Cobalt, a company that offers Pentest as a Service (PtaaS) to allow businesses to operate more securely, has recently released its inaugural OffSec Shift Report. This report reveals the shifting trends in cybersecurity, highlighting the blending of offensive and defensive approaches and the improved protection experienced by those at the forefront of this shift.
After conducting a survey of more than 1,200 security professionals across various roles in the U.S. and U.K., Cobalt revealed some key findings. One of the main takeaways from the report is that while 47% of respondents increased their defensive cybersecurity spending, 41% of them still lack confidence in their company’s current defensive measures. It was also noted that companies that decreased their security budget in the last year were 81% more likely to express doubts about their defensive capabilities. Accordingly, 74% of respondents believe that defensive measures are not enough and advocate for more budget allocated towards offensive security measures.
The report also sheds light on the increasing popularity of red team operations, with 84% of respondents expecting to increase their budget for red team activities in 2024. This reflects an average increase of 33%, indicating the growing emphasis on offensive security measures. It was found that 63% of respondents reported conducting more red team exercises in 2023 than in 2022, showcasing a clear upward trend.
Furthermore, the impact of increased offensive security testing was evident, with 75% of respondents noting that their companies now conduct more regular penetration testing annually compared to the previous year. Among these companies, 82% agreed that increased penetration testing led to a decrease in successful breaches by over 50% in the past 12 months. Additionally, 86% stated that increased penetration testing significantly accelerated their team’s incident response.
The financial impact of data breaches was also covered in the OffSec Shift Report. According to the findings, 75% of respondents reported an increase in the financial impact of data breaches, with each breach costing companies an average of $1.65 million. This data underscores the necessity for organizations to strike a balance between defensive and offensive security measures, with 93% of those who invested in “purple team” operations in 2023 affirming that the integration of red and blue teams enhanced their company’s cybersecurity capabilities.
Caroline Wong, Chief Strategy Officer at Cobalt, emphasized the significance of the OffSec shift, describing it as a necessary reaction to the evolving threat landscape and market conditions. She stressed the importance of incorporating offensive measures into cybersecurity strategies, especially given the ever-changing risks faced by organizations.
In light of these findings, it is more critical than ever for businesses to develop mature offensive cybersecurity measures in conjunction with existing defensive controls. This dual approach enables companies to proactively identify and address potential vulnerabilities, while also safeguarding sensitive data and ensuring operational continuity.
The release of the OffSec Shift Report marks a significant milestone in the cybersecurity industry, providing valuable insights into the evolving security landscape. Businesses and security professionals are encouraged to explore the full report to gain a deeper understanding of the trends and challenges outlined. Interested individuals can access the complete report by visiting https://resource.cobalt.io/offsec-shift.
Cobalt, known for infusing manual security testing with speed, simplicity, and transparency, offers its Pentest as a Service (PtaaS) model to empower organizations to keep pace with their evolving attack surface and agile software development lifecycles. With a modern SaaS platform and a community of over 400 trusted security experts, Cobalt is dedicated to delivering security testing that aligns with business objectives, maximizes internal resources, and ultimately creates stronger security programs. Through its innovative solutions, Cobalt aims to enable organizations to operate securely and fearlessly, while fostering a culture of continuous innovation.