In the last two years, the average organization’s cybersecurity program was prepared to defend preventively, or block, just 57% of the cyberattacks it encountered, according to Tenable.
This means 43% of attacks launched against them are successful and must be remediated after the fact.
58% of respondents say they focus almost entirely on fighting successful attacks rather than working to prevent them in the first place. The study finds that this is largely due to an inability to reduce potential risks before attacks happen.
Cyber professionals cite that this reactive stance is largely due to their organizations’ struggle to obtain an accurate picture of their attack surface, including visibility into unknown assets, cloud resources, code weaknesses and user entitlement systems.
Managing preventive cybersecurity tools requires a skilled workforce
The complexity of infrastructure — with its reliance on multiple cloud systems, numerous identity and privilege management tools, and various web-facing assets — brings numerous opportunities for misconfigurations and overlooked assets.
Respondents were mainly concerned with the risks associated with cloud…
