Most German and UK organizations acknowledge shadow IT as a major security concern according to newly released survey data from Tenable Network Security, Inc with German firms reporting more cyberattacks through shadow assets .
Survey data showed that 88 percent of IT decision makers in UK and German organizations feel shadow IT makes them more vulnerable to cyberattacks. Fifty-five percent of UK respondents and 57 percent of German respondents said that shadow IT has been introduced into their organizations’ environments. Of the organizations currently affected by shadow IT, 65 percent of German IT decision makers said the use of unknown or shadow assets and applications has directly led to a cyberattack within the last 12 months, compared to 45 percent in the UK.
“The presence of unknown or undiscovered assets makes it difficult for security teams to identify and manage the available attack surface,” said Gavin Millard, EMEA technical director, Tenable Network Security. “If organizations want to stay ahead of the curve they need security solutions that provide the continuous visibility required to stop shadow IT from becoming an attack vector.”
When it comes to which departments are deploying shadow IT, UK and German respondents identified engineering (30 percent), design/R&D (27 percent) and finance (25 percent) as the three most egregious offenders.
“The fact that many respondents are feeling the pain of shadow IT isn’t a surprise to the industry, but the numbers were much higher than we expected,” said Millard. “The foundation of security is having insight into what’s in use on the network and it's important that security and operations embrace the needs of the business or they will continue to remain vulnerable to cyber threats.”
According to the research, which was conducted by Vanson Bourne on behalf of Tenable, 38 percent of UK respondents and 50 percent of German respondents expect the use of shadow IT in their organizations to increase in the next year.