74% of Security Directors in Regulated Industries Say Detection Security Technologies Fall Short

HERNDON, Va.--(BUSINESS WIRE)--Everfox, a global high-assurance cybersecurity leader, have released the CYBER360 Reportⁱ revealing that 74% of IT Security Directors in regulated industries in the US and UK who were surveyed found detection-based security technologies outdated and inadequate.

"New, preventative security strategies and solutions like Hardsec and CDR solutions are a necessity to match the sophistication of today's—and tomorrow's—threats."

Share

Survey respondents validated that the threat landscape is changing. 62% of respondents agree that AI and emerging malicious actor trends are increasing attack sophistication.

Over three-quarters of the IT security directors Everfox polled believe security teams in regulated industries must shift their mindset from detecting threats to preventing them. When looking ahead, the research revealed the top plans and considerations:

• A third (33%) plan to implement Hardsec technology, which uses hardware logic and electronics to implement security functions, dramatically reducing the attack surface.
• Nearly a third (30%) plan to implement Advanced Content Disarm and Reconstruction (CDR) solutions, which sanitize data and files before they enter networks.
• Over a quarter (27%) plan to implement User Activity Monitoring (UAM), a preventative approach to managing insider risks to distinguish between genuine human mistakes and malicious intent.
• 39% cited their inability to keep up with the rapidly evolving threat landscape as the biggest barrier to adopting preventative approaches.
• 36% report stretched budgets are a barrier. This pain point was particularly felt by government organizations, who named it their top obstacle.

“Increasingly sophisticated cyberattacks have unfortunately become the norm and traditional detection-based technologies are unable to keep up. New, preventative security strategies and solutions like Hardsec and CDR solutions are a necessity to match the sophistication of today’s—and tomorrow's—threats,” said Sean Berg, CEO at Everfox.

To see the full set of recommendations for how security teams in regulated industries can overcome these obstacles and find out more about the shift to preventative thinking that is happening in these industries, read the full CYBER360 Report here.

About the research

The CYBER360 Report was published by Everfox on 12/02/2025 and analyzes the survey results from 1,000 security leaders and IT security practitioners across the US and UK in sectors including government, defense, financial services, and healthcare. The report highlights significant dissatisfaction with legacy, detection-based cybersecurity approaches amid increasing cyberattacks, with almost all (97%) highly regulated organizations reporting a cyber incident between October 2023 and 2024.

The survey was conducted in October and November 2024 by Opinion Matters, and 300 senior security leaders and 700 IT security professionals working in heavily regulated industries participated in the survey with a 50/50 split between UK and US respondents.

About Everfox

Everfox, formerly Forcepoint Federal, has been defending the world’s most critical data and networks against the most complex cyber threats imaginable for more than 25 years. As trailblazers in defense-grade, high-assurance cybersecurity, Everfox has led the way in delivering and developing innovative cybersecurity technology. Headquartered in Herndon VA, Everfox’s suite of cross-domain, threat protection and insider risk solutions empower governments and enterprise organizations to use data safely - wherever and however their people need it.

Learn more: www.everfox.com.

ⁱ Everfox. (2025) CYBER360 Report: Proactive Cybersecurity Taking Center Stage.