April 16, 2024
73% of enterprises report changes to their IT environments at least quarterly while only 40% pentest at the same frequency
BOSTON, April 16, 2024 – Pentera, the leader in automated security validation, today released the results of its third annual industry survey: The State of Pentesting 2024. The report provides a snapshot of how security leaders in enterprises across the globe have adopted security validation strategies across their organizations over the past year.
Threat actors are continuing to successfully breach across the entire attack surface and the stakes are only getting higher: 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result.
Enterprises are continuing to prioritize pentesting as part of their security tool kit, accounting for an average of $164,400, nearly 13% of their total IT security budgets. The main drivers and uses for pentesting programs continue to be validating security controls’ efficacy, understanding potential attack impact and prioritizing security investments. Over 50% of CISOs report that they share the results of pentest assessments with their leadership teams as well as their Boards of Directors, using these reports as a tool to communicate cybersecurity risk both within and outside their organizations.
Other highlights from the report include:
“The results of our latest report are indicative of the increasing infrastructure complexity of organizations today and the rising challenges that security teams face along with it. Close to a third of CISOs who cited a breach reported financial loss and data exposure, while 43% reported unplanned downtime as a result of the breach,” said Jason Mar-Tang, Field CISO at Pentera. “Attack surfaces are more dynamic than ever and resources are limited, making it even more critical for organizations to proactively validate their risk exposure with accuracy and pinpoint exploitable gaps across the complete attack surface.”
Pentera surveyed 450 CISOs, CIOs, and IT security leaders at enterprise companies with more than 1,000 employees across the Americas, EMEA, and APAC to compile this report. Click here to read the full report.
Register for our upcoming webinar on April 30 with Matt Bromiley, SANS Instructor and Jay Mar-Tang, AVP, Field CISO at Pentera to learn more.