70% of businesses reported increased spending on proactive security solutions, such as attack surface management and risk-based vulnerability management, over the past year, according to a new research from Titania. The report, Emerging Best Practice in the use of Proactive Security Solutions, indicates a marked increase in investments aimed at preemptively mitigating cyber threats. This notably outpaces investments in both preventative and reactive measures.
The study, completed in partnership with Omdia, a global analyst and advisory leader, surveyed over 400 security decision-makers in North America, the UK, France, and Germany. It underscores the acceleration in adoption of proactive security measures from three key drivers: ‘reducing the opportunity for threats’, ‘reducing the mean time to remediate known vulnerabilities’, and ‘minimizing attack surface’.
Key findings of the report include:
- Strategic Implementation: A significant portion of organizations, particularly those with mature security postures, are strategically deploying proactive security solutions. This trend is especially prevalent among larger organizations. This growth is particularly pronounced in EMEA, where 74% of respondents increased their budgets, compared to 67% in North America. The desire is particularly strong amongst financial services organizations (54%) and critical infrastructure organizations (53%) including energy and utilities companies. In addition, almost half (47%) reported that their top cybersecurity goals for the next 12-24 months are to reduce the opportunity for threats with proactive security. Conversely, only 27% of organizations plan to improve tactical outcomes, such as better threat prevention, detection and response.
- Enhanced Security Posture: Respondents report a strong desire to improve security posture and expect that the broader integration of proactive security tools will greatly improve attack surface management and security control optimization. Currently, a large majority of respondents report having limited visibility into the security posture of network assets (firewalls, switches and routers) and long cadences between assessments – with roughly half of organizations checking network devices at most, monthly.
Organizations are also much more likely to only monitor all devices in critical segments (or simply look at a sample of devices), than to monitor every device in their networks. Notably, critical infrastructure organizations (i.e., energy, utilities, and transportation) report much lower confidence than other industries in their ability to maintain adequate network segmentation and prevent unauthorized access to networks. - Disruption Anticipation: Almost half (48%) of all respondents anticipate a high level of organizational disruption due to the broader adoption of proactive security solutions, highlighting the transformative impact these measures are expected to have.
“This research vividly illustrates a widespread and rapid shift towards proactive security to improve operational readiness and resilience. Organizations are recognizing the critical need to stay ahead of known threats and shut down attacks by investing in solutions that offer real-time visibility of their security posture and remediating action that will continuously minimize their exposure.”
Tom Beese, Executive Chairman, Titania
