While 9 in 10 security leaders feel prepared for an attack, a new “Trust Gap” report from Axonius finds only 25% actually trust their own data, leading to slow remediation and delays in AI adoption
NEW YORK and LAS VEGAS, Aug. 04, 2025 (GLOBE NEWSWIRE) -- BLACK HAT USA 2025 -- A stark disconnect between cybersecurity confidence and the reality of security data is leaving organizations exposed, according to a new report released today. A recent study reveals that while 90% of cybersecurity leaders say their organization is prepared to take immediate action on a vulnerability, only a quarter of them (25%) trust all the data in their own security tools.
This fundamental “Trust Gap” is the central finding of The Trust Factor: How Trusted Data Drives Smarter Vulnerability and Exposure Management, a new research report commissioned by Axonius, the global leader in cyber asset intelligence. The study, which surveyed 500 U.S. director-level and above cybersecurity and IT leaders from companies with over 500 employees, found this data trust deficit (due to dirty data) directly impacts performance. Looking closer at the 1 in 4 leaders who mistrust their security data, they cite inconsistent data (36%), incomplete data (34%), and inaccurate data (33%) as the primary reasons.
“Many organizations mistakenly believe they have a clear picture of their security posture, but that confidence often rests on flawed or what some call ‘dirty data’—information that’s incomplete, inaccurate, or out of date,” said Ryan Knisley, chief product strategist at Axonius. “Effective exposure management depends on reliable, trustworthy data. No amount of automation or AI integration can make up for a broken data foundation. Until that gap is addressed, the risk of a serious breach only grows.”
Industry analysts agree that this data integrity issue is a primary obstacle to security modernization.
“The CISOs we talk to are investing heavily in automation and AI, but it is unclear how many of these projects will actually deliver on their promise,” said Andrew Braunberg, principal analyst, Omdia. “The reason is simple: AI algorithms are only as good as the data they’re fed. A single, credible view of all assets and their exposures is critical for organizations to train accurate, predictive, and up-to-date models.”
Key findings from the report include:
- Execution Lags Behind Confidence: Despite feeling prepared, 4 in 5 organizations (81%) take more than 24 hours to remediate a critical vulnerability or (80%) exposure, giving attackers a wide-open window to exploit security weaknesses. This is compounded by key operational challenges, including difficulty with prioritization and risk assessment (29%), and a lack of integration between security tools (27%).
- CTEM Adoption is a Priority, But Faces Hurdles: While 58% of organizations report having adopted a Continuous Threat Exposure Management (CTEM) framework to become more proactive, they face significant challenges. The top obstacles include integrating CTEM tools across platforms (38%), measuring ROI (35%), and automating remediation (34%).
- AI’s Potential is Hindered by Bad Data: Organizations are eager to use AI and automation for tasks like automated patching (42%) and AI-driven risk prioritization (40%). However, the top challenge to incorporating these technologies is integration issues with existing systems (38%)—a problem rooted in a weak data foundation.
“The industry is chasing the promise of proactive, predictive security, but you can't predict threats if your view of the battlefield is a mirage,” continued Knisley. “The path forward requires a real commitment to establishing the right context: a consolidated view across environments for what exists in an environment and how it’s exposed. Only then can teams close the gap between feeling ready and actually being ready, enabling them to preemptively tackle threats and build lasting cyber resilience.”
To download the full report, The Trust Factor: How Trusted Data Drives Smarter Vulnerability and Exposure Management, please visit https://www.axonius.com/resources/vulnerability-exposure-management-report.
Visit Axonius at Black Hat USA 2025
Axonius will present research findings and demonstrate the Axonius Asset Cloud at Black Hat USA 2025 from Aug. 6–7. To learn more and see live demos, visit the Axonius team at Booth #3051.
About the Study
The study was commissioned to understand how organizations are managing vulnerabilities and exposures in a complex, modern IT environment. A key underlying issue is that data is often scattered across siloed systems, preventing a single, credible view of assets, vulnerabilities, and their business context.
Team LEWIS Research conducted an online survey of 500 security and IT leaders (400 cybersecurity professionals and 100 IT professionals). Respondents were in the United States and held titles of director-level or above at organizations with more than 500 employees. All respondents had decision-making authority for security and/or IT-related decisions. Data was collected in the first and second calendar quarter of 2025.
About Axonius:
Axonius transforms asset intelligence into intelligent action. With the Axonius Asset Cloud, customers preemptively tackle high-risk and hard-to-spot threat exposures, misconfigurations, and overspending. The integrated platform brings together data from every system in an organization’s IT infrastructure to optimize mission-critical risk, performance, and cost measures via actionable intelligence.
Covering cyber assets, software, SaaS applications, identities, vulnerabilities, infrastructure, and more, Axonius is the one place to go for Security, IT, and GRC teams to continuously drive actionability across the organization. Cited as one of the fastest-growing cybersecurity startups, with accolades from CNBC, Forbes, and Fortune, Axonius supports millions of assets for leading customers across industries and around the world.
Bring truth to action with Axonius. Learn more at www.axonius.com.
Media Contact:
press@axonius.com
Source(s) : Axonius Inc.
