Securing What You Can’t See—ITAM’s Role in Closing Enterprise Security Gaps

By: Jon Davis

An abysmal 4% of organizations consider their internet-connected devices and associated technologies secure. Four. Percent.

It’s a figure that would justifiably send enterprise leaders’ minds into a tailspin. IT professionals who handle these devices and technologies are well aware of the endless threats that bad actors want to enact on their organizations. So how can it be that so few businesses have confidence in their asset security?

It's because attackers are not just going after obvious areas of the IT stack. While malware and phishing attacks are not slowing down, new attack methods are emerging–ones that don’t bother going through defenses, but rather around them. We call this “The Overlooked Perimeter”.

And it’s due to bad IT data.

Attack groups are taking advantage of the gaps in data visibility and accuracy that so often plague enterprise IT teams and using them to their advantage. How are attackers bypassing traditional security defenses? They're exploiting the blind spots that exist outside the scope of traditional monitoring tools. Traditional tools like Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) aren’t enough. They only monitor online assets and don’t enable the full lifecycle governance that is needed to protect against new malicious efforts.

Modern IT asset management (ITAM) is essential for protecting your enterprise from these overlooked vulnerabilities.

In this blog, we explore:

The hidden risks that result from poor IT data
The financial and compliance-related costs of consistently unmanaged IT assets
The tangible benefits of accessing accurate, real-time IT data via comprehensive ITAM

Poor IT Data and Asset Blind Spots Mean Lurking Risks

Most enterprise security strategies account for assets–physical and digital–that are online and deployed for current use. They don't take pre-deployed, offboarded, or transitional assets into account. This is where bad actors are striking.

What makes pre-deployed assets vulnerable to attacks? These assets often lack the security configurations and monitoring that come with full deployment, creating windows of opportunity for attackers.

These assets tend to fall outside the purview of traditional IT asset management solutions. Without accurate data of these lifecycle stages, IT opens the door for attacks long before and after they have the chance to fortify assets with their own security measures.

Bad actors are making every effort to bypass your security controls and gain access to your organization.

How do attackers exploit devices in storage or retirement? The answer lies in targeting assets during their most vulnerable lifecycle phases.

For example, attack groups like UNC3944 have accessed network planning details to commit procurement fraud and install and later launch persistence on devices in storage. Black Basta can (and has) reactivated devices in retirement and leaked stolen data from improperly wiped devices intended for recycling.

The only way that your teams can protect against these attacks is if you have full visibility into the asset’s entire lifecycle and accurate data that informs each stage.

Unfortunately, on top of excluding offline, nondeployed, and unknown devices, most traditional tools lack the capability to control hardware and software access, detect and report suspicious activity, or uncover vulnerable, untracked assets. This is particularly concerning, given that survey respondents within the 2025 IDC Spotlight Paper cited shadow IT as a major challenge within their ITAM efforts.

It’s a vicious cycle. IT leaders can’t protect assets they don’t know about. Their current tools don’t deliver that asset data. So, until they find a solution to solve that conundrum, they’re left flying blind as they try to fight off dangerous attacks–and protect their organizations from the very real consequences those breaches have.

The Cost of Ignoring Unmanaged Assets

According to the 2023 IBM Security Cost of a Data Breach Report conducted by the Ponemon Institute, 67% of breaches were not detected by internal security tools or teams, and follow-on analysis indicates that shadow IT, unmanaged or misconfigured assets, and unmanaged data repositories were implicated in over 33% of breaches.

There's a reason that IT leaders so strongly warn against non-IT-approved devices and software and, especially in recent years, are taking such greater measures to expand visibility into every asset. They know the heavy toll attacks take on their efforts, credibility, and the business as a whole.

Far from one-off consequences, these impacts snowball into more complicated problems. The longer IT assets go ungoverned, the greater danger they pose to the organization, such as:

Budget Overruns: As more employees purchase hardware and licenses outside of IT’s processes, spend skyrockets and budgets become unmanageable.
Noncompliance: Shadow IT and unmanaged assets fail to meet compliance standards and result in costly fines.
Data Breaches: Security vulnerabilities can result in data breaches which cost an average of $4.45M to resolve.
Business Disruptions: Depending on the scale of the attack, it can take anywhere from a few hours to a few weeks to resume business as usual, all the while you lose money as a result of operational disruptions.

Cyberattack groups are well aware of the vulnerabilities exposed when unmanaged assets and shadow IT persist within enterprise organizations–and they have wasted no time taking advantage of those vulnerabilities.

Uber faced a major data breach because employees were using unauthorized software that hackers slipped through to access credit card information.
Target dealt with a data breach that exposed their payment system to hackers after employees used unapproved apps that lacked proper security measures.
Okta suffered a series of breaches after a single employee had their personal email account hacked while logged in on a company device.

If organizations are going to protect themselves from these attacks and their consequences, IT leaders need to leverage solutions that not only bring unmanaged assets to light but continuously deliver accurate data so they can cover their entire IT landscape at every lifecycle stage.

Modern ITAM Covers the Overlooked Perimeter

When 69% of organizations lack full visibility into their IT assets, especially those in inactive or transitional states, the need for an ITAM platform to deliver continuous, full-lifecycle visibility cannot be understated.

Thankfully, as revealed in the IDC Spotlight Paper, IT leaders recognize that robust asset management practices, supported by accurate, trusted IT data, can help organizations identify previously unmanaged assets and the users associated with that asset to spot security risks and take the necessary steps to avert crises.

But that’s only possible with a solution that offers much more than traditional capabilities. It’s possible with Oomnitza.

Oomnitza Closes Lifecycle Visibility Gaps

Oomnitza captures complete lifecycle data and orchestrates integrations with procurement, security, HR, and IT operations systems to deliver audit-grade visibility and compliance-ready ITAM. Our platform is:

Designed for the Entire Lifecycle

We establish a persistent, object-based record for every IT asset from initial forecasting through final financial write-off.

You get firm records that support audit, regulatory compliance, and security investigations as well as proactive identification of security gaps before they become attack vectors.

Integrated with the Security Stack

We act as a foundational context layer rather than a replacement for your existing tools.

You get total asset context for accurate threat correlation in SIEM tools. Enriched lifecycle intelligence means fewer false negatives in Cyber Asset Attack Surface Management (CAASM)-based risk reporting.

Built for Automation and Compliance

Lifecycle-triggered automation in Security Orchestration, Automation, and Response (SOAR) platforms allows for compliance, isolation, or disposal workflows. With time-stamped, controlled decommissioning, and secure disposal and data sanitation, you never have to worry about manual compliance measures.

Oomnitza Makes the Overlooked Visible and Defensible

As enterprise IT leaders face more challenges in protecting every asset within their landscape, they will need to transition to ITAM solutions that directly address challenges by delivering clean, accurate IT asset data.

With complete visibility across the entire asset lifecycle, Oomnitza empowers IT teams to transform their data from something simply used for inventory to a strategic advantage in an increasingly complex environment.

Want to take a deeper dive into the specific ways attack groups are circling The Overlooked Perimeter? Read the white paper here.

Curious how your peers view the importance of clean asset data? IDC’s Spotlight Paper has the answers.

Jon Davis

Jon Davis is the Chief Information Security Officer (CISO) at Oomnitza, where he leads the company’s security and compliance strategy with a focus on protecting customer data in today’s complex, distributed IT environments.

Jon joined Oomnitza in 2021—first as a customer, where he experienced firsthand the platform’s transformative approach to modern IT asset management (ITAM). Recognizing the critical gaps it filled in the security space, he made the leap from user to security leader.

As CISO, Jon brings a holistic and forward-thinking approach to enterprise security, bridging secure-by-design product development with the implementation of zero-trust architectures. His work ensures that Oomnitza not only meets stringent regulatory requirements but also proactively protects customers at scale.