- Advertisement -
The modern IT landscape becomes more complex every day. It is predicted that more than $ 5.61 trillion will be spent on this year, because companies are constantly expanding their estates.
This eternal growth means that keeping track of everything within the The infrastructure becomes increasingly challenging and many organizations work with considerable blind spots in their networks.
This gives rise to the ‘unknown strangers’ – devices that are not managed and unattended, but still have access to critical business assets. These are the most dangerous types of security gaps, causing vulnerabilities that cannot be closed because they are not even on the radar.
It is time to get past an assumption that “what you can’t see, you won’t hurt” – cyber attackers specifically hide the hidden vulnerabilities that organizations overlook.
The problem with traditional IT activation management
These security gaps are usually not the result of a lack of exercise or investment, but a natural by -product from IT and security teams that do not have the right tools or do not use their tools effectively. Some teams discover 15-30% more devices that were completely of their radar, although they have regularly performed manual audits.
Much of this false sense of security is the result of traditional tools that are unable to see the big whole. Many agent-based scanners and on-premises security aids only give a limited picture and cannot detect all assets on the network. A device may seem to be safe due to the statistics of one tool, but is actually lacking in critical checks when linked to other data in the system.
This is exacerbated by very fragmented IT scenes. Siled teams and disconnected tools make it impossible to achieve a uniform approach to security. Every team may believe that they have control over what they can see, but their data does not come true. Without a simple way to correlate and compare data and processes, the points are not connected.
Inefficient, manual heavy processes also limit teams to performing periodic audits. With IT environments that evolve daily, these audits are outdated when they are completed.
Why these gaps are the largest security risks
The cracks in the visibility of the security can appear in several forms. One of the most common problems is staff Access to business systems via non -managed devices. This is particularly common when the policy of your own device (BYOD) is combined with flexible work, but without the operating elements to support it. Many people still have access to company data with the help of laptops at home that is completely outside the IT department checking. This situation means ignoring a threat that is directly on your network.
We also often find networks that contain sleeping or incorrectly configured assets that seem to be safe and in accordance with the surface. Our data shows that about 10% of the devices are essential cyber security Control elements and 20% are not correctly configured. In the worst case, operating elements do not function at all.
Audit reports can also indicate that a system is offline, but it is still communicating with company networks and therefore still an active security risk.
These unseen and uncovered devices are very vulnerable to cyber attacks and offer threat factors the opportunity to get a foothold in the network without activating security warnings. The compromise of a non -monitoring personal machine offers a cyber criminal a simple path, giving them access to sensitive information about the network and channels such as E -mail for account Takeover (ATO) attacks.
How organizations can close the visibility gap
If an organization does not know that there is an active one, it has no chance to secure it. So how do teams start to find and explain these dangerous unknown strangers?
The first step is to equip the security teams with the right tools, together with the expertise and processes to use them. We often see that companies have invested heavily in a full series of solutions, but many of them are not used effectively or may not be necessary for the needs of the company.
This means that, even with these investments, they may not have a clear picture of the safety of the safety of their estate. It’s not about frequency, it’s about approach. To find and close these gaps reliably, security teams have a complete picture of their entire network and everything that has access to it, and the certainty that this photo is completely accurate and up -to -date.
A strategy for cyber activa Attack Surface Management (CAASM) is central to achieving this visibility and control. This is a very automated approach for possess Discovery, building a list based on what is actually connected to the network and access to systems, rather than an outdated inventory.
As soon as a clear and accurate picture of all assets has been determined, it is possible to start deepening how safe each device is. This means determining whether the correct security controls have been installed, whether they are actually functional and whether they are correctly configured. Correct validation is essential – it is never enough to assume that checks work.
From here it is crucial to keep track of continuous, real -time monitoring for all assets. Again, automation is crucial because the manual correlation of activity data is impossible. Automated tools can compare access logs with IT stocks in real-time and flag inconsistencies.
It is also important to only leave device discovery and to be accountable application Access patterns. Security teams must have a clear picture of which devices have access to important applications and data, so that they can recognize deviations, such as access attempts of devices outside the assets listed list.
Eliminate the blind spots forever
Security frameworks such as Cyber Essentials, ISO 27001 and Nist CSF can offer a good starting point for prioritizing security needs and improving visibility. However, organizations must promote a culture in which non -created assets are proactively identified and secured. Even a single unattended device can open the door for a major infringement, so detecting them must be embedded in daily activities, not treated as an annual or quarterly audit task.
The reality is that many organizations are not aware of the size of their IT blind spots and have the chance to close the gaps with their current possibilities. If you do not have full visibility, make security decisions based on incomplete data. It is as if you lock your front door while leaving the windows wide open – and then pulling down the blinds so that you cannot see the problem.
View the best IT IT software for managing assets.
This article is produced as part of the TechRadarpro expert insight channel, where today we have the best and smartest spirits in the technology industry. The views expressed here are those of the author and are not necessarily those of TechRadarpro or Future PLC. If you are interested in contributing to find out more here: https://www.techradar.com/news/submit-your-story-techradar-pro
- Advertisement -