Data breaches are wreaking more havoc than ever on enterprises, thanks to inadequate testing of their cybersecurity posture, among other issues.
A new study from Pentera, which surveyed 450 security leaders across large enterprises, found nearly all (93%) of breached enterprises say that the consequences have been dire, and include downtime of operations and financial losses.
However, the report also found that enterprises are dedicating 13% of their cybersecurity budgets to pentesting, to help verify the strength of their systems and to see what kinds of damage can be caused by breaches. This also helps them to decide where to spend their money.
Other issues
However, enterprise pentesting is failing to keep pace with the evolution of IT systems: 73% make IT changes quarterly, but only 40% conduct pentesting at the same frequency, increasing their risk succumbing to cyberattacks, according to the report.
To make matters worse, cybersecurity teams are reportedly dealing with more and more problems, with 60% of enterprises having at least 500 security-related events a week that need fixing.
51% of enterprises also said they have been breached in the past two years, despite each deploying 53 cybersecurity solutions on average. This highlights the lack of sufficient technology enterprises have to tackle cyberthreats fully.
Pentera’s Field CISO, Jason Mar-Tang, commented on the report, "the results... are indicative of the increasing infrastructure complexity of organizations today and the rising challenges that security teams face along with it.”
He added, "attack surfaces are more dynamic than ever and resources are limited, making it even more critical for organizations to proactively validate their risk exposure with accuracy and pinpoint exploitable gaps across the complete attack surface.”
