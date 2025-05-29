Survey Finds Zero-Day Threats and Compliance Failures Driving Vendor Selection

Evolving vulnerability exploitations and high-profile data breaches are fueling decisions.

May 29, 2025
Computer Crime Concept 516607038 2125x1416 (1)

Kiteworks recently unveiled some interesting findings from its Data Security and Compliance Buyer Behavior Survey. The study offers insight on why regulated industries are gravitating toward a Private Data Network as their solution of choice for mission-critical security and compliance challenges.

The Survey found that security is the dominant factor in vendor selection decisions. This focus on security comes at a critical time, as Google's 2024 Zero-Day Exploitation Analysis Report found that 44 percent of zero-day vulnerabilities targeted enterprise data exchange systems, such as Managed File Transfer (MFT) platforms. 

Additional findings show that organizations are increasingly prioritizing regulatory compliance capabilities when selecting vendors, with 31 percent of respondents identifying compliance as a decisive factor in their final vendor selection. This focus is driven by the need to navigate complex regulations like GDPR, HIPAA, CMMC 2.0, the EU Data Act, and the EU AI Act. The importance of compliance is further highlighted by several key findings:

  • 56 percent of respondents rate security certifications as "extremely important" during the vendor discovery phase.
  • More than half struggle to obtain adequate security information during vendor evaluations.
  • 63 percent of respondents actively seek detailed security and compliance information before even engaging with potential vendors.
  • Nearly one-quarter reject vendors over security concerns often tied to compliance failures.

Kiteworks addresses these pain points with a robust compliance framework, including FedRAMP Moderate Authorized, FedRAMP High Ready, SOC 2 Type II, ISO 27001, ISO 27017, ISO 27018, and IRAP validations, ensuring seamless adherence to global standards.

As threats continue to evolve, the need for unified compliance solutions becomes even more critical. This trend aligns with the Verizon 2025 Data Breach Investigations Report, which shows third-party breaches have doubled to 30 percent, particularly through attacks on legacy file sharing and transfer solutions.

Kiteworks' own annual survey reinforces this concern, finding nearly 60 percent of organizations lack comprehensive governance tracking and controls for their third-party data exchanges. Meanwhile, vendor reputation and stability remain key factors, with nearly two-thirds of respondents prioritizing these attributes during the vetting process, including 30 percent indicating vendor stability as a high priority.

Integration Capabilities Enhance Value

While security and compliance form the foundation of vendor selection, the survey reveals that practical implementation concerns also heavily influence buying decisions. Seamless integration capabilities prove critical for customer satisfaction and long-term success, with 42 percent of survey respondents identifying integration capabilities as a key value driver.

The importance of this factor is further emphasized by the 39 percent of respondents who reported eliminating potential vendors from consideration specifically due to inadequate integration capabilities.

"Customers demand solutions that deliver robust security and compliance without sacrificing usability or integration capabilities," said Tim Freestone, Chief Marketing Officer at Kiteworks. "The survey confirms what we hear directly from our customers in regulated industries—that organizations need a unified approach to private data security that addresses the full spectrum of security threats while simplifying compliance and seamlessly integrating with existing workflows. This is precisely why our Private Data Network continues to be the preferred choice for organizations that can't afford to compromise on data protection."

Latest in Cybersecurity
Today in Manufacturing Podcast
Sponsored
Today in Manufacturing Podcast
May 1, 2025
Computer Crime Concept 516607038 2125x1416 (1)
Survey Finds Zero-Day Threats and Compliance Failures Driving Vendor Selection
May 29, 2025
Financial Cyber
The $100 Infostealer Threat That is Devastating Companies
May 29, 2025
Soc
Research Shows Cybersecurity Driving Manufacturing Growth
May 28, 2025
Related Stories
Phishing Tadamichi
Cybersecurity
Research Finds Training Produces Huge Reductions in Phishing Attack Success
Financial Cyber
Cybersecurity
The $100 Infostealer Threat That is Devastating Companies
Soc
Cybersecurity
Research Shows Cybersecurity Driving Manufacturing Growth
Today in Manufacturing Podcast
Sponsor Content
Today in Manufacturing Podcast
More in Cybersecurity
Today in Manufacturing Podcast
Sponsored
Today in Manufacturing Podcast
Today in Manufacturing has a new podcast brought to you by the editors of Industrial Media. In each episode, we discuss the five biggest stories in manufacturing, and the implications they have on the industry moving forward.
May 1, 2025
Financial Cyber
Cybersecurity
The $100 Infostealer Threat That is Devastating Companies
Insights from the dark web reveal the low cost-high reward dynamics of new data breach attacks.
May 29, 2025
Soc
Cybersecurity
Research Shows Cybersecurity Driving Manufacturing Growth
More are reframing cybersecurity as a core driver of innovation, resilience and productivity.
May 28, 2025
Sbd Vadim Shechkov
Cybersecurity
Embedding Stronger Product and Supply Chain Security
Secure by Design is no longer a technical aspiration - it’s a strategic necessity.
May 28, 2025
Ep139tn
Cybersecurity
Security Breach: 'We've Made Our Own Prison'
Insider threats are creating new attack vectors, but old-school solutions could rise to the challenge.
May 28, 2025
General Cyberattack
Cybersecurity
Scenario-Based OT Solution Preps Industrial Teams
It's designed to upskill red and blue teams with OT-specific, real-world detection and response capabilities.
May 22, 2025
Phishing Tadamichi
Cybersecurity
The Top 4 Developments in Phishing Schemes
The bad guys continue to evolve.
May 22, 2025
Encryption
Cybersecurity
Should Manufacturers Focus on Cybersecurity or Cyber Resilience?
One could be essential for the future of manufacturing.
May 22, 2025
Cybersecurity In A Bubble
Cybersecurity
Why Industrial Edge Cybersecurity Demands a Fresh Approach
Vulnerabilities persist because cybersecurity is an afterthought, rather than embedded from the ground up.
May 22, 2025
Coding
Cybersecurity
Shoring Up Digital Trust in Manufacturing: From DMARC Awareness to Full Protection
While most have this email guidance in place, the actual protection rate is significantly lower.
May 22, 2025
Us Binary Flag Mirsad Sarajlic
Cybersecurity
CISA Warns of New Threats Targeting U.S. Industrial Sector
Bad actors include a highly volatile infostealer, and cyber espionage schemes targeting support for Ukraine.
May 22, 2025
A bus passes a branch of Marks and Spencer in London, Tuesday, Aug. 18, 2020.
Cybersecurity
Retailer Says Cyberattack Will Cost $400 Million
And disruptions are ongoing.
May 22, 2025
Smishing Attack Fran Rodriguez
Cybersecurity
Cybercriminals Are Having More Success with Low-Tech, Human-Centric Attacks
The manufacturing sector remains the most targeted sector in the email threat landscape.
May 15, 2025
Hacking Alarm
Cybersecurity
The Pros and Cons of Implementing a Bug Bounty Program
While not new, the approach is gaining traction.
May 15, 2025
Soc
Cybersecurity
Building a Cybersecurity-First Culture in U.S. Manufacturing
Nation-state threats and AI tools have made it vital to embed cybersecurity into workplace culture.
May 15, 2025