The past 12 months have seen a rapid cycle of innovation and adoption of new technologies. Powerful new identities, attack surfaces and methods are creating a rapidly changing cyber security threat landscape, making it even more complex and causing a broadening of the focus on risk mitigation. CyberArk’s new study shows increased ownership of devices and increasing reliance on third-party providers and fourth-party companies deepens existing threats and creates new vulnerabilities.
The CyberArk 2024 Identity Security Threat Landscape Report, surveyed 2,400 identity-related cybersecurity professionals and decision makers in 18 countries to provide in-depth insights into the evolving threat landscape. The report reveals that an overwhelming majority (93%) of organizations have experienced two or more breaches due to identity-related cyber attacks. These organizations expect the total ownership value to increase more than 2.4 times in the next 12 months.
Several factors are contributing to these identity-based attacks, including the increasing volume and sophistication of cyberattacks by both skilled and unskilled bad actors using generative AI (GenAI) to augment their attacks. These malicious actors are targeting an already complex and expanding digital ecosystem, using unsecured identities to gain access to their victims’ sites. To that end, the report finds that nearly all organizations (99%) affected by identity-related attacks experience negative business impacts.
The dangers of GenAI
GenAI, of course, is not new to organizations or bad actors. In fact, 99% of organizations are using AI-powered tools in their cybersecurity programs, while bad actors are using GenAI to increase the volume and sophistication of their attacks. As a result, 93% of organizations expect a negative impact from AI, anticipating an increase in AI-enhanced malware, phishing and data breaches. In the past 12 months, nine out of 10 organizations have experienced a breach due to phishing or vishing attacks. As AI-powered cyberattacks become more difficult to detect, the potential for a widespread organizational breach increases.
Deeper videos and audio produced by GenAI are becoming increasingly difficult to perceive. However, in the B2B world, more than 70% of respondents are confident that their employees can identify fake content from their organization’s leaders. These details suggest complacency among respondents, which may be fueled by the illusion of control, the fallacy of planning – or just human hope. The full extent of the potential damage that GenAI-augmented attacks can do and the cumulative damage of compromising data models protecting GenAI remains unknown, and our vulnerability to it may be greater than we realize. These responses emphasize the need to plan for future advanced attacks and invest in protecting the data models used by machine intelligence and extending strong governance to this new AI identity.
A new era: The rise of machines
Nearly half of the 2,400 cyber security professionals surveyed expect a three-fold increase in device ownership, particularly less secure and more vulnerable, to drive this growth. Continued efforts to automate at scale and ubiquitous cloud computing are fueling the proliferation of vulnerable machine ownership. The increase in the total number of such identities is neither new nor surprising. However, what is surprising (and concerning) is that almost two-thirds (61%) of the surveyed organizations have a very narrow definition of “privileged user,” which applies only to a person’s identity with access to sensitive data.
CyberArk
This definition contradicts the observations of the respondents, almost three quarters (68%) indicate that up to 50% of all machine indicators have access to sensitive data.
However, their organization’s definition of “privileged user” reveals a large loophole that excludes device ownership. Organizations report that they are primarily focused on human ownership, which is a cause of concern for machine ownership. They also report that a security incident requires significant manual effort to fix or fix.
Chain Reaction: Third and fourth party risks
The report also highlights the lack of strong focus on merchant risk management despite the growing web of our digital ecosystem. In the next 12 months, 84% of organizations plan to hire three or more cloud service providers (CSPs), and projections show 89% annual growth in the number of SaaS applications, compared to 67% by 2023.
It’s important to understand that your network of third-party providers extends beyond CSPs and SaaS providers to include service providers, integrators, hardware and infrastructure providers, business partners, distributors, resellers, telecommunications and other external organizations that enable digital business. Third-party and fourth-party breaches can quickly infiltrate your organization, creating a risk multiplier effect.
The report finds that while 91% of respondents are concerned about third-party risks and 83% about third-party risks, vendor risk management remains a top priority for post-breach investments. It’s important to note that bad actors often use a ‘buy one, get one’ approach, targeting multiple victims with duplicate software supply chains and multi-tenant environment attacks. This means that if bad actors target your third-party or fourth-party suppliers, they can put your organization at risk. Therefore, regular assessment of the seller’s risk and high seller’s accountability are essential. Likewise, this vendor accountability and risk assessment strategy should extend to cybersecurity vendors, too.
Cyber debt: ‘Shiny object’ syndrome and the blind spot
Faced with growing threats, organizations may prioritize adopting the latest technology over basic controls to address cyber security challenges. However, this can lead to the accumulation of cyber debt, where organizations incur huge costs and risks by ignoring the risks involved. These changes in behavior and side effects show the need for consistency across basic and new attack methods and tools. According to the report, critical social engineering attacks such as phishing and phishing remain highly effective, leading to breaches and significant financial losses for nine out of 10 organizations.
Organizations must balance addressing existing weaknesses and embracing new technologies. Despite the complexities and challenges of the future of cyber security, organizations can reduce risk by staying informed and implementing a proactive approach to risk management that is consistent across domains and environments.
Identity security: The key to a strong cybersecurity posture
In today’s fast-paced, challenging world, every established defense becomes a new tower for bad actors to conquer. Our most important advantage against these threats is our ability to collaborate. As Michael Jordan famously said (I’m told…), “Talent wins games, but teamwork and intelligence win championships.” Our collective defense extends beyond our immediate partners to include our entire organization and third-party and fourth-party providers. Protecting all identities in the entire IT environment is so important, a new cyber security model is needed that focuses on identity security. The future of security starts with who you are.
Download the CyberArk 2024 Identity Security Threat Landscape report for full details on navigating the evolving cybersecurity landscape.
Source link