87% of intrusions involve activity across multiple attack surfaces.

The attack surface has expanded by 41% in the past 12 months, indicating a significant increase in potential vulnerabilities.

Rapidly expanding attack surfaces are cited by 38% of cybersecurity and cyber risk leaders as a reason for increased difficulty in managing cyber risk today vs five years ago.

Six in 10 respondents point to increased visibility across attack surfaces due to automation efforts.

46% of respondents used savings from optimization, automation, and outsourcing to increase coverage of the attack surface.

Just 43% of global organizations use dedicated tools to proactively manage risk across their attack surface.

75% of cybersecurity incidents occur due to unmanaged assets.

On average, only 27% of responding organizations' budgets are dedicated to managing attack surface risk.

77% of companies claimed that their current resources are adequate for addressing attack surface challenges

91% of respondents acknowledged that attack surface management is either directly or somewhat connected to their organization's business risk.

73% of cybersecurity leaders surveyed have experienced security incidents due to unknown or unmanaged assets.

39% believe that if you don’t manage asset-related risks properly, it will erode customer confidence and damage your brand image.

55% of organizations surveyed said they have no processes in place to continuously manage attack surface risk.

39% believe that if you don’t manage asset-related risks properly, it will have impacts on your supply chain partnerships.

38% of respondents believe that if you don’t manage asset-related risks properly, it can lead to link to drops in staff efficiency.

39% believe that if you don’t manage asset-related risks properly, it will weaken your standing in the marketplace, making it harder to win new business or keep up with rivals.

38% believe that if you don’t manage asset-related risks properly, it can impact financial performance.

42% of respondents said that if you don’t manage asset-related risks properly, you’re likely to experience disruptions to day-to-day operations—e.g., outages, downtime, or process failures.

Approximately 1 in 4 organizations said they’re concerned about how AI use in the enterprise will make them more attackable (AI and generative AI concerns)