80 percent of security exposures involve misconfigurations
A new report based on data gathered from over 40 million exposures presenting high-impact risks to millions of critical business entities, finds that identity and credential misconfigurations represent 80 percent of security exposures across organizations.
The report, from exposure management specialist XM Cyber based on data analyzed by the Cyentia Institute, shows a third of these exposures put critical assets at direct risk of breach -- an attack vector actively being exploited by adversaries.
The issue isn't helped by poor endpoint hygiene plaguing the majority of environments with cached credentials or lack of EDR (endpoint detection and response) coverage on over 25 percent of devices, providing attackers ample initial entry points to gain footholds.
"This data underscores that exposure management needs to expand well beyond vulnerabilities to look at all paths adversaries can take -- including misconfigurations, user behavior, and more," says Zur Ulianitzky, vice president, research at XM Cyber. "The XM Attack Graph Analysis revealed that a mere two percent of exposures reside on crucial 'choke points,' where adversaries can exploit vulnerabilities to access critical assets. This revelation underscores the importance of adopting comprehensive threat exposure management frameworks."
The analysis also reveals organizations typically have around 15,000 exposures scattered across their environments that skilled attackers could potentially exploit. Interestingly, CVE-based vulnerabilities account for less than one percent of this massive exposure.
Over half (56 percent) of exposures affecting critical assets are in cloud platforms according to XM Cyber's analysis. If attackers can seamlessly traverse from on-premises to cloud environments and back again, this poses a significant risk to cloud-based assets.
"The insights collected from this report are a transformative force for organizations navigating the complex realm of cybersecurity, especially in industries with entities that have a lot of exposures like healthcare and energy", says Dr. Wade Baker from the Cyentia Institute. "The fact that the median number of exposures affecting healthcare providers is 5X that of the Energy and Utilities sector points to the inherent challenges of minimizing risk in those environments."
The full State of Exposure Management report is available from the XM Cyber site.
Image credit: ArtemisDiana / depositphotos