New Survey Shows Increase in 2023 Security Budgets Following Spike in Breach Incidents
New industry survey conducted by Pentera finds that 88% of organizations report a breach incident in the past 2 years
Boston and Tel Aviv, February 28, 2023 – Pentera, the leader in automated security validation, released the findings of its second annual industry survey: The State of Pentesting 2023. Pentera undertook this research to understand the current state of security validation practices and investment in enterprises.
Pentera surveyed 300 CIOs, CISOs, and security executives from enterprises across Europe and the USA. The report provides insights on current IT and security budgets, cyber security validation practices, and how cyber exposure is being managed, while showcasing differences between the regions and enterprise sizes.
Report highlights include:
- Despite large investments in Defense-in-Depth strategies, 88% of organizations report recent attacks – On average, companies have almost 44 security solutions in place, indicating a defense-in- depth strategy, where multiple security solutions are layered to best protect critical assets. However, despite the large number of security solutions implemented, 88% of organizations admit to being compromised by a cyber incident over the past two years.
- Cybersecurity budgets aren’t impacted by the financial slowdown – Despite the recent global economic slowdown, cybersecurity budgets are not expected to be impacted in 2023. 92% of organizations report a raise in their IT security budgets, and 85% report a raise in their pentesting budget specifically.
- The drivers for pentesting have evolved beyond regulations – While the need for pentesting originated with regulatory requirements, the top-of-mind motivations for pentesting today are security validation, potential damage assessment, and cyber insurance. With only 22% of respondents citing compliance as their primary motivation for the practice, regulatory or executive mandates are still impactful, but not the primary rationale driving pentesting.
“We’re seeing more organizations increase the cadence of pentesting, but what we really need to achieve is continuous validation across the entire organization,” said Aviv Cohen, CMO of Pentera. “Annual pentesting assessments leave security teams in the dark most of the year regarding their security posture. Security teams need up-to-date information about their exposure using automated solutions for their security validation.”
The results of the report will be presented by Aviv Cohen at Pentera’s XPOSURE Summit on March 1, 2023. The summit focuses on actionable methodologies for developing and executing successful Exposure Management strategies. Register online here.
The version of an MSSQL database is a valuable piece of information for cyber attackers. With the version details in hand, they can attempt to find and exploit any of the version’s known vulnerabilities. As part of our research at Pentera Labs, we attempted to obtain the version of the widely-used MSSQL (Microsoft SQL Server)...
Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts. This digital transformation of the factory floor has accelerated the connection of machinery to digital systems and data. Computer systems for managing and monitoring digital systems and data have been added to the hardware and software used for managing and...
Despite major investments in their security suites, organizations continue to be breached. Our Co-founder and CTO, Arik Liberzon, recently sat down with CyberNews to discuss the value of the adversarial perspective and where his inspiration from Pentera came from. Starting out, I arrived at the idea for Pentera and Automated Security Validation in a pretty...