The Illusion of Truth: Why Modern Cyber Resilience Starts With Knowing What You Actually Have

Nov 21, 20253 min

Justin Coker

VP EMEA, Axonius

In cybersecurity, there’s a question I often ask leaders, one that never fails to spark an awkward silence:

“Would you bet your job on your asset count?”

In a room full of accomplished security and IT professionals recently, not one hand went up.

That silence says everything. Because in 2025, the biggest risk most organizations face isn’t a zero-day, or ransomware group, or state-sponsored attacker. It’s the illusion that they understand their own environment.

To explore this theme, I sat down with someone uniquely qualified to talk about the gap between perception and reality: Duncan Hayes, who’s a veteran of some of the largest cyber incidents in modern history: from Equifax to the Bangladesh Bank heist.

What followed was one of the most honest conversations I’ve ever had about cyber resilience, transformation, and the hard truth about asset visibility.

“The CMDB said we had 8,000 assets. Axonius showed that we actually had 15,000.”

When Duncan joins any business, his first question is simple:

“What exactly am I protecting?”

Like many leaders, he was pointed toward the CMDB, and like many leaders, he quickly discovered what he already suspected:

“In my experience, CMDBs are at most 40% accurate.”

This wasn’t negligence. It’s reality.

Years of transformation, cloud adoption, remote work, break-fix changes, and shifting priorities create drift. Documentation lags. Inventory becomes fiction.

What Duncan Found During the Axonius Proof of Value (POV)

One example Duncan shared with me, was when his team ran Axonius as part of a proof of value exercise, the results were immediate and unignorable:

  • Expected asset count: ~8,000

  • Actual asset count: 15,000+

That gap, nearly double the expected count, represents:

  • unmanaged endpoints

  • unmonitored cloud resources

  • unpatched servers

  • tools deployed but not reporting

  • blind spots no security leader can afford

According to Duncan:

“Having the truth opened doors across the business. Suddenly we were dealing in reality, not hearsay.”

With accurate asset intelligence, silos dissolved. Infrastructure teams, end-user computing teams, and security were all operating from the same source of truth.

From Busywork to Cyber Work

One of the most striking examples Duncan shared was around vulnerability management.

Before Axonius, a single analyst was spending 50–60% of their time simply trying to collect data:

  • pulling spreadsheets

  • deduping records

  • hunting down missing inventory

  • validating whether tools were installed or reporting correctly

After Axonius?

“He finally got to do the job he was hired to do, analyze risk and fix issues. Not chase spreadsheets.”

That analyst eventually became the leader of the entire function.

When the Breach Happens, Illusions Collapse Immediately

Duncan has responded to some of the biggest incidents of the past two decades, and one principle has never changed:

When a breach happens, the illusion of truth vanishes, and reality hits hard.

He shared example after example where unmanaged, unknown, or unmonitored assets were the root cause of compromise.

In the Equifax breach, the two exploited servers weren’t even in the asset inventory.

In another case, Duncan recalled spending 14 hours triaging an incident; Time that could have been reduced to mere minutes with proper asset visibility.

And with attacker dwell time shrinking from 256 days to a matter of hours, the stakes couldn’t be higher.

“You get a golden hour. If you don’t have the map, you can’t find the battle, let alone stop it.”

Truth Changes Culture

Another compelling insight from Duncan, was how asset intelligence transformed not just technology, but relationships.

Security, infrastructure, and executive teams stopped debating what was real, because they all finally had the same picture.

Leadership embraced the transformation because they had no political attachment to past assumptions. And once they saw the data, they backed the program immediately.

“Cyber isn’t a blocker. It’s a team sport. But you can’t play if everyone is looking at a different scoreboard.”

Parting Wisdom: Move From Illusion to Truth

As we closed the conversation, I asked Duncan what he’d want every IT and security leader to remember:

“You have to move to the truth, not the illusion of it.” “You need near real-time data.” “You can’t rely on tools that were good 10 or 20 years ago.” “And, Asset intelligence isn’t a nice-to-have. It’s the foundation for cyber  resilience.”

Take action, see how Axonius can help you and your business become more cyber resilient today: https://www.axonius.com/platform

Categories

  • Asset Management
Get Started

Get Started

Discover what’s achievable with a product demo, or talk to an Axonius representative.

  • Request a demo
  • Speak with sales