Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

New Tenable Study: 43% of Cyberattacks in Mexico Have Been Successful in Last Two Years

Cybersecurity and IT leaders in Mexico reveal ability to stop just 57% of cyberattacks; 77% point to cloud infrastructure as their highest source of risk; 70% say IT is more concerned with uptime than patching/remediation

November 22, 2023 · Mexico City, Mexico

Tenable®, the Exposure Management company, has published a new study that sheds light on the challenges Mexican cybersecurity and IT leaders face in protecting their increasingly complex and expanding attack surface. The report titled “Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in Mexico” reveals that in the last two years, the average organization’s cybersecurity program was prepared to preventively defend, or block, just 57% of the cyberattacks it encountered. This means 43% of attacks launched against them are successful, and must be remediated after the fact. 

The study, based on a commissioned survey of 825 global cybersecurity and IT leaders, including 101 Mexican respondents, conducted in 2023 by Forrester Consulting on behalf of Tenable, illuminates the people, process and technology challenges standing between modern cybersecurity and IT teams and effective risk reduction practices. 

Nearly six in 10 (56%) respondents say they focus almost entirely on fighting successful attacks rather than working to prevent them in the first place. Cyber professionals cite that this reactive stance is largely due to their organizations' struggle to obtain an accurate picture of their attack surface, including visibility into unknown assets, cloud resources, code weaknesses and user entitlement systems. 

The complexity of infrastructure — with its reliance on multiple cloud systems, numerous identity and privilege management tools and various web-facing assets — brings with it numerous opportunities for misconfigurations and overlooked assets. 

Respondents were particularly concerned with the risks associated with cloud infrastructure, given the complexity it introduces in trying to correlate user and system identities, access and entitlement data. The vast majority of respondents (77%)* view cloud infrastructure as the greatest source of exposure risk in their organization. In order, the highest perceived risks come from the use of public cloud (33%), multi cloud and/or hybrid cloud (23%), private cloud infrastructure (11%) and cloud container management tools (11%).

Additional findings from the study include:

  • While most Mexican respondents (81%) say they consider user identity and access privileges when they prioritize vulnerabilities for remediation, more than half (51%) say their organization lacks an effective way of integrating such data into their preventive cybersecurity and exposure management practices. 
  • Nearly six in 10 respondents (58%) say a lack of data hygiene prevents them from drawing quality data from user privilege and access management systems, as well as from vulnerability management systems.
  • Three out of four respondents (76%) believe their organization would be more successful at defending against cyberattacks if it devoted more resources to preventive cybersecurity.
  • On average, it takes 16 hours a month to create reports for business leaders about the health of organizational security infrastructure. 
  • In a slight majority of Mexican organizations (56%), meetings about business-critical systems take place monthly, while 26% hold such meetings only once per year and 3% say they never hold such meetings.

“The results of this study underscore that focusing on remediating after the fact is a formula that does not work for Mexican organizations. As we navigate an increasingly complex and expanding attack surface, it is clear that a proactive, preventive cybersecurity model is not only essential but imperative for effectively reducing risk.” Francisco Ramirez de Arellano, Senior Vice President, Tenable Latin America. “This should be a call to action for Mexican organizations to prioritize preventive cybersecurity measures, and at Tenable Mexico, we are here to help navigate that change.” 

To read the full report with further results from the study, including how organizations can address these challenges and move from a reactive security posture to a preventive approach, please visit: tenable.com/analyst-research/how-people-process-and-technology-challenges-are-hurting-cybersecurity-teams-in-mexico

A blog post with additional context on the study can be found here.

Note to Editors:

  • Forrester Consulting conducted an online survey of 825 IT and cybersecurity professionals at large enterprises in the U.S., the U.K., Germany, France, Australia, Mexico, India, Brazil, Japan and Saudi Arabia. The study was fielded in March 2023.

     
  • Maturity Modeling: Respondents were scored based on their answers to questions measuring different aspects of their maturity: their use of preventive security tools, how they prioritize resources to reduce threat exposure, and the degree of visibility and collaboration within their organization. Forrester scored those in the bottom 20% as low maturity, the middle 60% as medium maturity, and the top 20% as high maturity.

*Note: Total percentage may not equal separate values due to rounding

About Tenable
Tenable® is the Exposure Management company. Approximately 43,000 organizations around the globe rely on Tenable to understand and reduce cyber risk. As the creator of Nessus®, Tenable extended its expertise in vulnerabilities to deliver the world’s first platform to see and secure any digital asset on any computing platform. Tenable customers include approximately 60 percent of the Fortune 500, approximately 40 percent of the Global 2000, and large government agencies. Learn more at tenable.com.

 

###

Media Contact:
Tenable
[email protected]

Stay up to date!

Subscribe to our email alerts for new press releases.

Subscribe for press release updates

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training