74 percent of cloud and web applications with PII are vulnerable to exploits

No Comments
personal data

New research reveals a high proportion of vulnerable public cloud, mobile and web applications exposing sensitive data, including unsecured APIs and personal identifiable information (PII).

The study from CyCognito, based on analysis of 3.5 million assets across its enterprise customer base, finds 74 percent of assets with PII are vulnerable to at least one known major exploit, and one in 10 have at least one easily exploitable issue.

"The latest MOVEit exploit is a cautionary tale for all CISOs that attackers remain many steps ahead of web application and cloud security," says Rob Gurzeev, CEO and co-founder, CyCognito. "The volume of exposed PII stemming from this disastrous breach supports our findings and underscores the critical need for full-scope visibility of all assets across an organization's attack surface. Businesses can no longer afford to neglect their digital shadow and the many unknown and unmanaged risks within their systems."

See also:

In addition 70 percent of web applications have severe security gaps, like lacking WAF protection or an encrypted connection like HTTPS, while 25 percent of all web applications (web apps) lacked both. This is concerning since a typical global enterprise has over 12 thousand web apps, which can include APIs, SaaS applications, servers, and databases, among others.

The report also shows that 98 percent of web apps are potentially not GDPR compliant due to the lack of an option for users to opt out of cookies.

Gurzeev adds, "The size of a company's attack surface fluctuates up and down by as much as 10 percent a month, making it a moving target rife with security gaps ready to be exploited. Our latest research is not only a wake-up call that no business is immune to risk; it's also clear proof that unknown and undiscovered assets present a major threat to an organization."

You can get the full report from the CyCognito site.

Image credit: kenary820 / Shutterstock

No Comments

Comments are closed.

Got News? Contact Us

Recent Headlines

TUXEDO Stellaris 17 (Gen6): A high-performance portable Linux workstation

New solution helps companies prepare for 90-day TLS standard

Get 'Enterprise Transformation to AI and the Metaverse' (worth $59.99) for FREE

Best Windows apps this week

All you wanted to know about passkeys but were afraid to ask

Microsoft tells users 'if you want to fix 0x80070643 errors, you'll have to do it yourself'

Identity and permissions present a major security challenge

Most Commented Stories

Say goodbye to Microsoft Windows 11 and hello to Nitrux Linux 3.4.1

75 Comments

The stunning Windows 13 -- yes, 13! -- is the Microsoft operating system we want

23 Comments

Microsoft 'improves' Windows 11 by bringing ads to the Start menu in the US

21 Comments

Windows 11 slammed for its 'comically bad' performance even on high-end hardware

18 Comments

Microsoft is up to its old tricks yet again -- Windows 10 users harassed with full-screen Windows 11 upgrade warnings

18 Comments

Microsoft releases preview version of Office 2024 for Windows and macOS -- download it now!

17 Comments

EndeavourOS ARM discontinued: A huge loss for the Linux community

9 Comments

Microsoft is actively blocking Windows 11 tweaking tools

8 Comments

© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.