Study Finds 64% of Enterprises Are Tired of Playing Defense and Are Going on the Attack

Report from Bishop Fox finds a surge in Red Team deployment, with 56% increasing investment over the next 12-24 months
BF 1.png

PHOENIX, June 14, 2023 (GLOBE NEWSWIRE) -- Bishop Fox, the leading authority in offensive security, today announced the results of a study, conducted by the Ponemon Institute, exploring enterprise adoption and use of offensive security tools and techniques to more effectively harden environments and assets. An overwhelming 64% are employing Red Teaming in some capacity, whether building their own internal team, employing external resources, or a combination. Additionally, more than half will increase investment in the function over the next 12-24 months, with nearly a quarter reporting significant increases in Red Teaming.

The report is the result of a survey of nearly 700 respondents in organizations that actively perform offensive security testing and was conducted by the Ponemon Institute. Nearly 70% of the companies comprised organizations of 5,000 employees or more.

The report underscores that despite substantial investments in threat intelligence and defensive technologies, there are levels of persistent exposure that can only be addressed by combining offensive and defensive strategies. It highlights how forward-leaning enterprises are taking matters in their own hands and leveraging attackers’ tactics, techniques and procedures against themselves. This enables them to identify weaknesses and close them down before threat actors discover them, as well as limit the scope of impact of any compromise that subverts defenses.

Other notable findings in the report include:

  • The top three threats driving offensive security investments are ransomware (41%), social engineering (40%), and cloud vulnerabilities (39%)
  • More than half (52%) say employing offensive testing is effective or highly effective in defending against the top 3
  • Nearly half of organizations are planning to conduct Red Team exercises at least monthly, with 26% planning to do so continuously
  • More than half prioritize their Red Team exercises around tabletop exercises (63%), ransomware readiness (55%), and data breach scenarios (51%)
  • Internal Red Teams are already in place, or in planning stages, in 70% of those surveyed

“We are approaching a tipping point in terms of organizational understanding that a wealth of external knowledge regarding the universe of active attackers, threats and vulnerabilities, is much less effective without truly understanding the specific risk and exposure dynamics in your own environment and assets,” said Tom Eston, VP of Consulting and Cosmos for Bishop Fox. “The market has been rapidly expanding to support this trend, and the overwhelming message in this report is a move to ‘full surface’ offensive security investment – from Attack Surface Management, to Red Team, to cloud, application, and product penetration testing and vulnerability assessment. If organizations aren’t complementing their defensive security program with offensive testing, they are, or will soon be, trailing the pack.”

The success of offensive security in combating attacks is driving growth across all offensive security categories, an indication that the market tipping point is fast approaching. These indicators include:

  • Growth in additional offensive security use cases in the last 18 months, including cloud migration (41%), new app releases (40%), and new technology adoption (44%)
  • Additionally, the business drivers that overlay the use cases include improving attack surface visibility (40%), accelerating zero day response (42%), and meeting compliance and regulatory requirements (42%)
  • Finally, 62% of respondents express confidence or high confidence in their ability to identify assets and exposures

About Bishop Fox

Bishop Fox is the leading authority in offensive security, providing solutions ranging from continuous penetration testing, red teaming, and attack surface management to product, cloud, and application security assessments. We’ve worked with more than 25% of the Fortune 100, half of the Fortune 10, eight of the top 10 global technology companies, and all of the top global media companies to improve their security. Our Cosmos platform, service innovation and culture of excellence continue to gather accolades from industry award programs including Fast Company, Inc., SC Media, and others, and our offerings are consistently ranked as “world class” in customer experience surveys. We’ve been actively contributing to and supporting the security community for almost two decades and have published more than 16 open-source tools and 50 security advisories in the last five years.

Learn more at or follow us on Twitter.

About Carrick Capital Partners
Who We Are
A firm of enterprise software, SaaS, and technology enabled services investors and operating executives with substantial experience founding, scaling, and optimizing market leading businesses.
Our Approach
We work with management to identify and improve critical areas of their business - focusing on the priorities that align with our experiences and that will deliver the highest strategic impact in both the short-term and long-run.
Why We Are Different
We have a concentrated number of companies in our portfolio so that we can build substantial relationships with each management team and ensure our firm's commitment to each company's goals.
Latest News
Screenshot 2023-09-28 195502.png
Can you explain exactly what LegalSifter does and what problem it solves?
September 28, 2023
Screenshot 2023-09-18 064231.png
Strengthens Market Position and Expands Reach
September 25, 2023
Screenshot 2023-09-18 064231.png
Becomes Full-Lifecycle Provider of AI-Enabled Contract Software and Services
September 18, 2023