Pentera’s latest research has unveiled that a substantial 93% of enterprises admitting to a breach have faced significant consequences, ranging from unplanned downtime to data exposure or financial loss. This alarming statistic underscores the escalating challenges organizations encounter in safeguarding their digital assets against evolving cyber-threats.
Published today, Pentera’s report comprehensively analyzes how enterprises worldwide have embraced security validation strategies in response to these pressing concerns. According to the findings, enterprises are allocating a considerable portion of their IT security budgets, averaging $164,400, to pentesting programs. These initiatives serve multiple purposes, including validating the efficacy of security controls, gauging potential attack impact, and prioritizing security investments.
However, the report also reveals significant gaps in security testing frequency compared to the pace of changes in the IT environment. While 73% of enterprises undergo IT changes at least quarterly, only 40% conduct pentesting with similar regularity. This discrepancy exposes organizations to prolonged periods of vulnerability, leaving them susceptible to cyber-threats.
Furthermore, security teams are grappling with the escalating volume of security issues, with over 60% of enterprises facing a minimum of 500 security events requiring remediation weekly. Despite deploying an average of 53 cybersecurity solutions per organization, half of enterprises reported a breach in the last 24 months, highlighting the limitations of technology in ensuring comprehensive security.
Jason Mar-Tang, Pentera’s Field CISO, emphasized the critical need for proactive risk validation in today’s dynamic threat landscape. “The results of our latest report are indicative of the increasing infrastructure complexity of organizations today and the rising challenges that security teams face along with it,” the executive said.
The report, compiled based on surveys conducted with 450 CISOs, CIOs, and IT security leaders from large enterprises worldwide, offers valuable insights into the evolving cybersecurity landscape. To delve deeper into the implications of these findings, Pentera’s Mar-Tang is hosting a webinar on April 30 featuring industry expert Matt Bromiley, an analyst at the SANS Institute.