Connect with us

Technology

Enterprises Struggle with Cybersecurity Basics Despite Automation

Editorial

Published

6 months ago

on

A recent report from Swimlane highlights significant deficiencies in cybersecurity practices among enterprises. Despite the increasing reliance on automation, many organizations continue to neglect fundamental security measures such as patch management and access control. The findings, presented in the report titled “Cracks in the Foundation: Why Basic Security Still Fails,” reveal that over half of respondents identify the human element as the primary obstacle in their security posture.

The report indicates that employees often introduce vulnerabilities through poor password management, careless email habits, and disregard for established policies. Alarmingly, 67% of organizations review user privileges only quarterly or less frequently, which allows dormant accounts and excessive permissions to persist for extended periods. Additionally, 64% acknowledge they do not continuously assess the security of vendors and suppliers after the initial onboarding process, creating opportunities for potential misuse and insider threats.

Leadership often prioritizes broad resilience goals while neglecting the daily operations that underpin them. Only 32% of respondents consider cyber hygiene and resilience as top priorities for their C-suite, whereas 43% cite cyber threats and crisis response as major concerns. Many executives still perceive cybersecurity as a reactive measure rather than a proactive discipline. This tendency leads to a cycle where crisis management receives more attention than routine hygiene, making it difficult for teams to justify investments in basic security practices.

The report also reveals that patch management remains a significant vulnerability for many organizations. 73% of respondents report taking longer than 24 hours to apply critical updates, with about one in four taking between 8 and 30 days. Each day of delay gives attackers a greater window to exploit known vulnerabilities. The bottleneck often arises from the need for coordination across departments; security teams identify vulnerabilities quickly, but the patching process involves multiple stakeholders, including operations and IT teams.

While automation has the potential to address these gaps, many organizations still rely on manual approvals and rigid change schedules that hinder timely responses. Treating patching as a shared responsibility, facilitated by workflow automation, could significantly reduce the exposure period to threats.

Despite significant investments in cybersecurity, two-thirds of organizations reported experiencing at least one security incident in the past year. Among these, 92% believe that stronger cyber hygiene could have prevented the incidents. The actual number of incidents may be even higher, as many go undetected or unreported. Yet, only 15% of respondents classify their hygiene programs as “leading,” while most feel their practices are still developing. This suggests a widespread perception of immaturity in essential security activities.

Even with robust tools available, effectiveness diminishes without consistent usage. The absence of automation limits human follow-up, leading to crucial tasks slipping through the cracks during busy periods. Most respondents agree that artificial intelligence (AI) and automation can bolster basic security practices, with 84% asserting these technologies enhance their organizations’ focus on fundamental security measures. When asked about improvements to hygiene programs, the predominant response was an increase in AI usage and expertise. Only 21% felt that emerging technologies detracted from essential security work.

Automation can alleviate manual workloads and eliminate the need to schedule routine tasks. By allowing access reviews, patch rollouts, and log monitoring to operate on consistent cycles, teams can redirect their efforts toward analysis and risk management.

“The fundamentals of security shouldn’t be the hardest part, but they remain the weakest link,” stated Michael Lyborg, Chief Information Security Officer at Swimlane. “Too many teams treat hygiene as a checklist instead of a living process. Intelligent automation makes it continuous, measurable, and built-in, turning resilience from a goal into a deliverable outcome.”

The findings underscore the need for organizations to reinforce their cybersecurity foundations and adopt a proactive stance toward security hygiene.

Related Topics:
Editorial

Our Editorial team doesn’t just report the news—we live it. Backed by years of frontline experience, we hunt down the facts, verify them to the letter, and deliver the stories that shape our world. Fueled by integrity and a keen eye for nuance, we tackle politics, culture, and technology with incisive analysis. When the headlines change by the minute, you can count on us to cut through the noise and serve you clarity on a silver platter.

Continue Reading

Trending

Copyright © All rights reserved. This website offers general news and educational content for informational purposes only. While we strive for accuracy, we do not guarantee the completeness or reliability of the information provided. The content should not be considered professional advice of any kind. Readers are encouraged to verify facts and consult relevant experts when necessary. We are not responsible for any loss or inconvenience resulting from the use of the information on this site.