Cymulate Survey Finds Consolidation Is Happening, but Only 20% Cite Cost As the Reason
Economic anxiety, staffing challenges, and growing supply chain threats are among other factors impacting cybersecurity spending and planning.
November 16, 2022
PRESS RELEASE
NEW YORK and TEL AVIV, Israel, Nov. 16, 2022 /PRNewswire/ — Cymulate, the leader in cybersecurity risk validation and exposure management, today announced the results of a global survey of more than 1,000 IT and security professionals examining the influence of ongoing uncertainties in cybersecurity and cyber resilience. The 2022 Cymulate Global Readiness Survey investigated the impact of increased geopolitical tensions, economic concerns, and the Great Resignation, as well as more technical aspects such as the rise of supply chain attacks and the efficacy of best practices, on cybersecurity and cyber-readiness within enterprises.
Consolidation of cybersecurity solutions was a key theme within the findings, with 60% reporting their organization is seeking to reduce the number of solutions in use. Notably, only 20% of respondents reported affordability as the main reason, while 23% and 22% cited usability and the need to right-size their security setup as the primary driver of consolidation. "Businesses of all sizes shared that it is no longer about point solutions. With the volume of security tools and data, the need has shifted towards an integrated security suite," said Carolyn Crandall, chief security advocate at Cymulate. Economic anxiety has delayed purchasing, with most respondents noting project delays of three to six months. Interestingly, rising geopolitical tensions like the conflict in Ukraine and the standoff over Taiwan were not cited as having an impact on budget reductions or purchasing decisions.
Additional key highlights of the survey include:
Cybersecurity workers are twice as likely as the overall labor market to be part of the Great Resignation: Twice as many respondents say they are frustrated by their jobs and actively looking for new roles than the average. The rate quadrupled when cybersecurity teams are short-staffed and work conditions have worsened, or the enterprise declined to prioritize basic cyber hygiene principles.
The industry remains challenged with adopting essential cybersecurity hygiene best practices: Though a critical component of shoring up cyber resiliency, roughly one-third to almost one-half of respondents said their enterprises had yet to adopt multi-factor authentication (MFA), improved identity access management (IAM), least privileges adoption, EDR adoption, web protection, and phishing education.
Frequent supply chain attacks are driving cybersecurity preparation: 52% of respondents indicated that they believe supply chain issues to be responsible for up to a quarter of all attacks, while 26% believe it may be as high as half of all attacks. The threat of supply chain attacks is affecting organization's strategies, with 45% of respondents reporting that the vulnerability of the supply chain has led to increased cybersecurity proactiveness and preparation.
The adoption of proactive cybersecurity testing is key to reducing risk and staying in front of evolving threats: 80% of respondents said their organization had adopted some degree of proactive measures. However, only 29% reported their organization had incorporated penetration testing or other baseline measures. Additionally, only 30% of respondents said their organization had incorporated advanced proactive solutions that include breach attack simulation (BAS), attack surface management and vulnerability management, indicating significant room for growth.
With the increasing number of cyber threats and their devastating effects on business revenue, productivity and reputation, Frost & Sullivan projects the global BAS market to increase at a CAGR of 38.5% between 2021 and 2026.
The global survey was conducted on LinkedIn and gathered responses from more than 1,000 IT and security professionals representing a wide range of industries, organization sizes, and specific roles. Of the respondents, 81% occupy a technical role, such as cybersecurity, IT, or DevOps, and 70% are considered decision-makers in the organization, including individuals at the manager, director, and executive levels. The survey includes respondents from North America, Latin America, APAC, and EMEA representing companies ranging in size from less than 500 employees to more than 50,000. In addition, nearly every major industry is represented, including finance, healthcare, manufacturing, retail, and others, yielding a broadly representative sample.
About Cymulate
The Cymulate cybersecurity risk validation and exposure management solution provides security professionals with the ability to continuously challenge, validate and optimize their on-premises and cloud cybersecurity posture with end-to-end visualization across the MITRE ATT&CK® framework. The platform provides automated, expert and threat intelligence led risk assessments that are simple to deploy, and easy for organizations of all cybersecurity maturity levels to use. It also provides an open framework for creating and automating red and purple teaming exercises by generating tailored penetration scenarios and advanced attack campaigns for their unique environments and security policies. For more information, visit www.cymulate.com.
SOURCE: Cymulate
You May Also Like
A Cyber Pros' Guide to Navigating Emerging Privacy Regulation
Dec 10, 2024Identifying the Cybersecurity Metrics that Actually Matter
Dec 11, 2024The Current State of AI Adoption in Cybersecurity, Including its Opportunities
Dec 12, 2024Cybersecurity Day: How to Automate Security Analytics with AI and ML
Dec 17, 2024The Dirt on ROT Data
Dec 18, 2024