Enterprise cybersecurity protections are failing to keep pace with the evolving threat landscape, which now includes everything from the weaponization of AI to state-sponsored hacking groups to the metastasizing of run-of-the-mill vulnerabilities (misconfigurations, unpatched devices) that are getting exponentially harder to keep up with as system complexity increases.
Many of today’s security holes also align with high-growth tech markets, such as AI and cloud computing. For instance, in its State of Phishing 2024 report, email security firm SlashNet found that generative AI, such as ChatGPT, is driving a spike in phishing. SlashNet found that since Q4 2022, phishing emails have spiked by more than a thousand percent, with credential phishing in particular driving the bulk of that increase.
Meanwhile, security teams still struggle to detect breaches. In its Cost of a Data Breach Report 2024, IBM found that just 42% of known breaches are currently being identified by internal security teams and tools. Similarly, the International Information System Security Certification Consortium’s (ISC2) 2024 Cloud Security Report notes that 96% of organizations are worried about public cloud security, especially securing multi-cloud environments. ISC2 also found that organizations desire to modernize and simplify security tools and workflows, but they are struggling to do so, slowed down by a variety of barriers, including a lack of skilled staff, data privacy issues, and tight budgets.