siliconindia | | April 20228In FOCUSCYBERARK REPORT: MASSIVE GROWTH OF DIGITAL IDENTITIES IS DRIVING RISE IN CYBERSECURITY DEBTBY si TEAMnew global report released today by CyberArk shows that 79 percent of senior security profes-sionals state that cybersecurity has taken a back seat in the last year in favor of accelerating other digital business initiatives. The CyberArk 2022 Identity Security Threat Landscape Report identifies how the rise of human and machine identities ­ often running into the hundreds of thousands per organization ­ has driven a buildup of identity-related cybersecurity `debt', exposing organizations to greater cybersecurity risk.A Growing Identities ProblemEvery major IT or digital initiative results in increasing interactions between people, applications and processes, creating large numbers of digital identities. If these digi-tal identities go unmanaged and unsecured, they can rep-resent significant cybersecurity risk:Sixty-eight percent of non-humans or bots have ac-cess to sensitive data and assets.The average staff member has greater than 30 digital identities.Machine identities now outweigh human identities by a factor of 45x on average.Eighty-seven percent store secrets in multiple places across DevOps environments, while 80 percent say de-velopers typically have more privileges than necessary for their roles.The 2022 Attack SurfaceSecular trends of digital transformation, cloud migration and attacker innovation are expanding the attack surface. The report delves into the prevalence and type of cyber threats facing security teams and areas where they see elevated risk: Credential access was the number one area of risk for respondents (at 40 percent), followed by defense evasion (31 percent), execution (31 percent), initial access (29 percent) and privilege escalation (27%). Over 70% of the organizations surveyed have experienced ransomware attacks in the past year: two each on average.Sixty-two percent have done nothing to secure their software supply chain post the SolarWinds attack and most (64%) admit a compromise of a software supplier would mean an attack on their organization could not be stopped.Getting Into Cybersecurity DebtSecurity professionals agree that recent organization-wide digital initiatives have come at a price. This price is Cybersecurity Debt: security programs and tools that have grown but not kept pace with what organizations have put in place to drive operations and support growth. APower is one of the most critical components of infrastructure crucial for the economic growth and welfare of a country
< Page 7 | Page 9 >