Cobalt, a leader in Pentest as a Service (PtaaS) and offensive security solutions, has released its 2024 State of Pentesting Report. The report sheds light on the challenges the cybersecurity industry faces as it navigates staffing shortages and the rise of AI-driven threats. The report, which includes analysis from 4,068 pentests, indicates a 21% increase in findings per pentest compared to the previous year and reveals a growing concern among security professionals regarding AI’s dual role as both a tool and a threat.
Pentesting, or penetration testing, is a critical cybersecurity practice where testers, also known as ethical hackers, simulate cyberattacks on a computer system, network, or web application to identify and fix security vulnerabilities. This proactive approach helps organizations strengthen their defenses before an actual attacker can exploit them. In the context of Cobalt’s report, pentesting is highlighted as an indispensable tool in managing cybersecurity risks more effectively, particularly in an era where AI and automation play significant roles in both defense and offense.
The study, based on a survey of over 900 cybersecurity professionals from the U.S. and U.K., explores the dynamics of internal staffing and collaboration with external partners. It highlights the increasing reliance on AI-powered tools within teams, with 86% of respondents adopting such technologies. However, even with this investment, some 59% still worry they are still falling behind the threat posed by AI.
Moreover, the report captures the stark realities of the cybersecurity job market, with 31% of respondents indicating recent layoffs within their organizations and a third of these acknowledging an increased cyber risk due to reduced staff. The lack of a strong staffing recovery is evident as nearly one-third report hiring freezes, and 29% anticipate more layoffs.
The C-Suite Pressure
C-suite executives are particularly feeling the pressure, with the report noting a 31% increase in executives who say the industry’s challenges are impacting their mental health. Strong leadership is more critical than ever, with 23% of respondents emphasizing the importance of C-suite involvement over budget in preventing attacks.
Caroline Wong, Chief Strategy Officer at Cobalt, emphasizes the crucial role of pentesting in addressing these challenges. “With cybersecurity teams strained by staffing shortages and rising concerns about AI’s potential to enhance cyberattacks, the importance of pentesting as a proactive measure is key,” Wong states. She highlights the need for the industry to prioritize talent acquisition, exercise caution with AI integration, and leverage pentesting to safeguard against evolving threats.
Chris Manton-Jones, CEO of Cobalt, also comments on the broader impact of these challenges on executives. “Enterprises today not only face digital threats but also the personal toll these challenges take on their executives,” he says.
Get full report here.
Other News: Coalition Touts New AI Tools for Cyber Insurance (Opens in a new browser tab).