- This 3-in-1 wireless charger should be on every Apple user's wishlist - and it's super sleek
- Automation and a “back to basics” approach will shape cybersecurity
- Want to write like a pro? These 7 tools are my secret to keeping my creative juices flowing
- I love the Galaxy S25 Ultra, but the Pixel 9 Pro XL for $200 off right now is the better deal
- 10 common dangers VPNs won't protect you from online - and how to avoid them
Security Detection Tech Failing, Say Cyber Leaders
Almost three-quarters (74%) of IT security directors in regulated industries in the US and UK believe detection-based security technologies are outdated and inadequate.
This surprising finding comes from Everfox’s latest CYBER360 report, a survey of 1000 IT and security leaders in government, defense and financial services across the US and UK.
The report, published on February 12, 2025, lays bare the exceptionally high volume of cyber-attacks suffered by regulated organizations, with 97% of respondents saying they reported a cyber incident between October 2023 and 2024.
On average, the surveyed organizations experienced 127 known cyber-attacks each week, with the top three threats identified as:
- Compromised access credentials (26%)
- Phishing attacks (26%)
- Exploited vulnerabilities (25%)
Additionally, 62% of respondents agreed that AI and emerging malicious actor trends are increasing attack sophistication.
Shit from Detection-Based to Prevention-Based Security
The report also shows a growing consensus among regulated organizations in favor of a strategic shift away from detecting cybersecurity threats to preventing them. In this year’s report, 78% of surveyed IT and security leaders said this would be their cybersecurity priority.
This prevention-first strategy can take several forms. For instance, a third of respondents (33%) plan to implement hardsec technology, which uses hardware logic and electronics to implement security functions, dramatically reducing the attack surface, while 30% plan to implement advanced Content Disarm and Reconstruction (CDR) solutions, which sanitize data and files before they enter networks.
Another 27% of respondents plan to implement User Activity Monitoring (UAM), a preventative approach to managing insider risks that distinguishes between genuine human mistakes and malicious intent.
Sean Berg, CEO of Everfox, commented: “Increasingly sophisticated cyber-attacks have unfortunately become the norm and traditional detection-based technologies are unable to keep up. New, preventative security strategies and solutions like hardsec and CDR solutions are a necessity to match the sophistication of today’s—and tomorrow’s—threats.”
Human and Operational Challenges
However, these new strategic objectives are likely to face many challenges. For example, over a third (35%) of those working in defense organizations called out resistance to change and a preference for traditional reactive approaches as an obstacle to deploying new security strategies.
Additionally, operational challenges remain, with 39% of regulated organizations citing their inability to keep up with the rapidly evolving threat landscape as the most significant barrier to adopting preventative approaches.
Stretched budgets also play a role, with 36% of security professionals reporting it as a barrier. This pain point was particularly felt by government organizations, who named it their top obstacle.
