A lack of continuous validation is preventing organisations from turning cyber visibility into meaningful risk reduction, according to new research from Filigran.
The company’s State of Threat Management Report, based on a survey of 550 security decision-makers and practitioners worldwide, found that although organisations are investing heavily in threat intelligence and security tools, many continue to struggle to prioritise the risks that matter most.
According to the research, security teams spend an average of 42% of their time investigating risks that later prove to be low priority or non-exploitable, while 84% of respondents said cyberattacks frequently exploit risks that were already known but had not been prioritised. The report noted that this reflects a growing “exposure gap” between identifying threats and taking action to reduce risk.
Despite organisations using an average of 14 threat intelligence feeds, 61% said they are unable to determine which vulnerabilities are most likely to be exploited in real-world attacks. Only 38% currently use threat intelligence within a continuous,…
