Blockchain Insights North America

Cyber Assets in an Organisation Outnumber Employees 500:1 Finds JupiterOne

JupiterOne, a cyber asset attack surface management (CAASM) platform provider, has analysed more than 370 million assets at nearly 1,300 organisations in its 2022 State of Cyber Assets Report (2022 SCAR). The report reveals the current state of enterprise cyber assets – cloud workloads, devices, networks, apps, data, and users.

The top findings include:
The expanding attack surface puts organisations at risk

The enterprise technology ecosystem is being rapidly reshaped by API-first, cloud-first, and digital transformation initiatives, but they come at a high cost to security. As more assets are deployed into enterprise production environments, companies face an increased risk of a cyberattack that starts by exploiting unknown, unmanaged, or poorly managed internet-facing assets. The modern attack surface has grown too large and complex for security professionals to manage using traditional, manual approaches to the asset lifecycle.

Security teams have too many assets to secure

Security teams are fatigued and understaffed. Teams have an unprecedented number of assets to inventory, manage, and secure across a cloud-based organisation. The report found that, on average, modern security teams are responsible for more than 165,000 cyber assets, including cloud workloads, devices, network assets, applications, data assets, and users. With cybersecurity talent in short supply, organisations need to help their existing teams become more efficient.

Cloud is huge and is here to stay

Cloud deployments are taking over as the de facto deployment model in companies of all shapes and sizes, leading to 97 per cent of security findings coming from cloud assets. Nearly 90 per cent of device assets in the modern organisation are cloud-based, meaning physical devices such as laptops, tablets, smartphones, routers, and IoT hardware represent less than 10 per cent of total devices. Cloud network assets outnumber physical networks by a ratio of nearly 60:1, yet analysis of nearly 10 million security policies found that cloud-specific ones represent less than 30 per cent of the total.

Understanding asset relationships provides an opportunity for improvement

Most security teams pay little attention to the indirect relationships between users, devices, networks, and critical data. Just eight per cent of queries asked the JupiterOne platform to consider second-degree or third-degree relationships between assets. Data, including critical data and sensitive information, is among the most-related types of assets, with 105 million first-degree relationships (i.e direct access from) to users, apps, devices, and workloads. The analysis also uncovered nearly 45 million relationships between security findings, indicating that many security backlogs contain findings identified as critical vulnerabilities or policy exceptions.

This leads to the average security team being blind to some security risks, and many are under-resourced or under-skilled to fully understand the risk of potential compromises. Organisations need to invest in cloud-native security tools that allow for automation and data-driven decision-making, helping security teams gain true visibility of their cyber asset landscape and asset relationships.

Additional 2022 SCAR findings:
  • Cyber assets significantly outnumber employees in the enterprise. The average organisation has well over 500 cyber assets for every human employee, making automation a requirement for security success.
  • Devices are proliferating. Devices, including hosts, agents, and other device-related assets, are still an essential part of cybersecurity. The ratio of devices to every employee at the average organisation is 110:1. The average security team is responsible for 32,190 devices. Additionally, nearly 90 per cent of modern device inventories are cloud-based.
  • Ultra-reliable dynamic network architectures demand new, automated approaches to security. Modern DevOps teams use network interfaces to route traffic between subnets by hosting load balancers, proxy servers, and network address translation (NAT) services. Static IP addresses comprise fewer than one per cent of network assets, while network interfaces make up 56 per cent. The dynamic attack surface demands new, automated approaches to security.
  • Modern organisations are highly vulnerable to software supply chain attacks. The analysis of over 20 million application assets found that just nine per cent of applications were homegrown, or developed in-house, while 91 per cent of code running in the enterprise was developed by third parties.

The tech analyst firm Gartner recognised JupiterOne as an ‘on the rise’ vendor for CAASM in its most recent report on Hype Cycle for Security Operations, 2021, released in July 2021.

Author

  • Francis is a journalist with a BA in Classical Civilization, he has a specialist interest in North and South America.

Related posts

The Future of Banking To Be Driven by Artificial Intelligence; New Report States

Tyler Pathe

Data Gathering Costs Reduced as ACI Introduce Omnichannel Payment Analytics

Francis Bignell

COVID-19 Emphasises the Need for Impact Investment and the use of Technology in Deploying It

Polly Jean Harrison