A wave of digital initiatives by organizations worldwide has created an explosion of human and machine identities that are increasing the exposure of those organizations to ransomware and supply chain threats, according to CyberArk's 2022 Identity Security Threat Landscape report released Tuesday.
The report found that nearly four out of five of the 1,750 IT security decision makers surveyed for the report (79%) agreed that security was taking a back seat to other IT and digital initiatives. Those initiativesâespecially those prioritizing remote or hybrid working, new digital services for customers and citizens, and increased outsourcing of remote vendors and suppliersâhave created hundreds of thousands of new digital identities in each organization, which can increase their exposure to cybersecurity risk.
"The commonality we see in most attacksâwhether it be a data breach, ransomware, or service shutdownâis identity compromise," says CyberArk Technical Director David Higgins. "It is one of the common objectives of the attacker. If they can compromise how an identity authenticates to a resource, that's how lateral movement takes place. The more identities we have out there, the larger attack surface we have."
New enterprise initiatives drive up number of machine identities
The report noted that the number of digital identities in organizations is remarkably high and will continue to grow as high-priority initiatives are rolled out. "One human user has an average of 30 separate identitiesâand that's probably a low number," Higgins says. "If that individual leaves and there isn't a good lifecycle management program, you could have 30 orphan accounts."
The situation is even worse for machine identities, which, according to the report, outnumber human identities by a factor of 45 to 1. "The number of machine identities reflects how organizations are operating these days," Higgins explains. "Automation is a key focus, and every time automation comes into the mix, more machine identities are required."
Machine identities can create greater risks to an organization than human identities because they can be more difficult to monitor, Higgins says. "The kind of traditional behavioral analytics employed on human users can't be applied to machines, so the more machine identities you have you have, the harder the problem becomes."
70% of organizations experienced a ransomware attack in past year
Adding to the problem of the volume of identities being created is the number of them that have access to sensitive information. More than half of the workers in an organization (52%) typically have access to sensitive information, according to CyberArk, while more than two-thirds of non-humans (68%) have access to sensitive data and assets. "It takes just one compromised identity for an external or inside threat actor to start an attack chain," the report noted. "The acceleration of digital initiatives and resulting surge in digital identities feed into an expanding attack surface."
The report also found that 70% of organizations have experienced a ransomware attack in the past 12 monthsâtwo each, on averageâand 71% had suffered a successful supply chain-related attack.
An ever-expanding attack surface, rapidly proliferating identities, and lagging cybersecurity investment collectively expose organizations to higher levels of cybersecurity risk, the report noted. Attackers understand that and have been following a parallel path of innovation and investment to exploit vulnerabilities.
Staying ahead of them requires an âassume breachâ mentality as a starting point, it continued. The next logical step is to implement zero trust principles that put this defensive thinking into practice.
Gloss