Less than half of IT bosses know XDR, but 4 in 5 agree it is needed

A new research from ExtraHop found uncertainty around the definition of XDR (extended detection and response), even if implementation and resources are needed.

Commissioned by ExtraHop, Wakefield Research surveyed a large group of IT decision makers to to understand their current and future plans to implement an XDR strategy, their perceptions of the value of XDR and required capabilities, and obstacles to adoption.

Despite uncertainty, nearly a third of participants believe an XDR strategy goes beyond endpoint detection, with over half believing they don’t have the resources for proper implementation.

Findings show that 78% of respondents believe wider adoption of XDR strategies and solutions is critical to mitigating risk and improving resiliency. 

Further demonstrating this, the majority (72%) have already deployed an XDR strategy at their organization and another 20% are planning to implement one in the next 12 months.

However, as XDR’s popularity has skyrocketed, confusion about what it is, who benefits from it, and how organizations can successfully implement it is growing.

Results also show that across the board, research indicates general confusion on XDR’s value proposition.

When asked to define XDR, only 47% of IT leaders could identify the true definition — a strategy for deepening threat visibility and accelerating threat detection and response by correlating endpoint data with higher fidelity network telemetry and other data sources.

Also, IT leaders agree that XDR goes beyond the endpoint. When discussing the different building blocks in their XDR tech stacks, there were a wide variety of answers. 

However, nearly a third of IT decision makers with XDR saw network detection and response (NDR) (32%) and security information and event management (SIEM) (31%) as top components to their strategy.

Further, XDR is incorrectly perceived as a resource-heavy solution, with 24% of respondents believe that using XDR would require an organisation to overhaul or replace components of its current network security strategy and solutions. Another 56% believe they don’t have enough staff or in-house expertise to oversee implementation.

“As the buzz around XDR skyrocketed in 2022, single-vendor solutions muddied the waters when it came to explaining what it is and how it works,” said Jeff Costlow, CISO at ExtraHop. 

“XDR is not a single solution – it’s a strategy that allows security teams to choose the best products for their organization without the fear of vendor lock-in,” said Costlow. “The key to XDR success lies in strong, purpose-built integrations that take the tools in your tech stack today to offer complete end-to-end visibility that will help stop sophisticated attacks in their tracks.”