TacitRed announced new survey findings in its “2024 State of Attack Surface Intelligence report.” The research, conducted by Cybersecurity Insiders, a community membership of over 600,000 information technology (IT) security professionals, found that half of U.S. enterprises have immature external attack surface management (EASM) programs despite nearly all respondents indicating an increase in impactful attack surface incidents. Organizations are investing in new technologies and applications to drive digital transformation, but in doing so, have enabled cyber adversaries means to exploit external attack surface exposures.
Also Read: CIO Influence Interview with Rafee Tarafdar, EVP and Chief Technology Officer, Infosys
The 2024 Attack Surface Threat Intelligence report, which aimed at getting a better understanding of the key cyber security microtrends impacting businesses today, provides insights into the challenges, advances, maturity, and best practices for managing external attack surface risk.
“Given increased threats, operational deficiencies, and limited resources, the survey results underscore ample room for growth in maturing the people, processes, and tools necessary for effective EASM,” said Holger Schulze, CEO and founder of Cybersecurity Insiders. “Organizations should evaluate how to move beyond inconsistent and reactive measures and invest in more efficient, proactive, and responsive approaches to attack surface management to enhance their overall cyber posture and resiliency.”
Attack Surface Intelligence Insights and Challenges
Findings indicate that changes in attack surface infrastructure and external-originated incidents are steadily growing, but current tools are not effectively serving security operations teams. include:
- 90% of organizations experienced an increase in impactful attack surface incidents.
- 84% of respondents expressed attack surface dynamics contributing to security incidents.
- Over a third of respondents expressed challenges of coping with too much threat noise (39%) and poor threat intelligence (37%) — contributing to analyst burnout, missed detections, and delayed response.
- Similarly, more than half of respondents (66%) claimed only nominal usefulness in their attack surface threat intelligence tools while 40% expressed challenges in identifying third-party exposures, maintaining accurate internet-facing asset inventory, and detecting active threats.
- Security analysts were a third less positive about tools supporting EASM programs compared to senior management — indicating a gap between tool perception and hands-on efficacy.
Also Read: CIO Influence Interview with Rafee Tarafdar, EVP and Chief Technology Officer, Infosys
EASM Programs Lack Maturity, Not Budget
The maturity of EASM programs varies significantly across organizations. Nearly 50% of respondents report that their programs are in the early stages of development, either in the Initial or Repeatable phases, where risk management remains unstructured and reactive. Only 33% of respondents are in more advanced stages of maturity, having more defined, automated, and optimized capabilities. Technology and healthcare industries claim slightly (10%) stronger maturity compared to government and financial services organizations.
Large organizations (over 2,500 employees) appear twice as likely to have mature programs than smaller organizations – which may be attributed to having more resources and investment. Fortunately, budgets for EASM programs are on the rise with 90% expecting increased investment in EASM tools and threat intelligence. 40% of respondents anticipate a budget increase over 20% compared to the previous year. The findings have major implications for EASM providers as organizations seek to improve processes and evaluate new technologies to address operational gaps.
Additional findings include:
- 90% of organizations experienced an increase in impactful attack surface incidents
- Smaller companies (<2,500 employees) had 60% more incidents than larger companies
- 49% of organizations currently have immature EASM programs
- Near-term program objectives are to improve threat responsiveness (65%) and asset inventory accuracy (59%)
- Over half of respondents anticipate security tool convergence and the application of Generative AI to positively impact EASM programs
- 66% of respondents rated their attack surface intelligence tools as nominally useful
- Professionals (65%) are seeking multi-source, curated, and prioritized threat intelligence
- 90% anticipate budgets increasing for attack surface management and threat intelligence tools – 40% expect an increase of over 20%
Join Cybersecurity Insiders, TacitRed, and an expert practitioner panel as they examine key survey findings, share insights, and explore best practices on the “state of attack surface threat intelligence” webinar to be held on October 22nd at 11am EST.
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
