siliconindia | | April 20229This debt has arisen through not properly managing and securing access to sensitive data and assets, and a lack of Identity Security controls is driving up risk and creating consequences. The debt is compounded by the recent rise in geopolitical tensions, which have already had direct impact on critical infrastructure, highlighting the need for heightened awareness of the physical consequences of cyber-attacks: Seventy-nine percent agree that their organization prioritized maintaining business operations over ensur-ing robust cyber security in the last 12 months.Less than half (48 percent) have Identity Security controls in place for their business-critical applications.Udi Mokady, founder, chairman and CEO, Cyber-Ark: "The past few years have seen spending on digital transformation projects skyrocket to meet the demands of changed customer and workforce requirements. The combination of an expanding attack surface, rising num-bers of identities, and behind-the-curve investment in cybersecurity - what we call Cybersecurity Debt - is ex-posing organizations to even greater risk, which is al-ready elevated by ransomware threats and vulnerabilities across the software supply chain. This threat environ-ment requires a security-first approach to protecting identities, one capable of outpacing attacker innovation."Rohan Vaidya, Regional Director of Sales ­ India, CyberArk said, "Digital transformation is undoubtedly breaking down the traditional barriers that used to pre-vent organisations from remaining competitive and ag-ile within a rapidly evolving business landscape. This, however, comes with an exponential increase in cyber risks. Organisations in India should eliminate these risks by adopting an identity-focused strategy that will secure access for all identities across any application or system from anywhere via any device."What Can Be Done?Push for Transparency: 85 percent say that a Software Bill of Materials would reduce the risk of compromise stemming from the software supply chain.Introduce Strategies to Manage Sensitive Access: The top three measures that most CIOs and CISOs questioned in the survey have introduced (or plan to introduce), each cited by 54% of respondents: real-time monitoring and analysis to audit all privileged session activity; least privilege security / Zero Trust principles on infrastruc-ture that runs business-critical applications; and process-es to isolate business-critical applications from internet-connected devices to restrict lateral movement.Prioritize Identity Security Controls to Enforce Zero Trust Principles: The top three strategic initiatives to reinforce Zero Trust principles are: workload security; Identity Security tools; and data security.
< Page 8 | Page 10 >