Editor’s Note: This article highlights the challenges and trends shaping the cybersecurity landscape in 2024, focusing on the critical gaps in external attack surface management as revealed in the 2024 State of Attack Surface Threat Intelligence Report by TacitRed™ and Cybersecurity Insiders. The survey findings are particularly relevant to cybersecurity and information governance professionals, who must prioritize maturing their security programs to withstand increasingly sophisticated threats. The rise in cyber incidents and ineffective tools indicates a clear need for innovation, automation, and greater investment in threat intelligence solutions.
Content Assessment: Cybersecurity Survey Uncovers Alarming Attack Surface Vulnerabilities in U.S. Enterprises
Information - 92%
Insight - 93%
Relevance - 92%
Objectivity - 94%
Authority - 93%
93%
Excellent
A short percentage-based assessment of the qualitative benefit expressed as a percentage of positive reception of the recent article from ComplexDiscovery OÜ titled, "Cybersecurity Survey Uncovers Alarming Attack Surface Vulnerabilities in U.S. Enterprises."
Industry News – Cybersecurity Beat
Cybersecurity Survey Uncovers Alarming Attack Surface Vulnerabilities in U.S. Enterprises
ComplexDiscovery Staff
A newly released survey from TacitRed™ and Cybersecurity Insiders reveals critical insights into how unprepared U.S. enterprises are in managing the growing complexity of their external attack surfaces. The “2024 State of Attack Surface Threat Intelligence” report underscores that despite increasing cybersecurity incidents, nearly half of U.S. enterprises have immature External Attack Surface Management (EASM) programs. This, coupled with ineffective threat intelligence tools, paints a concerning picture for businesses facing mounting risks.
Immaturity in EASM Programs: A Growing Concern
The study, which surveyed 312 IT security professionals from organizations with over 1,000 employees, highlights the alarming fact that 49% of companies are in the early stages of EASM development. These organizations remain stuck in the “Initial” or “Repeatable” phases of maturity, which are characterized by reactive rather than proactive approaches to attack surface management.
“The findings emphasize the need for businesses to evolve from reactive measures to more efficient and responsive EASM programs,” stated Holger Schulze, CEO and founder of Cybersecurity Insiders. “Given the rising number of impactful incidents, organizations must invest in automating their processes to improve overall resiliency.”
The healthcare and technology sectors are slightly ahead in the maturity of their programs, with around 33% of respondents reporting advanced capabilities in managing external cyber risks. Meanwhile, government and financial institutions lag, reflecting a more reactive stance in their risk management strategies.
90% of Enterprises Report an Increase in Cyber Incidents
The expansion of attack surfaces due to cloud adoption, remote work, and supply chain dependencies is a major contributor to the growing cyber threat landscape. According to the report, a staggering 90% of organizations experienced an increase in impactful attack surface incidents, and nearly 84% identified changes in attack surface dynamics as a direct cause of these security incidents. These findings reveal that many organizations are still struggling to keep up with the complexities of managing internet-facing assets and detecting threats in real time.
For smaller enterprises, the situation appears even more dire. Businesses with fewer than 2,500 employees reported 60% more incidents than larger organizations, reflecting a disproportionate risk due to limited resources.
Ineffective Tools Fuel Analyst Burnout
A notable 66% of respondents expressed dissatisfaction with the usefulness of their current attack surface threat intelligence tools. Many of these tools fail to provide actionable insights or struggle to reduce the “threat noise” security teams face daily. The resulting deluge of irrelevant data and false positives contributes to significant challenges in detecting real threats, with 40% of respondents highlighting difficulties in identifying third-party exposures and maintaining an accurate inventory of their internet-facing assets.
Furthermore, the report uncovers a gap in perception between senior management and frontline security analysts. While 30% of senior leaders believe their EASM tools are effective, security analysts—those who actually use the tools—report far lower satisfaction. This disconnect underscores the pressing need for vendors to refine their solutions to better meet the needs of the people who rely on them the most.
Top Cyber Threats: Ransomware, Phishing, and Supply Chain Attacks
Ransomware and phishing attacks continue to dominate the threat landscape, with 54% and 49% of respondents, respectively, citing these vectors as the most costly in terms of resource consumption and recovery efforts. Ransomware attacks, in particular, drain operational resources, forcing companies to focus on recovery and mitigation rather than preemptive measures.
Compromised credentials were reported by 50% of respondents as a frequent cause of breaches, further adding to the complexity of managing cyber risks. Supply chain vulnerabilities are also a significant concern, with 40% of organizations grappling with security risks introduced by third-party vendors.
Generative AI and Tool Convergence Offer a Glimmer of Hope
Looking ahead, cybersecurity teams expect the adoption of Generative AI and the convergence of threat intelligence tools to help alleviate some of the burdens they face. The report finds that 51% of organizations anticipate greater reliance on AI-driven solutions to automate threat validation and response processes. This shift towards Continuous Automated Attack Surface Management (CAASM), alongside EASM and vulnerability assessment convergence, is seen as a crucial step in streamlining security operations.
In addition to AI advancements, 65% of respondents believe that multi-source, curated threat intelligence will be critical in reducing the strain on security teams. By prioritizing relevant and actionable data, organizations can better allocate their resources to mitigate risks and minimize exposure to breaches.
Budgets on the Rise: Investing in Cyber Resilience
In a positive turn, 90% of enterprises expect to increase their budgets for EASM and threat intelligence tools in 2024. Of these, 40% anticipate a budget increase of more than 20%, reflecting a growing recognition of the importance of investing in proactive cybersecurity measures.
The report notes that larger organizations are twice as likely as smaller businesses to have mature EASM programs, highlighting the role that budget size plays in managing attack surface risks. As budgets rise, there is hope that smaller enterprises will also begin to close the gap in their cybersecurity defenses.
Expert Recommendations for Strengthening EASM Programs
Given the study’s findings, cybersecurity experts recommend the following steps for businesses looking to strengthen their attack surface management:
- Automate and Optimize Threat Intelligence: Invest in tools that provide curated, multi-source intelligence, focusing on actionable data rather than excessive information.
- Improve Asset Visibility: Ensure that your organization maintains an accurate inventory of all internet-facing assets to prevent potential exposures.
- Proactive Remediation: Shift from a reactive approach to a proactive strategy that anticipates threats and mitigates them before they escalate.
- Leverage AI: Adopt AI-driven solutions that reduce analyst burden by automating noise reduction and threat validation.
The 2024 State of Attack Surface Threat Intelligence Report paints a vivid picture of the challenges organizations face in defending their digital perimeters. As attack surfaces expand and cyber adversaries grow more sophisticated, the need for advanced, automated, and proactive defense strategies has never been greater.
News Source
Cybersecurity Insiders & TacitRed™. (2024). 2024 State of Attack Surface Threat Intelligence Report. Cogility. Available at: https://www.tacitred.com/asm2024rpt.
Assisted by GAI and LLM Technologies
Additional Reading
- Hacker ‘Fortibitch’ Leaks Fortinet Data
- Halliburton Cyberattack Highlights Vulnerability of Critical Infrastructure
Source: ComplexDiscovery OÜ