Trend Micro Inc. has announced the findings of a new global study indicating that organisations are struggling to define and secure an expanding cyber-attack surface, hampering risk management efforts. To this end, Trend Micro surveyed 6297 information technology (IT) and business decision makers across 29 countries including India to compile the study.

The study revealed that on average, organisations in India have only 67 per cent visibility over their complete attack surface while 95 per cent of organisations have been able to define their attack surface to an extent. Over a 39 per cent of organisations feel completely exposed to cyber risk in case of a cloud outage.

As per the study, visibility challenges appear to be the main reason organisations are struggling to manage and understand cyber risk in these environments. 92 per cent of respondents are concerned about the ever evolving and broadening attack surface, according to the study.

Meanwhile, major investments done in IT modernisation in recent years seems to have created a momentum that is becoming increasingly difficult to manage. 64 per cent of the survey respondents highlighted that their organisation’s digital attack surface is complex but can be controlled.

The attack surface visibility is extremely challenging in the current times due to various reasons such as lacking the right tool, or organizations have too many tools that is keeping information in silos, constant technology innovation, lack of visibility, etc. 41 per cent of respondents feel that their organization’s attack surface has the least visibility over network assets.

Commenting on the study, Sharda Tickoo, technical director, India and SAARC, Trend Micro, said, “IT modernisation over the past two years was a necessary response to the ravages of the pandemic, but in many cases it unwittingly expanded the digital attack surface, giving threat actors more opportunities to compromise key assets. A unified, platform-based approach is the best way to minimise visibility gaps, enhance risk assessments and improve protection across these complex, distributed IT environments.”

Other India specific findings include:-

  • 93 per cent of respondents feel that the C-Suite should play a more vital role in demonstrating good cybersecurity practices
  • 65 per cent of organisations currently have a moderate risk exposure
  • 55 per cent of organisations plan to invest in education for their IT team in 2022
  • 39 per cent of organisations currently use a platform model to manage their digital attack surface
  • 57 per cent of respondents say improved visibility is the greatest advantage of having a platform model

The study notes that the end goal of gaining visibility and control of the digital attack surface is ultimately to better understand and manage cyber risk. The advantages of a platform-based strategy is to eliminate data silos and provide comprehensive enterprise wide visibility into digital assets.