Novo estudo da Tenable: 43% dos ataques cibernéticos no México nos últimos dois anos foram bem-sucedidos

Tenable®, the Exposure Management company, has published a new study that sheds light on the challenges Mexican cybersecurity and IT leaders face in protecting their increasingly complex and expanding attack surface. The report titled “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in Mexico” reveals that in the last two years, the average organization’s cybersecurity program was prepared to preventively defend, or block, just 57% of the cyberattacks it encountered. This means 43% of attacks launched against them are successful, and must be remediated after the fact. 

The study, based on a commissioned survey of 825 global cybersecurity and IT leaders, including 101 Mexican respondents, conducted in 2023 by Forrester Consulting on behalf of Tenable, illuminates the people, process and technology challenges standing between modern cybersecurity and IT teams and effective risk reduction practices. 

Nearly six in 10 (56%) respondents say they focus almost entirely on fighting successful attacks rather than working to prevent them in the first place. Cyber professionals cite that this reactive stance is largely due to their organizations' struggle to obtain an accurate picture of their attack surface, including visibility into unknown assets, cloud resources, code weaknesses and user entitlement systems. 

A complexidade da infraestrutura, com sua dependência de vários sistemas de nuvem, várias ferramentas de gerenciamento de identidades e privilégios e amplo número de ativos voltados para a Web, traz consigo várias oportunidades de configurações incorretas e ativos negligenciados. 

Respondents were particularly concerned with the risks associated with cloud infrastructure, given the complexity it introduces in trying to correlate user and system identities, access and entitlement data. The vast majority of respondents (77%)* view cloud infrastructure as the greatest source of exposure risk in their organization. In order, the highest perceived risks come from the use of public cloud (33%), multi cloud and/or hybrid cloud (23%), private cloud infrastructure (11%) and cloud container management tools (11%).

Outras descobertas do estudo incluem:

• While most Mexican respondents (81%) say they consider user identity and access privileges when they prioritize vulnerabilities for remediation, more than half (51%) say their organization lacks an effective way of integrating such data into their preventive cybersecurity and exposure management practices. 
• Nearly six in 10 respondents (58%) say a lack of data hygiene prevents them from drawing quality data from user privilege and access management systems, as well as from vulnerability management systems.
• Three out of four respondents (76%) believe their organization would be more successful at defending against cyberattacks if it devoted more resources to preventive cybersecurity.
• On average, it takes 16 hours a month to create reports for business leaders about the health of organizational security infrastructure. 
• In a slight majority of Mexican organizations (56%), meetings about business-critical systems take place monthly, while 26% hold such meetings only once per year and 3% say they never hold such meetings.

“The results of this study underscore that focusing on remediating after the fact is a formula that does not work for Mexican organizations. As we navigate an increasingly complex and expanding attack surface, it is clear that a proactive, preventive cybersecurity model is not only essential but imperative for effectively reducing risk.” Francisco Ramirez de Arellano, Senior Vice President, Tenable Latin America. “This should be a call to action for Mexican organizations to prioritize preventive cybersecurity measures, and at Tenable Mexico, we are here to help navigate that change.” 

To read the full report with further results from the study, including how organizations can address these challenges and move from a reactive security posture to a preventive approach, please visit: tenable.com/analyst-research/how-people-process-and-technology-challenges-are-hurting-cybersecurity-teams-in-mexico

A blog post with additional context on the study can be found here.

Nota ao editor:

• Forrester Consulting conducted an online survey of 825 IT and cybersecurity professionals at large enterprises in the U.S., the U.K., Germany, France, Australia, Mexico, India, Brazil, Japan and Saudi Arabia. The study was fielded in March 2023.
  
   
• Modelagem de maturidade: Os entrevistados foram pontuados com base em suas respostas a perguntas que medem diferentes aspectos de sua maturidade: o uso de ferramentas de segurança preventivas, a forma como priorizam os recursos para reduzir a exposição a ameaças e o grau de visibilidade e colaboração em sua organização.A Forrester classificou os 20% inferiores como de baixa maturidade, os 60% intermediários como de média maturidade e os 20% superiores como de alta maturidade.

*Nota: A porcentagem total pode não ser igual aos valores separados devido ao arredondamento.

Sobre a Tenable
A Tenable® é a empresa de Exposure Management.Aproximadamente 43 mil organizações no mundo todo contam com a Tenable para entender e reduzir o risco cibernético.Como criadora do Nessus®, a Tenable ampliou sua experiência em vulnerabilidades para oferecer a primeira plataforma do mundo para verificar e proteger qualquer ativo digital em qualquer plataforma de computação. Entre os clientes da Tenable, estão 60% das empresas Fortune 500, 40% das empresas Global 2000 e órgãos governamentais de grande porte. Saiba mais em pt-br.tenable.com.

###

Contatos para a imprensa:
Tenable
[email protected]