Automation is a critical capability for a proactive security strategy says a new report from automated endpoint and vulnerability management company Syxsense and Omdia, a global analyst.
The research surveyed over 400 respondents including decision makers from North America and Europe, Middle East, and Africa (EMEA), at small and midsize business (SMB)+ sized companies across a variety of industries.
“Today, too many vulnerabilities go undetected — or if detected, unpatched or not remediated in a timely manner — as organizations still grapple with limited resources or expertise to shore up their vulnerability management strategy,” says Ashley Leonard, CEO at Syxsense. “Fortunately, proactive security technology is evolving rapidly to address this issue, offering capabilities beyond simple reactive strategies. For example, the strong demand for security automation from the most security mature organizations suggests that adopting automation to achieve proactive security is a best practice of leading organizations and a way to account for the consistent threat of undetected vulnerabilities.”
Among the findings are that 60 percent of all respondents rated full external (e.g., attack surface visibility, attack path mapping, security control validation) asset context as critically important. This capability is particularly important to the most security-mature organizations, 69 percent of which rate it critical.
Some 29 percent of organizations are already deploying proactive security solutions as a
key component of broader cyber-risk reduction strategies. Also 82 percent of the most mature organizations think automated vulnerability remediation capabilities are important or extremely important.
“Many proactive security product segments are seeing broad adoption in 2024, and our research shows that organizations are often making these proactive investments as part of broader risk reduction strategies,” says Andrew Braunberg, principal analyst at Omdia. “Most importantly, organizations are using these solutions to not only enable visibility and management of their entire attack surface, but also to optimize protections through the existing security stack.”
The full report is available from the Syxsense site.
Image credit: Alexandersikov/Dreamstime.com
