Synack released a new report Wednesday detailing a major cultural shift taking part among some of the world’s largest organizations and institutions. The 2020 State of Compliance and Security Testing Report reveals that a large percentage of organizations and institutions are moving toward a rigorous, continuous testing model to ensure compliance.
As part of this shift toward continuous testing, organizations are utilizing crowdsourced security testing to achieve regulatory compliance and real security, with adoption expected to increase four-fold in 2020.
With new compliance frameworks such as GDPR and CCPA increasing the cost of a breach, organizations are racing to protect their data. In an increasingly connected, highly regulated and digital world, business leaders and decision makers are turning to outside vendors that can ramp up quickly in a cost effective manner.
As a result, the crowdsourced security testing space--which has already gained credibility for its significantly better ROI than more traditional, less frequent, and less secure methods--has surpassed all estimates and will continue to do so in 2020 and beyond.
For the report, Synack surveyed leaders from more than 300 organizations representing a number of industries and verticals, including technology, government, healthcare, information technology, and financial services.
In addition to helping identify a set of security and compliance best practices for a diverse set of industries, the report found security testing is becoming part of an organization’s normal routine rather than a once-a-year check of the box focused only on compliance.
44 percent of organizations and institutions surveyed are performing security tests on a monthly or weekly basis, which suggests they are moving toward the more effective continuous model that crowdsourced solutions enable.
Other findings include 63 percent of organizations agree that the most common use case for external vendors is to identify and reduce vulnerabilities, which is encouraged by different compliance frameworks and best practice standards; 52 percent of organizations experience unwanted cost and complexity due to overlap in functionality from using multiple security vendors, which is caused by poor budget allocation and overlap in vendor capabilities; and 32 percent of compliance testing processes are expensive and difficult to scale, yet crowdsourced security testing solutions provide 147 percent higher ROI than a typical pen test and may decrease the burden of testing on organizations by reducing signal-noise ratio.
No comments:
Post a Comment