Press Release
Back to Archive

66% of Respondents Claim Only Nominal Effectiveness with Current Threat Intelligence Tools

IRVINE, Calif., October 9, 2024TacitRed today announced new survey findings in its “2024 State of Attack Surface Intelligence report.” The research, conducted by Cybersecurity Insiders, a community membership of over 600,000 information technology (IT) security professionals, found that half of U.S. enterprises have immature external attack surface management (EASM) programs despite nearly all respondents indicating an increase in impactful attack surface incidents. Organizations are investing in new technologies and applications to drive digital transformation, but in doing so, have enabled cyber adversaries means to exploit external attack surface exposures.

The 2024 Attack Surface Threat Intelligence report, which aimed at getting a better understanding of the key cyber security microtrends impacting businesses today, provides insights into the challenges, advances, maturity, and best practices for managing external attack surface risk. A findings summary infographic can be downloaded at www.tacitred.com/asm2024inf. To obtain the full report, visit www.tacitred.com/asm2024rpt.

“Given increased threats, operational deficiencies, and limited resources, the survey results underscore ample room for growth in maturing the people, processes, and tools necessary for effective EASM,” said Holger Schulze, CEO and founder of Cybersecurity Insiders. “Organizations should evaluate how to move beyond inconsistent and reactive measures and invest in more efficient, proactive, and responsive approaches to attack surface management to enhance their overall cyber posture and resiliency.”

Attack Surface Intelligence Insights and Challenges

Findings indicate that changes in attack surface infrastructure and external-originated incidents are steadily growing, but current tools are not effectively serving security operations teams. include:

  • 90% of organizations experienced an increase in impactful attack surface incidents.
  • 84% of respondents expressed attack surface dynamics contributing to security incidents.
  • Over a third of respondents expressed challenges of coping with too much threat noise (39%) and poor threat intelligence (37%) — contributing to analyst burnout, missed detections, and delayed response.
  • Similarly, more than half of respondents (66%) claimed only nominal usefulness in their attack surface threat intelligence tools while 40% expressed challenges in identifying third-party exposures, maintaining accurate internet-facing asset inventory, and detecting active threats.
  • Security analysts were a third less positive about tools supporting EASM programs compared to senior management — indicating a gap between tool perception and hands-on efficacy.

EASM Programs Lack Maturity, Not Budget

The maturity of EASM programs varies significantly across organizations. Nearly 50% of respondents report that their programs are in the early stages of development, either in the Initial or Repeatable phases, where risk management remains unstructured and reactive. Only 33% of respondents are in more advanced stages of maturity, having more defined, automated, and optimized capabilities. Technology and healthcare industries claim slightly (10%) stronger maturity compared to government and financial services organizations.

Large organizations (over 2,500 employees) appear twice as likely to have mature programs than smaller organizations – which may be attributed to having more resources and investment. Fortunately, budgets for EASM programs are on the rise with 90% expecting increased investment in EASM tools and threat intelligence. 40% of respondents anticipate a budget increase over 20% compared to the previous year. The findings have major implications for EASM providers as organizations seek to improve processes and evaluate new technologies to address operational gaps.

Additional findings include:

  • 90% of organizations experienced an increase in impactful attack surface incidents
    • Smaller companies (<2,500 employees) had 60% more incidents than larger companies
  • 49% of organizations currently have immature EASM programs
    • Near-term program objectives are to improve threat responsiveness (65%) and asset inventory accuracy (59%)
    • Over half of respondents anticipate security tool convergence and the application of Generative AI to positively impact EASM programs
  • 66% of respondents rated their attack surface intelligence tools as nominally useful
    • Professionals (65%) are seeking multi-source, curated, and prioritized threat intelligence
  • 90% anticipate budgets increasing for attack surface management and threat intelligence tools – 40% expect an increase of over 20%

Join Cybersecurity Insiders, TacitRed, and an expert practitioner panel as they examine key survey findings, share insights, and explore best practices on the “state of attack surface threat intelligence” webinar to be held on October 22nd at 11am EST. Register for the webinar at http://www.tacitred.com/asm24webinar/.

Survey Details

The research and report was produced by Cybersecurity Insiders, a community membership of over 600,000 information technology (IT) security professionals. The online survey was conducted in September 2024 and responses were compiled from 312 qualified security professionals in enterprises ranging from 1,000 to over 10,000 employees across multiple industries in the United States. All respondents manage external attack surface management programs and teams, or are security operations and analyst team members that use threat intelligence and EASM tools daily.

About Cogility TacitRed™

Cogility TacitRed™ empowers security analysts to take immediate, decisive actions to mitigate impactful cyber exposures by taking advantage of unparalleled tactical attack surface intelligence – fully curated, prioritized, and detailed. The SaaS solution continuously analyzes global internet and threat intelligence of entities and adversaries to provide actionable insight on compromised and at-imminent-risk assets with complete visualization, scoring, attack chain stage, and threat context for over 18 million U.S. entities. As a result, organizations can optimize resources, mitigate data breach exposure, proactively improve their security posture, and help reduce supply chain risk. To obtain a Free 30-day trial, visit www.tacitred.com.

Media Contact
Grace Halvorsen
gracehalvorsen@lightspeedpr.com