The proliferation of Shadow IT is creating blind spots and adding to the unknown assets.
The continued expansion of the attack surface has seen seven in ten UK organisations experience security incidents due to unknown or unmanaged IT assets.
According to research by Trend Micro, 96 percent of the 100 respondents pointed to employees’ use of third-party AI tools as an area of concern that’s widening attack surfaces.
Added to that, 38 percent believe that the proliferation of Shadow IT is creating blind spots, which are likely acting as “unknown” assets serving as the trigger for security incidents.
When asked about their approach to attack surface management, however, 82 percent of UK respondents say their current resources are adequate for addressing attack surface challenges and reducing business risk.
On average, 29 percent of cybersecurity budgets are allocated to attack surface management.
Bharat Mistry, field CTO at Trend Micro said: “Attack surfaces are expanding through both authorised and unauthorised uses of IT. A proactive strategy leveraging techniques that anticipate and limit cyber threats before they cause damage is the only answer.
“Our study shows real progress that’s being made in managing growth in attack surfaces via third-party suppliers, but also food for thought on where our industry can go further to establish truly proactive defences that tackle new AI-based threats as well as attack surface blind spots that act as an entry point for attackers.”
Join our webinar on 15th May at 3pm BST where we will be discussing Is SaaS Expanding Your Attack Surface?
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
