New Report Shows 76% of Organizations Have Suffered a Cyber Attack From an Exposed Asset Since 2021

Latest research from ESG highlights growth in attack surface and vulnerability management challenges
ESG report cover

Noetic Cyber, a market leader and innovator in cyber asset attack surface management (CAASM), today announced the results of the 2023 Security Hygiene and Posture Management (SHPM) report by Enterprise Strategy Group (ESG), which shows a growing recognition amongst security leaders of the potential impact of these investments to reduce ransomware, improve security controls and ensure regulatory compliance.

This latest report, repeated for the first time since 2021, revealed 62% of organizations believe their attack surface has grown over the past two years. Additionally, 50% agreed that the frequent changes and growth in the attack surface has made it difficult to keep track of and manage their security posture. Despite the interest and opportunity that surrounds investing in emerging technologies to combat the challenges of a growing attack surface, the inability to establish fundamental processes continues to limit the effectiveness of today's hygiene and posture management initiatives.

"Organizations continue to struggle with security hygiene and posture management due to disjointed cyber risk processes, decentral organizations, and attack surface growth," said Jon Oltsik, ESG Distinguished Analyst and Fellow, and author of the report. "However, our research shows that 86% of organizations will increase their security hygiene and posture management spending over the next 12 to 24 months. This indicates that organizations consider security hygiene and posture management business critical, and thus a high priority for security teams."

Security teams still struggle with the manual nature of their current attack surface and threat exposure management programs. Seventy-two percent of respondents rely on spreadsheets to track and manage security hygiene efforts, and 40% of teams need more than 80 person-hours to conduct a comprehensive asset inventory. 

"For security leaders, the focus on security hygiene and posture management needs to be on getting the fundamentals right," said Noetic CEO and co-founder, Paul Ayers. "This important research shows that risk reduction starts with asset visibility."

Many IT professionals identified cyber asset attack surface management (CAASM) as a key technology implemented to reduce the attack surface and improve security asset management. As a market leader and innovator in the space, Noetic is enabling organizations to combat the increasing complexities of security hygiene and posture management. 

To produce this research, ESG conducted an online survey of 383 IT and cybersecurity professionals at enterprises with 1,000 employees or more across North America, representing multiple industry sectors including financial services, manufacturing, oil & gas, retail and more. The results analyzed their current approaches to security hygiene and posture management including asset management, vulnerability management and security testing.

The full report is now available for download at https://noeticcyber.com/esg-security-hygiene-report-2023

Noetic will be exhibiting and presenting on exposure management and attack surface reduction at the RSA Conference in San Francisco, which runs today through Thursday, April 27. To learn more, visit the team at Booth #09 in the Early Stage Expo or book a meeting at the show

About ESG
TechTarget's Enterprise Strategy Group is an integrated technology analysis, research, and strategy firm providing market intelligence, actionable insight, and go-to-market content services to the global technology community. It is increasingly recognized as one of the world's leading analyst firms in helping technology vendors make strategic decisions across their go-to-market programs through factual, peer-based research. The firm is a division of TechTarget, Inc., the global leader in purchase intent-driven marketing and sales services focused on delivering business impact for enterprise technology companies.

About Noetic Cyber
Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, fix, and improve their security posture and enterprise ecosystem. Our goal is to improve security tools and control efficacy by breaking down existing siloes and improving the entire security ecosystem. Founded in 2019, Noetic is based in Boston and London. For more information, visit www.noeticcyber.com, or follow us on LinkedIn and Twitter.

Source: Noetic Cyber