Security Exposure Management a Challenge for 82% of Companies
A significant 82% of companies have reported a widening disparity between their security vulnerabilities and their capacity to address them effectively.
This data stems from XM Cyber’s 2024 State of Security Posture Report, derived from a comprehensive survey involving 300 Chief Information Security Officers (CISOs) and key security decision-makers representing major US and UK organizations.
Released on January 9, 2024, the report delves into how organizations are grappling with cybersecurity challenges, uncovering prevalent trends and issues in the industry.
John Gallagher, Viakoo's Vice President of Viakoo Labs, remarked, "The report aligns with observations from various organizations, particularly highlighting the gap between identified vulnerabilities and the ability to resolve them." Gallagher emphasized that many organizations face this challenge due to the absence of tailored remediation solutions addressing specific threat types.
He illustrated this by stating, "For instance, while agent-based IT remediation solutions might be effective in certain environments, they may not work for IoT environments that require agentless solutions. This is crucial as IoT represents one of the fastest-growing attack surfaces."
Another significant trend identified is the heightened commitment toward enhancing vulnerability and exposure remediation efforts, with 87% of surveyed organizations aiming to bolster these within the coming year.
Despite this determination, persistent challenges such as a shortage of skilled personnel and overloaded security teams persist. The survey found that 62% of IT and security teams are actively addressing an average of 12 exposures per week, reflecting evolving threat vectors lacking effective defenses and automated remediation solutions.
领英推荐
The report also underscores the compounding impact of outdated legacy systems and emphasizes the necessity for a novel approach to align these systems with emerging threats.
Moreover, the report highlights the rising focus on cloud-centric security concerns, with 45% of organizations prioritizing cloud infrastructure to fortify their security posture. However, nearly half of the surveyed organizations manage exposures separately for on-premise and hybrid cloud environments, indicating a requirement for integrated cybersecurity strategies.
Additionally, the report emphasizes communication and alignment challenges within organizations, stressing the importance of effectively conveying security posture to leadership.
Gallagher concluded on a positive note, stating, "Multiple stakeholders, including boards of directors, management, compliance regulations, cyber insurance, and customer requirements, are collectively driving increased focus on vulnerability remediation and organizational improvement."
For Further Reference