Attack Surface
Cybersecurity statistics about attack surface
Related Topics
Showing 1-20 of 25 results
More than 1 in 7 organizations expose API documentation to the internet.
40% of organizations rank integrating generative and agentic AI into the business among their top three cybersecurity priorities.
Organizations test only 32% of their global attack surface on average.
68% of the enterprise environment remains untested, creating significant blind spots.
51.1% of organizations report dormant access exploitation
39.1% of organizations report Service Account abuse
87% of intrusions involve activity across multiple attack surfaces.
The attack surface has expanded by 41% in the past 12 months, indicating a significant increase in potential vulnerabilities.
Rapidly expanding attack surfaces are cited by 38% of cybersecurity and cyber risk leaders as a reason for increased difficulty in managing cyber risk today vs five years ago.
46% of respondents used savings from optimization, automation, and outsourcing to increase coverage of the attack surface.
Six in 10 respondents point to increased visibility across attack surfaces due to automation efforts.
39% believe that if you don’t manage asset-related risks properly, it will weaken your standing in the marketplace, making it harder to win new business or keep up with rivals.
75% of cybersecurity incidents occur due to unmanaged assets.
42% of respondents said that if you don’t manage asset-related risks properly, you’re likely to experience disruptions to day-to-day operations—e.g., outages, downtime, or process failures.
39% believe that if you don’t manage asset-related risks properly, it will erode customer confidence and damage your brand image.
39% believe that if you don’t manage asset-related risks properly, it will have impacts on your supply chain partnerships.
38% of respondents believe that if you don’t manage asset-related risks properly, it can lead to link to drops in staff efficiency.
38% believe that if you don’t manage asset-related risks properly, it can impact financial performance.
55% of organizations surveyed said they have no processes in place to continuously manage attack surface risk.
On average, only 27% of responding organizations' budgets are dedicated to managing attack surface risk.