Cybersecurity

ITAM & SAM: The foundations of modern cyber security

modern cyber security using ITAM and SAM

Scott Massey Customer Relationships Manager

February 3, 2026

“What exactly are we trying to protect? And have we covered everything?”

Those are usually the questions every IT security programme starts with.

But many organisations can’t answer them confidently. Especially when it comes to asset coverage.

That’s because they depend on security tools to detect threats, patch vulnerabilities and block attacks. Then they assume that means the environment is covered.

It rarely is, because security tools only protect what they can see.

Which explains why one study of 2,000 cybersecurity leaders revealed that 74% have experienced a security problem because of unknown or unmanaged IT assets.

IT Asset Management (ITAM) and Software Asset Management (SAM) can fill these visibility gaps and are quickly becoming the base of modern cyber security.

You can’t secure what you can’t see

Cyber security tools excel at spotting malicious activity, and with new AI technology many can even predict and prevent attacks before they even happen.

But they’re limited to what’s “live” in an environment. They don’t have full lifecycle management so it’s possible for devices nearing the end of their use to fall through the gaps.

And if you don’t have 100% accurate data over the hardware you have, where it is, which operating systems are still running, or what software is installed, you’ll always have vulnerability.

These unknown assets become accidental entry points for attacks. Unknown software becomes an unpatched vulnerability. And unknown devices become an unmanaged risk.

This is a big problem. Deloitte’s ITAM Global Survey says that “the lack of cyber security alignment is now considered the greatest concern for ITAM”.

Effective ITAM and SAM remove these unknowns, giving security teams the ideal starting point – a clear picture of the whole environment they’re protecting.

The visibility gaps security tools can’t see

Lack of visibility over your IT estate creates some predictable blind spots that attackers can take advantage of.

Legacy machines

Old or forgotten IT systems usually fall outside security coverage because no-one knew they needed protection. Imagine a long-abandoned Windows 95 machine sitting in a draw. Security tools would never find it. But ITAM could.

Mixed OS and hardware

Older Linux servers, unsupported devices or machines with outdated agents slip through the cracks. Security tooling may give a partial view. ITAM surfaces the entire estate.

These are the assets attackers look for. They’re unmonitored, unpatched and easy to compromise.

To see the potential result, you only need to look at the WannaCry attack on the NHS back in 2017, when unknown, unpatched versions of Microsoft Windows created a door for attackers to get through.

Unsupported, unlicensed software: The hidden security risk

Effective security relies on simple principles:

  • Use supported software
  • Keep it patched
  • License it correctly 

Unsupported or unlicensed applications break these rules immediately.

Unsupported software doesn’t get security fixes. Unlicensed software bypasses governance entirely.

S&P Global states that “effective IT asset management is foundational to cyber-risk management” and that gaps in ITAM “can be indicative of flawed cyber-risk processes.”

SAM exposes these weaknesses by showing versions, end-of-support dates and whether an application belongs in the digital environment at all. If you don’t have that clarity, you’re always guessing about the security, rather than focusing on actual threats. 

Why zero-day response depends on ITAM and SAM

Zero-day threats emerge suddenly, before security tools can detect or block them. When one appears, the first thing a security team needs to know is:

“Where is the vulnerable software installed?”

Security tools may not be ready to answer that.

But ITAM and SAM have the data.

They show exactly which devices run the affected version, so teams can isolate or patch systems immediately.

Fast visibility turns a zero-day vulnerability from a crisis into a contained incident.

Why modern security strategies need ITAM and SAM

Even the best security team can’t protect what they can’t find.

No governance rules can work with unsupported, unknown software.

And no zero-day response can work if your entire IT estate isn’t visible.

ITAM and SAM remove these visibility gaps. They uncover forgotten devices, outdated software, unmanaged assets and show everything on complex estates before they become security incidents.

While security teams work to detect threats, ITAM and SAM define exactly what needs protecting.

Effective cybersecurity doesn’t start with alerts and patching. It starts with knowing what you own, where it is, what it runs and whether it’s supported.Get a free demo of CerteroX and find out how we can help make your IT estate more secure.

Scott Massey

Customer Relationships Manager

Scott is one of Certero’s longest-serving team members, with over 16 years of experience in IT Asset Management (ITAM), Software Asset Management (SAM), and customer success. He plays a pivotal role in building and maintaining strong client relationships, ensuring that customers receive maximum value from Certero’s solutions. Scott’s expertise spans FinOps, onboarding, account management, content creation and strategic partnership development. His deep understanding of Certero’s technology and services makes him a trusted advisor to enterprise clients seeking cost optimization and compliance.

Read more from Scott
Posted by

Read Our Latest News

Plus guidance, hints and tips, read our articles or follow us on LinkedIn

View All Our Blogs
FinOps Certified Platform Logo
Linux Foundation Silver Member Logo
Microsoft Partner Logo
Oracle Partner Logo
ServiceNow Logo
ISO Logo
Cyber Essentials Certified Logo
Cyber Essentials Certified Plus Logo
AICPA Logo
Gartner Peer Insights Logo
FinOps Foundation General Member Logo
Schedule a Demo