Tiny fraction of attack pathways expose businesses to security risks

Share post:

According to a study from XM Cyber, just a tiny fraction of attack pathways expose most businesses’ important assets to security concerns.

The study, titled “Navigating the Paths of Risk: The State of Exposure Management,” examined more than 60 million exposures in more than 10 million organizations and discovered that 75% of exposures were not exploitable. Only 2% of the exposures, however, constituted a serious danger to more than 90% of an organization’s important assets.

According to the survey, the average firm has around 11,000 exploitable security exposures every month, affecting both on-premises and cloud infrastructure, with bigger companies having up to 250,000 exposures. Critical assets were discovered to be “one hop away,” allowing attackers easy access to them.

Furthermore, despite the fact that these approaches affect 82% of firms, many organizations overlook attack vectors that exploit credentials and permissions. The study also discovered that zero-trust architecture was insufficient in defending enterprises against security exposure strategies that relied on trust.

To prevent human mistake, the report advises that suppliers deliver products with “security by default” options. The survey also discovered that security personnel are overburdened by dead-end security exposure notifications, making it simpler for attackers.

The sources for this piece include an article in CPOMAGAZINE.

SUBSCRIBE NOW

Related articles

Hamilton Estimates $52 Million to Rebuild IT Systems After Ransomware Attack

The city of Hamilton plans to spend $52 million over the next three years to rebuild and secure...

Avery Data Breach: Credit Card Skimmer Affects Over 61,000 Customers

Label maker Avery has disclosed a data breach affecting 61,193 customers, caused by a credit card skimmer that...

Scammed Company Ordered to Pay $190k for Fraudulent Invoice Payment

A hacker gained access to Mobius Group’s email system and sent instructions from a legitimate email address, directing...

Sneaky 2FA: A Sophisticated Attack Defeats Both 2FA and Phishing Protections

A new phishing kit, ominously named "Sneaky 2FA," has emerged, targeting Microsoft 365 users by bypassing two-factor authentication...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways