CRA Study: XDR Poised to Become a Force Multiplier for Threat Detection

Discussion Topics

Organizations continue to grapple with the pace of threat expansion, especially those that evade existing cybersecurity solutions or go undetected for longer than they should. Even under the best of circumstances, security operations can be stretched thin by today’s demands and the siloed nature of security solutions that scatter data and slow productivity.  

To turn the tide, security decision-makers are pinning their hopes on eXtended Detection and Response (XDR), according to new survey findings from CRA Business Intelligence, the research and content arm of cybersecurity information services company CyberRisk Alliance.  

The survey, sponsored by eSentire and Exterro, was conducted in March and April 2022 among 300 IT and cybersecurity decision-makers and influencers from the United States. Respondents represented organizations of all sizes and industries. Survey objectives were to gauge how well security teams are managing detection and response and their readiness for XDR purchases and deployments. 

“Less than 1 in 5 respondents say they are very satisfied with their ability to correlate security data across all products and services — no wonder there’s great interest in XDR platforms,” said Matt Alderman, Executive Vice President at CyberRisk Alliance. “Our latest XDR research reveals only 12% are currently using it, but 77% are likely to invest in XDR in the next two years. Ease of use and price will drive purchasing decisions, but buyers are split on the benefits of open XDR versus closed XDR platforms.”  

Among the survey’s key findings:  

  • The lack of visibility or context from existing security solutions caused 47% of respondents to miss threats at least once in the past 12 months.  
  • Only 17% are very satisfied with their ability to correlate security data across all products and services. Without the ability to see anomalies and/or malicious activities as they occur and across the spectrum of products and services, it’s impossible to catch everything.  
  • Poor visibility into network threats was a significant problem for monitoring employee-owned endpoints, software vendors and third-party partners, with mean visibility scores of 4.6, 4.6, and 4.5 (out of 7), respectively.  
  • While familiarity with XDR is high (70%), current adoption of an XDR platform is relatively low — only 12% of respondents reported using this technology.