Security hygiene and posture management has become increasingly difficult because of factors like a growing attack surface, the increased use of cloud computing, and the need to support a remote workforce. These factors can create security vulnerabilities that lead directly to cyber-attacks. Indeed, a majority of organizations have experienced at least one cyber-incident due to the exploitation of an unknown, unmanaged, or poorly managed internet-facing asset. Unfortunately, this pattern will likely persist as most organizations continue to approach security hygiene and posture management with point tools, spreadsheets, and manual processes. Organizations are prioritizing spending on security hygiene and posture management, focusing on areas like continuous security testing, process automation, and increasing staff. Security professionals also aspire to consolidate disparate point tools into a security observability, prioritization, and validation (SOPV) architecture to gain a holistic perspective across all aspects of security hygiene and posture management.
To gain further insight into these trends, TechTarget’s Enterprise Strategy Group (ESG) surveyed 383 IT and cybersecurity professionals at organizations in North America (US and Canada) responsible for evaluating, purchasing, and utilizing products and services for security hygiene and posture management, including vulnerability management, asset management, attack surface management, and security testing tools, among others.
This study sought to answer the following questions:
- What are the biggest drivers for organizations’ security hygiene and posture management strategies and programs?
- What groups are responsible for defining policies for security hygiene and posture management?
- Have organizations automated security hygiene and posture management activities? If so, which ones have been automated?
- Why do organizations perform external attack surface discovery?
- What do organizations believe are the primary reasons for the increase in their attack surface over the past two years? What actions have they taken to reduce the attack surface?
- Have organizations experienced some type of cyber-attack in which the attack itself started through an exploit of an unknown, unmanaged, or poorly managed internet-facing asset?
- How often do organizations conduct comprehensive security asset inventory assessments?
- What types of databases/systems/tools are currently in use as part of organizations’ IT asset inventory process(es)?
- For which assets do organizations have the most difficulty maintaining a timely and accurate inventory?
- What are the biggest challenges associated with vulnerability management? How do organizations determine which vulnerabilities to prioritize and patch?
- What are the primary reasons organizations conduct penetration tests/red teaming exercises? What actions do they believe would most improve their penetration testing/red teaming program(s)?
- How do organizations expect their plans for spending on security hygiene and posture management to change over the next 12 to 18 months?
Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.