Report reveals a surge in Red Team deployment, with 56% of respondents increasing investment over the next 12-24 months.
Bishop Fox, a leading authority in offensive security, has released the results of a study conducted by the Ponemon Institute, exploring enterprise adoption, and use of, offensive security tools and techniques to more effectively harden environments and assets.
An overwhelming 64% of respondents are employing Red Teaming in some capacity, whether building their own internal team, employing external resources or a combination.
Additionally, more than half say they will increase investment in the function over the next 12-24 months – with nearly a quarter reporting significant increases in Red Teaming.
“We are approaching a tipping point in terms of organizational understanding that a wealth of external knowledge regarding the universe of active attackers, threats and vulnerabilities, is much less effective without truly understanding the specific risk and exposure dynamics in your own environment and assets,” said Tom Eston, VP of Consulting and Cosmos for Bishop Fox.
“The overwhelming message in this report is a move to ‘full surface’ offensive security investment. If organizations aren’t complementing their defensive security program with offensive testing they are, or will soon be, trailing the pack.”
The report surveys some 700 respondents in organizations that actively perform offensive security testing.
Nearly 70% of the companies comprised organizations of 5,000 employees or more.
The report highlights how forward-leaning enterprises are taking matters in their own hands and leveraging attackers’ tactics, techniques and procedures against themselves.
This enables them to identify weaknesses and close them down before threat actors discover them, as well as limit the scope of impact of any compromise that subverts defenses.
Other findings in the report include:
- The top three threats driving offensive security investments are ransomware (41%), social engineering (40%) and cloud vulnerabilities (39%)
- More than half (52%) say employing offensive testing is effective or highly effective in defending against the top three.
- Nearly half of organizations are planning to conduct Red Team exercises at least monthly, with 26% planning to do so continuously
- More than half prioritize their Red Team exercises around tabletop exercises (63%), ransomware readiness (55%) and data breach scenarios (51%)
- Internal Red Teams are already in place, or in planning stages, in 70% of those surveyed
The success of offensive security in combating attacks is driving growth across all offensive security categories, an indication that the market tipping point is fast approaching. These indicators include:
- Growth in additional offensive security use cases in the last 18 months, including cloud migration (41%), new app releases (40%) and new technology adoption (44%)
- Additionally, the business drivers that overlay the use cases include improving attack surface visibility (40%), accelerating zero-day response (42%) and meeting compliance and regulatory requirements (42%)
- Finally, 62% of respondents express confidence or high confidence in their ability to identify assets and exposures
