A new Enterprise Strategy Group survey has found that 80 percent of information technology and cybersecurity professionals said their organizations intend to raise spending on security hygiene and posture management efforts over the next 18 months.
ESG surveyed 398 IT and cyber professionals from organizations in public and private sectors across North America and found that data security tools, cyber risk quantification platforms and cloud security posture management emerged as the top three spending priorities, JupiterOne said Thursday.
The report showed that 70 percent of respondents said security hygiene and posture management had become more challenging in the past two years amid the expansion of their attack surfaces and 73 percent of study participants said they still rely on spreadsheets to manage security posture and hygiene at their organizations.
Sixty-nine percent of respondents said their organizations had witnessed at least one cyberattack as a result of the exploitation of a vulnerability in an unknown internet-facing asset, including user accounts, cloud-based workloads and software.
“The findings from this report raise troubling concerns about the state of asset vulnerability management,” said Erkang Zheng, founder and CEO of JupiterOne. “This survey points out the need to gain deeper insights into asset exploitability which can pose devastating risks to businesses.”
The study also found that 70% of organizations said they use more than 10 security tools to advance security hygiene and posture management.
Jon Oltsik, principal analyst and fellow at ESG and author of the report, said the IT research and strategy firm believes that chief information security officers “should take a more holistic approach to security hygiene and posture management by adopting technologies and processes for discovering assets, analyzing data, prioritizing risks, automating remediation tasks, and continuously testing security defenses at scale.”