New Research Highlights Uncertainty Around XDR Definition, Implementation and Resources Needed
ExtraHop, the leader in cloud-native network intelligence, today released findings from a new report that examines extended detection and response (XDR) adoption in enterprises. The global study highlights the successes, barriers, challenges, and hesitations both Australian and overseas-based organisations are experiencing when deploying or considering an XDR strategy. Despite uncertainty, the research suggests nearly a third of participants believe an XDR strategy goes beyond endpoint detection, with half believing they don’t have the resources for proper implementation.
According to the report, 79% of Australian respondents believe wider adoption of XDR strategies and solutions is critical to mitigating risk and improving resiliency. Further demonstrating this, the majority (73%) have already deployed an XDR strategy at their organisation and another 22% are planning to implement one in the next 12 months.
However, as XDR’s popularity has skyrocketed, confusion about what it is, who benefits from it, and how organisations can successfully implement it is growing.
Key Australian findings from the report include:
Across the board, research indicates general confusion on XDR’s value proposition.
This latest research indicates general confusion about what XDR is and why organisations need it. When asked to define XDR, just 51% of IT leaders could identify the true definition: a strategy for deepening threat visibility and accelerating threat detection and response by correlating endpoint data with higher fidelity network telemetry and other data sources.
IT leaders agree that XDR goes beyond the endpoint.
When discussing the different building blocks in their XDR tech stacks, there were a wide variety of answers. However, around a quarter of IT decision makers with XDR saw network detection and response (NDR) (26%) and security information and event management (SIEM) (29%) as top components to their strategy.
XDR is incorrectly perceived as a resource-heavy solution.
According to the research, 26% of respondents believe that using XDR would require an organisation to overhaul or replace components of its current network security strategy and solutions. Another 49% believe they don’t have enough staff or in-house expertise to oversee implementation.
Additional Asia Pacific Region findings include:
- Across the Asia Pacific region as a whole, though nearly a quarter of enterprises plan to implement an XDR strategy this year, there is some distrust of XDR vendors and confusion about the benefits of XDR beyond consolidation of tools under a single vendor.
- Most IT decision makers in the Asia Pacific region describe themselves as familiar with XDR (95%), yet a third (33%) incorrectly see XDR as a cybersecurity solution that consolidates solutions like SIEM and NDR under a single vendor, the most of any region.
- Nearly a quarter in the Asia Pacific are planning to implement an XDR strategy in the next 12 months (22%), while 71% are currently using XDR, on par with IT leaders globally.
- Nearly a quarter of those without XDR (23%) say lack of trust for XDR providers is a barrier to getting it, compared to 17% globally.
“As the buzz around XDR skyrocketed in 2022, single-vendor solutions muddied the waters when it came to explaining what it is and how it works,” said Jeff Costlow, CISO at ExtraHop. “XDR is not a single solution – it’s a strategy that allows security teams to choose the best products for their organisation without the fear of vendor lock-in. The key to XDR success lies in strong, purpose-built integrations that take the tools in your tech stack today to offer complete end-to-end visibility that will help stop sophisticated attacks in their tracks.”
Download the full report: To Achieve the Promise of XDR, Look Beyond the Endpoint
This survey was conducted by Wakefield Research.