Enterprises struggling with more vulnerabilities than they can handle

According to new research 82 percent of companies report an increase in the gap between the number of vulnerabilities/exposures in their environment and their ability to remediate them.

The 2024 State of Security Posture Survey from XM Cyber is based on a survey of 300 CISOs and security decision-makers from large organizations in the US and UK, and shows 62 percent of security and IT teams actively engage in the remediation of exposures or vulnerabilities, handling an average of 12 per week.

What's more 90 percent of companies frequently find themselves unable to remediate exposures due to factors like purchased systems and legacy applications.

About half of respondents report using a single program to manage exposures, a trend more prevalent in smaller organizations. In contrast, larger companies often face challenges in implementing such centralized approaches, underlining the need for scalable, adaptable solutions catering to the diverse needs of organizations of different sizes.

"The data highlights two crucial gaps that need to be bridged: the expanding gap between exposures and remediations, and the communications gap between security operators and leadership," says Boaz Gorodissky, CTO and co-founder of XM Cyber. "It's a call to action for organizations to not only invest in advanced solutions but also to foster a culture of cybersecurity awareness and collaboration."

On a positive note 87 percent of surveyed organizations say they intend to increase their commitment to vulnerability and exposure remediation in the next 12 months. Around 45 percent identify the cloud as a primary area for enhancing their security posture. However, about 50 percent of the organizations surveyed manage exposures separately for on-premises and hybrid cloud environments.

You can get the full report from the XM Cyber site.

Image credit: Wavebreakmedia/depositphotos.com