Virtually three-quarters (74%) of IT safety administrators in regulated industries within the US and UK consider detection-based safety applied sciences are outdated and insufficient.
This shocking discovering comes from Everfox’s newest CYBER360 report, a survey of 1000 IT and safety leaders in authorities, protection and monetary providers throughout the US and UK.
The report, revealed on February 12, 2025, lays naked the exceptionally excessive quantity of cyber-attacks suffered by regulated organizations, with 97% of respondents saying they reported a cyber incident between October 2023 and 2024.
On common, the surveyed organizations skilled 127 identified cyber-attacks every week, with the highest three threats recognized as:
- Compromised entry credentials (26%)
- Phishing assaults (26%)
- Exploited vulnerabilities (25%)
Moreover, 62% of respondents agreed that AI and rising malicious actor developments are growing assault sophistication.
Shit from Detection-Based mostly to Prevention-Based mostly Safety
The report additionally exhibits a rising consensus amongst regulated organizations in favor of a strategic shift away from detecting cybersecurity threats to stopping them. On this yr’s report, 78% of surveyed IT and safety leaders mentioned this might be their cybersecurity precedence.
This prevention-first technique can take a number of varieties. For example, a 3rd of respondents (33%) plan to implement hardsec expertise, which makes use of {hardware} logic and electronics to implement safety capabilities, dramatically decreasing the assault floor, whereas 30% plan to implement superior Content material Disarm and Reconstruction (CDR) options, which sanitize knowledge and information earlier than they enter networks.
One other 27% of respondents plan to implement Consumer Exercise Monitoring (UAM), a preventative strategy to managing insider dangers that distinguishes between real human errors and malicious intent.
Sean Berg, CEO of Everfox, commented: “More and more refined cyber-attacks have sadly turn out to be the norm and conventional detection-based applied sciences are unable to maintain up. New, preventative safety methods and options like hardsec and CDR options are a necessity to match the sophistication of at this time’s—and tomorrow’s—threats.”
Human and Operational Challenges
Nevertheless, these new strategic goals are more likely to face many challenges. For instance, over a 3rd (35%) of these working in protection organizations referred to as out resistance to vary and a choice for conventional reactive approaches as an impediment to deploying new safety methods.
Moreover, operational challenges stay, with 39% of regulated organizations citing their incapability to maintain up with the quickly evolving menace panorama as essentially the most important barrier to adopting preventative approaches.
Stretched budgets additionally play a job, with 36% of safety professionals reporting it as a barrier. This ache level was notably felt by authorities organizations, who named it their prime impediment.
