliant assets.
The findings from the report shine a spotlight on the challenges that enterprises face, and the unnecessary risk that is introduced when they lack visibility into enterprise inventory, creating a cybersecurity attack surface that is impossible to understand and defend.
Read the full report from Sevco Security.