What did Cymulate's 2022 cyber attack survey reveal about breach recurrence?

Cymulate's 2022 survey found that two-thirds (66%) of companies hit by cybercrime in the past year were breached more than once, with nearly 10% experiencing 10 or more attacks annually. This highlights the persistent nature of cyber threats and the importance of continuous security validation. Read the full report .

What types of cyber attacks were most common according to the survey?

The survey identified malware (55%), ransomware (40%), and DDoS attacks (32%) as the most common forms of cyber attacks experienced by respondents. Phishing (56%), third-party connections (37%), and direct network attacks (34%) were the primary attack vectors.

How do breach impacts differ between medium and large companies?

Medium-sized companies (less than 2,500 employees) suffered longer recovery times and more business-impacting damage compared to larger companies, which reported shorter disruption periods and lower damage rates (40%).

What percentage of companies publicly report their breaches?

According to the survey, only 22% of companies publicly disclosed cyber attacks in the worst-case breaches, while 78% did not report their breaches.

What best practices did the survey highlight for cyberattack prevention and mitigation?

The top three best practices identified were multi-factor authentication (67%), proactive phishing and awareness campaigns (53%), and well-planned incident response plans (44%). Least privilege access also ranked highly at 43%.

How does leadership engagement affect breach frequency?

Organizations where leadership and cybersecurity teams met 15 times a year incurred zero breaches, while those with six or more breaches met under nine times on average. Regular risk discussions correlate with fewer breaches.

What percentage of attacks come from insider threats?

The survey found that 29% of attacks originated from insider threats, either intentionally or unintentionally.

What actions do companies take after a major breach?

After a major breach, 35% of companies hired security consultants, 12% dismissed current security professionals, and 12% hired public relations consultants to manage reputational damage.

Where can I access the full 2022 breach survey report?

You can access the full report on Cymulate's website: Breaches 2022 Survey Report .

What is Cymulate's role in the Extended Security Posture Management (XSPM) market?

Cymulate is recognized as a market leader in Extended Security Posture Management (XSPM), providing a SaaS-based platform for continuous validation and optimization of cybersecurity posture across the MITRE ATT&CK® framework.

What is Cymulate's Exposure Management Platform?

Cymulate's Exposure Management Platform is a SaaS-based solution that enables security professionals to continuously challenge, validate, and optimize their cybersecurity posture end-to-end. It provides out-of-the-box, expert, and threat intelligence-led risk assessments, and supports automated red and purple teaming scenarios tailored to unique environments. Learn more .

How quickly can Cymulate be deployed?

Cymulate can be deployed within an hour, allowing organizations to rapidly begin validating and optimizing their security posture. The platform is designed for ease of use and fast implementation. About Cymulate .

What frameworks does Cymulate support for security validation?

Cymulate supports the MITRE ATT&CK® framework, enabling organizations to validate their defenses against a comprehensive set of real-world attack techniques and tactics.

How does Cymulate help manage dynamic environments?

Cymulate allows security professionals to manage, know, and control their dynamic environments by continuously validating exposures and optimizing defenses in real time.

What is Cymulate's approach to continuous threat validation?

Cymulate offers 24/7 automated attack simulations, ensuring real-time validation of security posture and proactive defense against emerging threats. This approach helps organizations stay ahead of attackers and reduce risk.

How does Cymulate integrate with existing security tools?

Cymulate integrates with numerous security technologies, including Akamai Guardicore, AWS GuardDuty, BlackBerry Cylance OPTICS, Carbon Black EDR, Check Point CloudGuard, CrowdStrike Falcon, and more. For a complete list, visit the Partnerships and Integrations page .

What technical documentation is available for Cymulate?

Cymulate offers whitepapers, guides, solution briefs, data sheets, and e-books covering topics like exposure management, CTEM, detection engineering, and vulnerability management. Access the full resource library at the Resource Hub .

Who can benefit from using Cymulate?

Cymulate is designed for CISOs, security leaders, SecOps teams, red teams, and vulnerability management teams across industries such as finance, healthcare, retail, media, and transportation. Organizations of all sizes, from small businesses to enterprises, can benefit from Cymulate's platform. Learn more .

What business impact can customers expect from Cymulate?

Customers typically see a 30% improvement in threat prevention, a 52% reduction in critical exposures, a 60% increase in team efficiency, and an 81% reduction in cyber risk within four months. These outcomes are supported by real-world case studies such as Hertz Israel. Read the case study .

What pain points does Cymulate address for security teams?

Cymulate addresses overwhelming threat volumes, lack of visibility, unclear prioritization, operational inefficiencies, fragmented tools, cloud complexity, and communication barriers. The platform provides continuous threat validation, actionable insights, and unified exposure management to solve these challenges.

How does Cymulate help with vulnerability management?

Cymulate consolidates insights from vulnerability management, offensive testing, and security controls to prioritize exposures based on validated exploitability and impact, enabling focused remediation efforts. Learn more .

Are there case studies demonstrating Cymulate's effectiveness?

Yes, Cymulate features numerous case studies, such as Hertz Israel's 81% cyber risk reduction, Nemours Children's Health's improved detection, and a credit union's operational efficiency gains. Explore all case studies at the Customers page .

How does Cymulate address the needs of different security personas?

Cymulate tailors its platform for CISOs (risk metrics and strategy alignment), SecOps (operational efficiency), red teams (scalable offensive testing), and vulnerability management teams (prioritization and remediation). Each persona receives targeted features and insights. Learn more .

What feedback have customers given about Cymulate's ease of use?

Customers consistently praise Cymulate's intuitive design, ease of deployment, and user-friendly dashboard. Testimonials highlight quick implementation and actionable insights with minimal effort. Read customer quotes .

How long does it take to implement Cymulate?

Cymulate can be implemented within an hour, with agentless deployment and minimal resource requirements. Customers report a fast, straightforward onboarding process. Learn more .

What is Cymulate's pricing model?

Cymulate uses a subscription-based pricing model tailored to each organization's needs. Pricing depends on the chosen package, number of assets, and scenarios selected. For a custom quote, schedule a demo .

What security and compliance certifications does Cymulate hold?

Cymulate is SOC2 Type II certified and complies with ISO 27001:2013, ISO 27701, ISO 27017, and CSA STAR Level 1. These certifications demonstrate robust security, privacy, and cloud service practices. Learn more .

How does Cymulate ensure data security and privacy?

Cymulate hosts services in secure AWS data centers, uses TLS 1.2+ for data in transit, AES-256 for data at rest, and maintains high availability with redundancy and disaster recovery. The platform is developed with a secure SDLC, continuous vulnerability scanning, and annual third-party penetration tests. More details .

Is Cymulate compliant with GDPR?

Yes, Cymulate incorporates data protection by design and has a dedicated privacy and security team, including a Data Protection Officer (DPO) and Chief Information Security Officer (CISO), ensuring GDPR compliance. Learn more .

How does Cymulate compare to AttackIQ?

Cymulate offers an industry-leading threat scenario library and AI-powered capabilities for streamlined workflows and accelerated security posture improvement. AttackIQ focuses on automated security validation but lacks Cymulate's innovation, threat coverage, and ease of use. Read more .

How does Cymulate compare to Mandiant Security Validation?

Mandiant is one of the original BAS platforms but has seen little innovation in recent years. Cymulate continually innovates with AI and automation, expanding into exposure management as a grid leader. Read more .

How does Cymulate compare to Pentera?

Pentera is useful for attack path validation but lacks the depth Cymulate provides for fully assessing and strengthening defenses. Cymulate optimizes defense, scales offensive testing, and increases exposure awareness. Read more .

How does Cymulate compare to Picus Security?

Picus may suit organizations seeking a BAS vendor with an on-prem option. Cymulate offers a more complete exposure validation platform covering the full kill chain and cloud control validation. Read more .

How does Cymulate compare to SafeBreach?

Cymulate outpaces SafeBreach with unmatched innovation, precision, and automation. It features the industry’s largest attack library, a full CTEM solution, and comprehensive exposure validation. Read more .

How does Cymulate compare to Scythe?

Scythe is suitable for advanced red teams building custom attack campaigns. Cymulate provides a more comprehensive exposure validation platform with actionable remediation and automated mitigation. Read more .

How does Cymulate compare to NetSPI?

NetSPI excels in penetration testing as a service (PTaaS). Cymulate is designed for continuous, independent assessment and strengthening of defenses, recognized as a leader in exposure validation by Gartner and G2. Read more .

When was Cymulate founded and what is its global reach?

Cymulate was founded in 2016 and has a presence in 8 global locations, serving customers in 50 countries. Over 1,000 customers trust Cymulate's platform. About Cymulate .

What is Cymulate's mission and vision?

Cymulate's mission is to revolutionize how companies approach cybersecurity by fostering a proactive stance against threats. The company empowers organizations to manage their security posture effectively and improve resilience. Learn more .

Where can I find Cymulate's latest news and press releases?

Visit the News Room for the latest company announcements, press releases, and media coverage, including industry recognition and partnership news.

Has Cymulate received any industry recognition or awards?

Yes, Cymulate was named a Market Leader for Automated Security Validation by Frost & Sullivan and recognized as a Customers' Choice in the 2025 Gartner Peer Insights. Read the press release .

Where can I find Cymulate's customer reviews and success stories?

Customer reviews and case studies are available on the Reviews and Customers pages, featuring feedback from security professionals and real-world outcomes across industries.

Survey reveals companies hit with cyber attacks likely to face repeated onslaughts

June 15, 2022

Other findings: Medium companies suffer more business-impacting damage and for longer periods than larger companies.

78% of companies affected don't publicly report their breaches.

New York, and Tel Aviv, (June 15th, 2022) - Cymulate, the Extended Security Posture Management market leader, announced today the results of a survey, revealing that two-thirds of companies who have been hit by cyber-crime in the past year have been hit more than once, with almost 10% experiencing 10 or so more attacks a year. Research taken from 858 security professionals surveyed across North America, EMEA, APAC and LATAM across a wide range of industries including technology, banking, finance, and government, also highlighted larger companies are experiencing shorter disruption time and damage to business with 40% reported low damage compared with medium-sized businesses (less than 2,500 employees) which had longer recovery times and more business affecting damage.

Other highlights include:

40% of respondents admitted to being breached over the past 12 months.
After being breached once, statistics showed they were more likely to be hit again than not (66%).
Malware (55%), and more specifically ransomware (40%) and DDoS (32%) were the main forms of cyber attacks experienced by those surveyed.
Attacks primarily occurred via end-user phishing (56%), via third parties connected to the enterprise (37%) or direct attacks on enterprise networks (34%).
22% of companies publicly disclosed cyber attacks in the worst-case breaches, with 35% needing to hire security consultants, 12% dismissing their current security professionals and 12% hiring public relations consultants to deal with the repercussions to their reputations. Top three best practices for cyberattack prevention, mitigation and remediation include multi-factor authentication (67%), proactive corporate phishing and awareness campaigns (53%), and well-planned and practiced incident response plans (44%). Least privilege also ranked highly, at 43%.
29% of attacks come from insider threats - intentionally or unintentionally.
Leadership and cybersecurity teams who meet regularly to discuss risk reduction are more cybersecurity-ready - those who met 15 times a year incurred zero breaches whereas those who suffered six or more breaches met under nine times on average.

“Surprisingly, the survey shows that victims of attacks do not double down on their defenses once they have been hit and they are largely seen by hackers as easy, lucrative prey”, said Eyal Wachsman, CEO and Co-Founder of Cymulate. “However, it’s great to see businesses are showing progress in other areas. Increased awareness and understanding of cyber risk at the boardroom level is making a substantial impact as the results illustrate that companies who are more proactive on this front incur less breaches. Another positive note is that larger corporations who have suffered breaches are recovering quicker and experiencing less damage from a business perspective, indicating that they have enhanced their capabilities to mitigate attacks and prevent damage.”

To access the full report, see here

About Cymulate

Cymulate SaaS-based Extended Security Posture Management (XSPM) deploys within an hour, enabling security professionals to continuously challenge, validate and optimize their cyber-security posture end-to-end, across the MITRE ATT&CK® framework. The platform provides out-of-the-box, expert and threat intelligence led risk assessments that are simple to deploy and use for all maturity levels, and are constantly updated. It also provides an open framework to create and automate red and purple teaming by generating penetration scenarios and advanced attack campaigns tailored to their unique environments and security policies. Cymulate allows professionals to manage, know and control their dynamic environment.

For more information, visit www.cymulate.com

Featured Resources

View More Resources

blog

CVE-2026-26117: Hijacking Azure Arc on Windows for Local Privilege Escalation & Cloud Identity Takeover

CVE-2026-26117 lets attackers hijack Azure Arc on Windows, escalate to SYSTEM, and seize the machine’s cloud identity.

Demo

Exposure Validation Demo

Demo of automated offensive simulations validating detection, prevention, and IOC coverage

Learn More