Due to complexity, business decision-makers are unable to assess their digital attack surfaces.
A study by Trend Micro shows that 54 percent of companies worldwide are dissatisfied with the maturity of their cyber risk assessment capabilities. With this comes an increased risk of falling victim to ransomware, phishing and other threats. The difficulty companies have in assessing risk also leaves boards in the dark: 51 per cent of IT decision-makers see a challenge in quantifying the company’s level of risk to senior management. Only 4 per cent believe their board currently fully understands cyber risk.
Platform-based approach to managing attack surfaces
Forty-one per cent of respondents have already invested in a platform-based approach to attack surface management within the organisation, while almost half (49 per cent) say they plan to do so in the future. Those who already have a cybersecurity platform in place see better visibility (32 per cent), reduced costs (31 per cent) and faster attack detection and response (31 per cent) as the main benefits.
Many German companies (27 per cent) still proceed manually when mapping the attack surface. 29 percent report complexity problems due to the existence of several tech stacks. This could explain why only some of the respondents are able to comprehensively map several aspects of their risk assessment.
For the study
Trend Micro surveyed in April 2022 a total of 6297 IT and business decision-makers in 29 countries, including 202 in Germany.