HomeMalware & ThreatsOrganisations Identify Threats but Struggle to Act Quickly

Organisations Identify Threats but Struggle to Act Quickly

Published on

spot_img

Fragmented tools and manual processes are contributing to an alarming gap between threat awareness and effective Continuous Threat Exposure Management (CTEM). Recent findings reveal that only 41% of organizations boast a fully consolidated view of their cyber risk exposure. This shortfall has tangible consequences, as security teams reportedly devote a staggering 42% of their time investigating risks that often turn out to be low priority or completely non-exploitable.

Furthermore, the research signals a burgeoning reliance on AI-driven CTEM processes, anticipated to nearly double from 37% to 59% over the next two years. This shift indicates that 88% of industry professionals believe automation is crucial for managing the increasing volume of cyber risks.

These insights were published in “The State of Threat Management Report,” released by Filigran, a European open-source threat management organization. The global survey, conducted by the independent research firm Vanson Bourne, engaged 550 security decision-makers and practitioners, shedding light on the current state of threat management.

A significant revelation from this research highlights a disconnect within the industry. As Continuous Threat Exposure Management gains traction as a fundamental framework, organizations appear to struggle with the operational maturity necessary for its effective implementation. A notable term described in the report is the “exposure gap,” which refers to the disparity between recognizing the locations of potential threats and possessing the maturity to prioritize and remediate them continuously.

Despite the average deployment of 14 different threat intelligence feeds by organizations, a significant 61% report an inability to ascertain which vulnerabilities are most likely to be exploited in real-world scenarios. Alarmingly, a mere 38% utilize threat intelligence within a continuously automated validation process. This inefficacy results in security teams spending an excessive 42% of their time investigating risks that ultimately prove to be of low priority.

Julien Richard, co-founder of Filigran, emphasized that the core issue lies not in visibility, but in the ability of teams to act on that visibility swiftly. He points out that organizations are inundated with threat data stemming from myriad feeds and tools. If continuous validation and intelligent prioritization are not employed, this overwhelming data transforms into noise rather than providing clarity. Richard advocates for bridging the exposure gap by connecting threat intelligence directly to exposure validation and risk mitigation, thereby establishing a continuous workflow.

Despite considerable investments in security tools, organizations have struggled to achieve a cohesive view of their cyber risk exposure. Only 41% report that their cyber risk visibility is fully consolidated, and this gap becomes even more prominent outside North America, where entities lag approximately 20 percentage points behind in both consolidated visibility and continuous automated validation. Nearly 90% of participants acknowledge that mere access to threat intelligence is insufficient for mitigating risks if not continuously validated against real-world exposure.

Regional disparities in operational maturity are starkly apparent. For multinational organizations, the geographic split acts as a risk map, indicating that breaches are most likely to occur where operational gaps are most pronounced. North American entities demonstrate the highest operational maturity, with 52% indicating they possess a fully consolidated view of cyber risk exposure. In contrast, organizations in EMEA are situated in the middle, and those in APAC exhibit the most significant gaps, with only 31% claiming to have a consolidated view of exposure and a scant 27% employing continuous, automated validation processes.

Germany stands out as a notable exception; it leads all surveyed nations in adopting automated validation techniques, with a remarkable 58% reporting such capabilities. In turn, German security teams spend only 27% of their time on low-priority or non-exploitable risks, starkly contrasting with the global average of 42%. This indicates that closing the automation gap can reclaim valuable time for security teams while enhancing risk reduction.

The report also highlights that 88% of respondents recognize the inadequacy of periodic assessments in keeping pace with the rapidly evolving threat landscape. Nonetheless, nearly half continue to rely predominantly on manual processes for vulnerability identification and threat analysis, creating a bottleneck that has serious repercussions. An astonishing 84% concur that cyberattacks frequently exploit known yet deprioritized risks. The primary obstacles hindering the validation of exploitable threats include fears of system disruptions (49%), excessive manual efforts (46%), and inadequate integration with existing security processes (42%). Furthermore, alert noise remains a pressing issue, with 89% asserting that its reduction would expedite the identification of alerts that pose genuine business risks.

As Neena Sharma, Head of Customer and Product Marketing at Filigran, remarked, the study quantifies a prevalent issue that security practitioners have grappled with for years. Although the industry has poured resources into detection and intelligence, the absence of continuous validation and prioritization keeps organizations in a reactive stance. This reality underscores the rationale behind Filigran’s development of the XTM platform, designed to facilitate a critical link between awareness and action for security teams.

Looking ahead, 88% of security professionals assert that greater automation is essential for managing the ever-growing volume of risks. While current AI integration in exposure management stands at 37%, respondents anticipate that this figure will rise to 59% within the next two years. A striking 95% agree that enhanced automation would bolster their confidence in focusing on the most pressing risks. However, only 38% have successfully implemented continuous, automated validation processes.

Respondents identified that the areas expected to benefit the most from AI and automation include the identification of vulnerabilities, misconfigurations, exposures (59%), comprehension of relevant threats (56%), and validation of whether exposures are realistically exploitable (54%). Over the next 12 to 24 months, a significant 75% of organizations plan to invest in both cyber risk quantification tools and exposure assessment capabilities, illustrating the urgency of addressing these pressing challenges. An overwhelming 93% concur that procrastinating on cybersecurity enhancements elevates the risk of severe incidents in the future.

In summary, the findings underscore the critical need for organizations to evolve their cybersecurity frameworks toward continuous and automated processes, enabling them to bridge the gap between awareness and decisive action in risk management.

Source link

Latest articles

New AI Security Charter Supported by More Than 70 Cyber Firms

Over 70 Cybersecurity Organizations Commit to Responsible AI Use Through New Charter In a significant...

20 Open-Source Cybersecurity Tools to Explore

Help Net Security Unveils Compilation of 20 Open-Source Cybersecurity Tools Help Net Security has introduced...

GhostApproval Flaw Affects Six Leading AI Coding Assistants

AI Coding Assistants Have a Critical Security Flaw, Experts Warn A recent investigation by Wiz...

GodDamn Ransomware Utilizes PoisonX Driver to Bypass Endpoint Defenses

Title: Emergence of the GodDamn Ransomware: A Disconcerting Evolution in Cyber Threats Cybersecurity experts have...

More like this

New AI Security Charter Supported by More Than 70 Cyber Firms

Over 70 Cybersecurity Organizations Commit to Responsible AI Use Through New Charter In a significant...

20 Open-Source Cybersecurity Tools to Explore

Help Net Security Unveils Compilation of 20 Open-Source Cybersecurity Tools Help Net Security has introduced...

GhostApproval Flaw Affects Six Leading AI Coding Assistants

AI Coding Assistants Have a Critical Security Flaw, Experts Warn A recent investigation by Wiz...