Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Saturday, 4 July, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

UK Organisations lack clear path to achieve threat intelligence

New Armis research shows organisations in the dark as they have no accurate inventory of what’s connected to the network 

by Guru Writer
June 6, 2023
in Featured, Press Releases
UK Organisations lack clear path to achieve threat intelligence
Share on FacebookShare on Twitter

New research by Armis shows organisations in the U.K. are facing immediate cybersecurity challenges stemming from a heightened regulatory environment, staffing and recruitment difficulties and an expanded attack surface. 

In this complex environment, threat intelligence has become the top priority on their agenda, but with inventory information often updated infrequently, annually or quarterly in some cases, and a skewed view of what is connected to the network, security breaches are becoming more common.

“Technology environments continue to become more complex through evolving multi-year transformations. Simultaneously, vulnerabilities are disclosed at an unparalleled rate and attackers are evolving their capabilities at scale. In these circumstances, security programs cannot run on intuition,” said Curtis Simpson, CISO, Armis. “Businesses require continuous visibility and intelligence to understand the technical assets powering the business and how the corresponding attack surface can or is being exploited with the potential for material impact.”

Armis’ research on the current cybersecurity landscape in the U.K. uncovered the following findings:

  • Professionals identified the biggest challenges in the past 6 months as:
  1. Keeping up with threat intelligence 
  2. Compliance with cybersecurity regulations and frameworks
  3. Staffing and recruitment 
  4. The ever expanding attack surface
  5. Visibility into all assets connected to the network

Securing the supply chain and the convergence between IT and OT also ranked high with 23.8% and 23.3% professionals respectively highlighting its importance.

  • When asked how often they updated the inventory of assets connected to their network 15.5% of respondents said annually, 14.1% said quarterly, 32.4% said monthly, 22.5% said weekly, only 9.9% said daily, and even 2.8% answered never. If we look at the same study in the U.S. differ, with most companies updating their inventory on a daily and weekly basis.
  • According to proprietary data from the Armis Asset Intelligence and Security Platform collected between January, 2023 and April, 2023, 53% of Armis’ customer base has more than 35,000 devices on their network, while a third (35%) has more than 100,000 network devices. In contrast, when asked how many devices they think are on their organisation’s network 96% of respondents said 35,000 or less, 2.5% said 35,001-100.000 and only 1.5% of respondents said they had 100,000 devices or more.  
  • Most organisations use multiple tools to monitor their connected assets, with 60% using more than 5 tools – and up to 50 in some instances. A quarter (27.5%) of organisations use 3 to 4 different tools to monitor their asset landscape, 7.7% use 1 or 2 tools and 0.8% of IT professionals answered ‘None’.
  • 34.3% of professionals said they monitor all connected assets mainly through a Configuration Management Database (CMDB), 21.3% work with a SaaS visibility solution provider, 8.8% use Manual Spreadsheets and 29.5% said other. Additionally, 6.1% of respondents said they only monitor corporate assets in their organisation or do not monitor all connected devices.
  • Half (54.8%) of respondents said they had suffered a breach or ransomware attack in the last 5 years, with 43.8% stating that it had been caused by employee phishing and 23.3% as a result of an IoT device hack. 16.9% of respondents said that they had suffered a breach due to a known vulnerability that had not been patched, while 13.2% indicated the breach was caused by an unpatched device. These attack vectors closely align with those of the U.S survey.  
  • The three strategies that U.K. companies will be implementing in view of the escalation in nation sponsored cyberwarfare and the guidance from the National Cyber Security Centre (NCSC) are:
  1. Verifying access control with steps such as reviewing employee passwords, implementing MFA or reviewing third party access. 
  2. Reviewing system patching and high severity alerts.
  3. Creating or updating the company incident response plan.

“These research findings show organisations are struggling to monitor all devices in their environment. Without the proper information, prioritisation is going to be a shot in the dark and even a known vulnerability can become the catalyst of an attack. Having a real-time view of all the assets in your environment and understanding asset behaviour will help determine what risk it may pose to the organisation and prioritise remediation,” continued Simpson.

 

ShareTweet
Previous Post

A Roadmap for Becoming a Penetration Tester in 2023

Next Post

Half of UK Employees Suffer From “Sunday Scaries”

Recent News

pentesting

Pentesting is dead. Long live pentesting.

July 3, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

The industries being reimagined by AI

July 2, 2026
geopolitical cyber report

Iran-linked MuddyWater espionage campaign targets organisations across four continents

July 1, 2026
Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

July 1, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol