CIO Influence
CIO Influence News Cloud Security

XM Cyber Research Finds Small Number of Exposures Put More Than 90% of Critical Assets at Risk

XM Cyber Research Finds Small Number of Exposures Put More Than 90% of Critical Assets at Risk

XM Cyber, the leader in hybrid cloud security, released the findings of its second annual research report, Navigating the Paths of Risk: The State of Exposure Management. Produced in collaboration with the Cyentia Institute, the report found that 75 percent of security exposures do not put organizations’ critical assets at risk. However, while most of these exposures are not particularly relevant to an organization, there are a minimal amount of exposures that put more than 90 percent of their critical assets at risk.

With advanced tooling, modern security teams are faced with an overwhelming volume of exposures to validate and analyze, despite the fact that most exposures uncovered do not lead to critical assets. XM Cyber’s latest research, which analyzed more than 60 million exposures in over 10 million entities, both on-premise and in the cloud, revealed that the average organization has 11,000 exploitable security exposures in a given month with up to 250,000 exposures in larger enterprises. This highlights the need for more efficient exposure remediation in order to remain ahead of the attack curve.

CIO INFLUENCE: Anglicare Leverages Ribbon and Switch Connect for Voice Consolidation and Path for Microsoft Teams Deployment

Lack of efficiency exists with remediating exposures

XM Cyber research uncovered that 75 percent of exposures along attack paths lead to “dead ends” which cannot impact critical assets and therefore represent minimal risk. Only two percent of security exposures are actually located on “choke points” – entities through which multiple attack paths converge enroute to critical assets. By focusing efforts on remediating exposures on these choke points, organizations can maximize risk reduction while minimizing remediation workload amongst security and IT teams.

“Security teams are inundated with increasing volumes of alerts and attackers are actively exploiting this,” said Zur Ulianitzky, Vice President, Research at XM Cyber. “As illustrated by our research, the vast majority of security alerts are benign and do not lead to critical assets. Threat actors are not working any harder than they have to, and most find success with attack paths which are simple, short and lead straight to fruitful returns. By diligently focusing remediation efforts on first and foremost eliminating the 2 percent of exposures which provide attackers with seamless access to critical assets, organizations can significantly reduce their risk without adding any additional strain to security teams.”

Attackers easily pivot from on-prem to cloud networks

The report also conveys the importance of having strong security controls for both cloud and on-premise environments. 71 percent of organizations have exposures in their on-prem networks that put their critical assets in the cloud at risk.

CIO INFLUENCE: Ascend.io Launches Solution in Partnership with Snowflake, Enabling Cost Savings for Data Teams

“Organizations face tough challenges in managing their diverse on-prem and cloud environments, often failing to consider the bigger picture and only focusing on each piece in isolation,” continued Ulianitzky. “Once attackers infiltrate cloud environments, it’s easy for them to compromise assets. Cloud security is not yet mature and many security teams don’t fully understand what security issues they need to look for. Challenges also surface from how cloud identities and permissions are (mis)managed. Moving forward, organizations must rethink their approach to security to ensure the protection of all of our identities, systems, and interdependencies among them holistically.”

Credentials and misconfigurations are highest risk exposures

The research also reveals that attack techniques targeting credentials and permissions affect 82 percent of organizations. Many continue to overlook attack paths that leverage credentials and permissions however these results make it clear that attackers prey upon trusted administrative services and identities to execute attacks.

“As we analyzed data and reflected on the findings for this report, my mind kept coming back to one concept: the cost of attack. Through attack path analysis, we see what the attacker sees and identify their least costly (quickest, easiest) routes to whatever it is they value. If we operationalize that knowledge, I have hope that we can finally shift the cost of attack in our favor,” Wade Baker, PhD, Partner at Cyentia Institute.

CIO INFLUENCE: PlainID Launches The PlainID Technology Network to Enable Identity Aware Security for Advanced Access Control

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Hunters Raises $30 Million Round to Lead the Open Extended Detection and Response (XDR) Market

Snowflake Launches New Unistore Workload to Drive Next Phase of Innovation With Transactional and Analytical Data Together

Six Cybersecurity Trends to Be Aware of in 2022

CIO Influence News Desk