→ Back to Home
DevSecOps

Cyber Risk Prioritization Remains a Major Challenge for Organizations Amidst Data Overload

The latest "State of Threat Management" report from Filigran underscores a persistent and growing challenge for organizations: the inability to effectively prioritize cyber risks despite an abundance of data. The report, published today, reveals that security teams are collecting more cyber risk data than ever before, yet they struggle to consolidate this information into a unified view of their exposure. This data overload is exacerbated by disconnected tools and manual processes, which hinder the ability to identify and act on the most critical threats. A striking finding indicates that while the proportion of critical vulnerability exposures has more than doubled over the past year, fewer than one in twelve (7.8%) proved urgent enough to require immediate action after exploitability validation. This situation is particularly critical for DevSecOps professionals. The promise of integrating security into every stage of the development lifecycle – shifting left – is undermined when teams are overwhelmed by a deluge of alerts, most of which are not immediately exploitable. This 'exposure gap' means that valuable engineering time is diverted to investigating low-priority issues, leading to alert fatigue, slower remediation cycles, and a false sense of security. The report highlights that analysts spend a significant portion of their working week (an average of 17 hours) investigating risks that ultimately prove to be low priority or unexploitable. This inefficiency directly impacts the agility and speed that DevSecOps aims to achieve, turning security into a potential bottleneck rather than an enabler. The struggle to prioritize cyber risks is a symptom of a broader trend in cybersecurity: the ever-expanding attack surface and the proliferation of security tools. Modern IT environments, encompassing cloud infrastructure, SaaS applications, remote devices, and complex digital supply chains, generate an unprecedented volume of security telemetry. Without intelligent aggregation, contextualization, and prioritization, this data creates noise rather than clarity. The report notes that 93% of organizations face challenges in maintaining an accurate and up-to-date view of their attack surface, and only 41% have a consolidated view of their cyber risk exposure. This context underscores the necessity for frameworks like Continuous Threat Exposure Management (CTEM), which aims to provide a more dynamic and outcome-driven approach to risk assessment. In practice, this means DevSecOps teams must move beyond simply identifying vulnerabilities to understanding their true exploitability and business impact. Practitioners should advocate for the adoption of integrated security platforms that can correlate data from various sources – vulnerability scanners, threat intelligence feeds, attack surface management tools – to provide a contextualized view of risk. Investing in automation and AI-driven prioritization capabilities is no longer a luxury but a necessity to cut through the noise and focus on high-fidelity threats. Organizations with established CTEM programs are already showing a more mature approach to cyber risk assessment, leveraging tools like cloud security posture management and breach and attack simulation more effectively. The expectation is that AI will significantly expand its role in exposure management, particularly in detection, exploitability validation, and remediation prioritization, offering a path to more efficient and effective DevSecOps.
#vulnerability management#cyber risk#ctem#security automation#devsecops
Read original source