In right this moment’s quickly evolving digital panorama, organizations face an more and more advanced array of cybersecurity threats. The proliferation of cloud providers and distant work preparations has heightened the vulnerability of digital identities to exploitation, making it crucial for companies to fortify their identification safety measures.
Our current analysis report, The Id Underground Report, provides beneficial insights into the challenges and vulnerabilities organizations encounter in managing digital identities. The report paints a vivid image of the “hidden” identification safety liabilities the place attackers leverage Id Risk Exposures (ITEs) reminiscent of forgotten person accounts and misconfigurations to breach organizations’ defenses, with every ITE posing a major menace to organizations’ safety posture.
Uncover the commonest identification safety gaps that result in compromises within the first-ever menace report centered totally on the prevalence of identification safety gaps.
These findings reveal alarming statistics that underscore the widespread prevalence of ITEs throughout organizations of all sizes:
- 67% of organizations unknowingly expose their SaaS functions to potential compromise by insecure password synchronization practices.
- 37% of admin customers nonetheless depend on weak authentication protocols like NTLM.
- 31% of person accounts are service accounts, which attackers search to focus on as safety groups typically overlook them.
- A single misconfiguration in Lively Listing spawns a mean of 109 new shadow admins, enabling attackers to vary settings and permissions, and acquire extra entry to machines as they transfer deeper into an surroundings.
The shift to cloud-based environments introduces further challenges, as organizations synchronize on-prem person accounts with cloud Id Suppliers (IdPs). Whereas this streamlines entry, it additionally creates a pathway for attackers to use ITEs in on-prem settings to realize unauthorized entry to cloud sources.
Finally, it’s important to acknowledge the dynamic nature of identification threats. Cybercriminals are continually evolving their techniques, underscoring the necessity for a holistic and layered method to safety. By adopting proactive measures like Multi-Issue Authentication (MFA) and investing in sturdy identification safety options, organizations can improve their resilience towards identity-related threats.
Study extra in regards to the underground weaknesses that expose organizations to identification threats right here and heed the report’s findings to prioritize safety investments and eradicate your identification safety blind spots.