Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More
New data released by Sevco Security examines the security risks enterprises face when they lack visibility across their IT assets, creating significant gaps in their cybersecurity attack surface. The first State of the Cybersecurity Attack Surface report analyzes data from visibility into more than 500,000 IT assets, identifying a surprising number of assets that are missing endpoint protection or not covered by enterprise patch management solutions.
The research shows that lack of visibility into IT assets has created enterprise attack surfaces riddled with vulnerabilities, with 12% of IT assets missing endpoint protection and 5% of IT assets going uncovered by enterprise patch management solutions.
Servers are missing endpoint protection or unpatched
The report also found that enterprises are over-indexing on Windows client protection and not paying enough attention to Windows servers. Windows servers are the most vulnerable target, with 19% of all Windows servers missing endpoint protection, compared to 11% of Windows clients and 12% of MacOS assets.
However, MacOS assets are 2-3 times more likely to be missing patch management than Windows clients and servers. 14% of MacOS are missing patch management vs. 5% of Windows servers and 4% of Windows clients.
Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.
The risks of stale assets
The report also highlights the emergence of “stale” IT assets, which pose an even more insidious risk to enterprises. The report defines stale IT assets as ones that appear in the security control console as being installed on the device but actually haven’t checked in for at least 14 days.
Data from the report shows that 3% of all IT assets are “stale” in terms of endpoint protection, while 1% of all IT assets are stale from the perspective of patch management coverage. The risks that these stale IT assets pose are more difficult to account for because they are essentially ticking timebombs posing as compliant assets.
The findings from the report shine a spotlight on the challenges that enterprises face, and the unnecessary risk that is introduced when they lack visibility into enterprise inventory, creating a cybersecurity attack surface that is impossible to understand and defend.
Read the full report from Sevco Security.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.