The 2020 Cymulate Yearly Platform Usage Report

By: Cymulate

Last Updated: December 22, 2024

In cybersecurity, discovering solutions that are both strategic and transformative can make a significant impact. Tools that simplify, accelerate, and optimize a customer’s ability to adapt to evolving threats are essential. These elements help enterprises minimize risks, enable business continuity, and enhance skills across the board. This approach leads to more secure, confident teams and businesses. Continuous Security Validation through Breach and Attack Simulation at Cymulate serves as an ideal example of a game-changing solution.

The impact of such a solution is clear when results are measured tangibly and objectively through direct customer data. That’s why the Cymulate Yearly Platform Usage Report was introduced—an annual review of customer usage and scores, providing a thorough, objective view of how Cymulate transforms security outcomes. Let’s explore how Cymulate strengthens enterprise security and dive into the report’s key findings.

Benefits of Cymulate’s Continuous Security Validation Solution

Continuous Security Validation provides an easy and comprehensive way to assess your dynamically changing environment, manage threats, and reduce risk.

Adapting to Rapid Technological Change

Business demand for digitally-led innovation has driven new technology and best practices, leading to rapid changes within enterprises. From the adoption of cloud computing and automation, DevOps teams now use playbooks to push out thousands of new workloads with a single click. Add to this the complexity of modern enterprise architecture, often a mix of legacy on-premises systems, cloud platforms, and third-party SaaS applications.

This environment is accessible not only to employees but also to vendors, partners, customers, suppliers, and contractors. With the global shift to remote work, employees can now access crucial applications and data from almost anywhere.

Rising Threats from Criminals and Nation-State Actors

Enterprises face a relentless rise in threats from criminal and nation-state attackers who continuously evolve their tactics, techniques, and strategies to maximize the impact and monetization of their attacks. Concerns about crippling costs, compliance violations, reputational damage, and ransomware make cybersecurity a boardroom priority. Recent attacks, like the SolarWinds breach, have heightened awareness of these risks.

Cymulate’s Continuous Security Validation: Comprehensive and Easy-to-Manage

Using Continuous Security Validation, Cymulate offers a comprehensive, easy-to-manage solution that keeps up with these challenges. It enables continuous assessments to track risk, configuration errors, and security gaps. As a cloud-based SaaS solution, Cymulate deploys in minutes and is easy to manage.

The Cymulate Labs team of global cybersecurity experts ensures Cymulate is updated daily with new attack simulations. This constant updating allows customers to continuously validate their environments against the latest threat vectors. Our experts also conduct extensive testing to ensure all simulations are safe and non-disruptive.

Automation for Comprehensive Security Testing

With Cymulate, enterprises can automate the assessment process, evaluating against thousands of attack vectors and techniques that would be too time-consuming to test manually. This results in a healthier enterprise, as remediation is prioritized and executed. Organizations can track their security improvements over time and compare their scores to industry peers.

Enhancing Cybersecurity Skills Across the Organization

Continuous Security Validation strengthens cybersecurity skillsets across both technical and non-technical employees. Given the global shortage of skilled cybersecurity professionals, it is essential to develop existing talent.

  • Senior Staff: Continuous Security Validation provides strategic value by enabling easy configuration of automated, continuous, and safe testing policies. As new threats emerge, daily updates keep senior staff informed and allow them to see immediate effects on security posture.
  • Junior Staff: Cymulate’s tools present a valuable learning opportunity, clearly demonstrating and visualizing threats. The prioritized, prescriptive assessment results accelerate on-the-job learning for junior staff.

Beyond technical teams, these solutions also raise security awareness across the company. Cymulate incorporates phishing campaign capabilities, allowing organizations to safely send test phishing emails, helping all employees learn to recognize and avoid such attacks.

image

Key Report Findings

  • Cymulate used by all customers in a continuous fashion with the average customer incorporating a comprehensive scan a week.

For continuous monitoring to be effective it needs to be done, continuously. Our results show that all our customers did just that with on average each customer doing at least one comprehensive assessment per attack vector per week. This proves that Cymulate was easy to deploy, manage and incorporate into the day-to-day activities of the cybersecurity staff and ensures value was obtained.

  • Where all customers cybersecurity ratings improved, enterprises who used Cymulate more improved more dramatically.

Tracking usage patterns across the customer verticals, we found that the financial sector made up over 51% of all scans done in 2020. Cymulate scores, based on an aggregate score compared against four security frameworks: Mitre Attack Framework, NIST 800-30, CVSS 3 and Microsoft’s version of the DREAD framework. Lower scores being better and meaning less risk: the financial sector who utilized us the most saw a drop from a risk score of 70 in the beginning of the year to a score of 18 by the end of the year.

  • Great improvement seen was in non-technical employee cybersecurity skill sets.

In the past many industry think tanks felt discouraged by the difficulty in getting non-technical professionals educated to avoid pitfalls such as phishing scams. Using third-party companies to run a one-time phishing campaign to educate employees is expensive and not necessarily enough exposure to truly educate your employees. Cymulate, by providing its customers with phishing assessment and testing that is tied to the larger Continuous Security Validation platform and which can be run over the year to continuously educate employees. Next to the financial sectors huge reduction in risk score, Cymulate’s customers saw a dramatic increase in risk reduction in employee’s scores from 66.3 in 2019 to 18.4 by the end of 2020.

  • Cymulate customers ran thousands of tests against ransomware, malware and nation state APT threats. 96% of Cymulate customers tested against Sun Burst.

With 2020 being a challenging year with ransomware and nation state attacks the Cymulate Labs team worked hard to ensure tests for all the latest criminal and APT attacks were added and updated. These tests designed and updated by our experts, when run act like a vaccine for your enterprise – taking a controlled dangerous vector in a safe and controlled manner inoculating the enterprise from an attack in the wild. Usage reports showed our customers wholeheartedly ran an exciting number of these tests in their environments, the highest rate being 96% of our customers running Sunburst backdoor testing of the SolarWinds supply chain attack.

You can find the entire Cymulate Yearly Platform Usage Report and its findings here.

We have truly entered a new era where Continuous Security Validation platforms like Cymulate will provide strategic value to enterprises, shoring up cybersecurity, reducing risk and educating both our cyber security staff and that of our overall employees easily, effectively and comprehensively.

To learn more about Cymulate, top scoring solution in innovation and second highest in growth in Frost & Sullivan’s Global Breach and Attack Simulation Market, 2020 click here.

Subscribe