Due to companies’ increased focus on digital initiatives, their attention on cybersecurity is being reduced, which is alarming. According to the Identity Security Threat Landscape Report by CyberArk, an identity security company, 79% of senior security professionals state that cybersecurity has taken a back seat in the last year in favor of accelerating other digital business initiatives.
There is a consensus among the majority of the respondents that their organization prioritized maintaining business operations over ensuring robust cyber security in the last 12 months. The report adds that less than half (48%) have Identity Security controls in place for their business-critical applications.
The report is worrying and throws a surprise because the success of most digital initiatives is interweaved with trust and robust security practices. In the new hybrid workspace culture, as organizations accelerate the adoption of cloud, advanced analytics, and AI/ML, the risks of cyber attacks have grown manifold. The rise of human and machine identities ? often running into the hundreds of thousands per organization ? has driven a buildup of identity-related cybersecurity “debt,” exposing organizations to greater cybersecurity risk.
Top cyber security concerns
Across all organizations, phishing, ransomware, and crypto-jacking threats are emerging as top concerns. According to CyberArk, in the age of increased interactions between people, applications, and processes, the digital identity of every staff member is growing in large numbers. For instance,
- Sixty-eight percent of non-humans or bots have access to sensitive data and assets.
- The average staff member has greater than 30 digital identities.1
- Machine identities now outweigh human identities by a factor of 45x on average.
- Eighty-seven percent store secrets in multiple places across DevOps environments, while 80% say developers typically have more privileges than necessary for their roles
And if the above digital identities go unmanaged and unsecured, this can cause significant cybersecurity risk. The report delves into the prevalence and type of cyber threats facing security teams and areas where they see elevated risk:
- Credential access was the number one area of risk for respondents (at 40%), followed by defense evasion (31%), execution (31%), initial access (29%), and privilege escalation (27%).2
- Over 70% of the organizations surveyed have experienced ransomware attacks in the past year: two each on average.
- Sixty-two percent have done nothing to secure their software supply chain post the SolarWinds attack, and most (64%) admit a compromise of a software supplier would mean they cannot stop an attack on their organization.
Security professionals agree that recent organization-wide digital initiatives have come at a price. This price is Cybersecurity Debt: security programs and tools that have grown but not kept pace with what organizations have put in place to drive operations and support growth. This debt has arisen through not properly managing and securing access to sensitive data and assets, and a lack of Identity Security controls is driving up risk and creating consequences.
The debt is compounded by the recent rise in geopolitical tensions, which have already had direct impact on critical infrastructure, highlighting the need for heightened awareness of the physical consequences of cyber-attacks.
What can be done?
- Push for Transparency: 85% say that a software bill of materials would reduce the risk of compromise stemming from the software supply chain.
- Introduce strategies to manage sensitive access: The top three measures that most CIOs and CISOs questioned in the survey have introduced (or plan to introduce), each cited by 54% of respondents: real-time monitoring and analysis to audit all privileged session activity; least privilege security / Zero Trust principles on infrastructure that runs business-critical applications; and processes to isolate business-critical applications from internet-connected devices to restrict lateral movement.
- Prioritize identity security controls to enforce zero trust principles: The top three strategic initiatives to reinforce Zero Trust principles are: workload security, Identity Security tools, and data security.