I am a cybersecurity pro and this is why manual processes are making businesses more vulnerable to attacks
Date:
Fri, 20 Jun 2025 10:01:36 +0000
Description:
Outdated security practices are increasing threats and attacks for both SMBS and large organizations.
FULL STORY ======================================================================
Automation is becoming increasingly common in the cybersecurity space, but some industries and organizations continue to lag when it comes to adopting modern security tools. Recent research from Cymulate revealed that nearly two-thirds of security leaders report missing exposures due to the
limitations of manual penetration testing and 67% say infrequent testing has left worrying gaps in their security assessments.
Thats a real problemand it highlights the growing danger posed by inefficient and outdated manual security processes. Cybercriminals are embracing automation to enhance their attack patterns, and security teams that fail to do the same are putting themselves at unnecessary risk.
It doesnt have to be this way. Practices like exposure management and
security controls validation have become increasingly common, with many organizations now engaged in continuous monitoring and validation of
potential threats.
With attackers using AI and other automated solutions to enhance and upscale their efforts, defenders need tools capable of matching the speed, volume and sophistication of modern attack tactics.
Todays advanced security solutions are helping security professionals improve both their detection and remediation capabilities, allowing them to continuously and automatically test their defenses against new and emerging threats while keeping their systems and data secure. Manual Processes Are Holding Security Teams Back
There is a reason many security teams have come to rely on manual processes: up to this point, they have generally worked. As with any industry, there
will always be resistance to change, and this is just the way weve always
done it can be a powerful argument. Of course, it helps that practices like manual penetration testing do still produce valuable resultsbut the issue is that attackers dont update their tactics on an annual or quarterly basis.
They are continuously poking and prodding around the edges of systems and networks, looking for a way in. If your last penetration test was three
months ago, that means attackers have had three months to find new vulnerabilities, new exposures, and new ways to evade your defenses. In
todays threat landscape, thats not acceptable.
Unfortunately, it just isnt possible for human beings to engage in
penetration testing or security controls validation on a continuous basis. Todays digital environments are more complex than ever, and an organization might have thousands of potential vulnerabilities to monitormore than even
the most dedicated security professionals can manage on their own.
Thankfully, todays organizations have no resources at their fingertips, with modern exposure management and security validation solutions helping to not only automate the testing process, but identify which exposures represent the most pressing danger and prioritize remediation accordingly. Why Automation
Is More Critical than Ever
According to Cymulates research, a staggering 65% of security leaders say
they know they are missing exposures due to manual penetration testing, while 67% say challenges like scope limitations and infrequent penetration testing are leaving identifiable gaps in their assessments. In todays threat environment, thats a serious concernbecause if security leaders are aware of those gaps, cybercriminals almost certainly are, too.
At a time when the average cost of a data breach in the U.S. is more than $9 million, businesses cannot afford to let their exposures and vulnerabilities go unaddressed. Cybersecurity is inherently asymmetrical: attackers only need to succeed once to cause significant damage. You may not be able to stop
every attackbut you can avoid becoming an easy target.
That starts with testing. Security leaders who use automated validation solutions say they are able to conduct more than 200x as many tests as those relying on manual processes, helping them stay one step ahead of attackers even when they are leveraging the latest tactics and techniques.
In fact, organizations that have implemented AI-based automation into their exposure validation process report that it takes an average of 24 fewer hours to test their defenses against newly identified cyber threats. That can make
a significant difference, especially at a time when attackers are identifying and exploiting vulnerabilities more quickly than ever.
Organizations cant wait weeks or months to manually test new attack tacticsthey need to know whether they can defend against these threats, and they need to know now. Reducing Manual Processes Should Be a Top Priority
Cymulates findings reveal that 97% of organizations with automated security control validation processes in place have seen a positive impact since implementation, and those that run exposure validation processes at least
once per month report a 20% reduction in breaches alongside improved mean
time to detection.
The message is simple: organizations that test and validate their security capabilities on a regular (or continuous) basis have a higher degree of success detecting attackers, preventing breaches, and keeping their digital environments secure. Better still, eliminating cumbersome manual processes
and automating a significant portion of the testing, prioritization, and remediation processes frees up security teams to focus more pressing tasks.
Automation doesnt just improve securityit heightens job satisfaction and ensure organizations are getting the most out of their highly skilled employees. Reducing the manual processes that lead to both employee burnout and unnecessary exposures should be a top priority for businesses across
every industry.
We list the best network monitoring tool .
This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here:
https://www.techradar.com/news/submit-your-story-to-techradar-pro
======================================================================
Link to news story:
https://www.techradar.com/pro/i-am-a-cybersecurity-pro-and-this-is-why-manual- processes-are-making-businesses-more-vulnerable-to-attacks
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)