67 percent of organizations report a rise in identity-based incidents
New research highlights the growing threat of identity-based attacks and looks at organizations ability to defend against them.
The study from Huntress shows 67 percent of organizations reported an increase in identity-based incidents over the past three years, with these attacks comprising more than 40 percent of security incidents for 35 percent of organizations in the past year alone.
Nearly half (45 percent) of respondents have encountered rogue and/or malicious applications in the past year, and 46 percent citing them as a top identity-based concern.
Detection and response times are lagging too with 53 percent saying it takes them hours to detect identity-based security incidents, and 68 percent unable to detect or respond until attackers have already established persistence.
The consequences of these attacks go beyond downtime and reputational harm, with 32 percent of businesses impacted by identity-based incidents reporting losses exceeding $100,000 as a result.
"There's no denying identity is the new endpoint. With widespread cloud adoption, the shift to hybrid work, and an increased reliance on SaaS applications, the identity attack surface has exploded over the past few years," says Prakash Ramamurthy, chief product officer at Huntress. "Hackers are no longer wasting time breaking into networks the hard way. They're logging in using stolen credentials, session cookies, and access tokens to bypass endpoint protection and exploit weak multi-factor authentication. Our Managed ITDR solution gives organizations the proactive detection and response they need to take control of their identity security posture before attackers do."
Alongside the research Huntress has announced an enhanced Managed Identity Threat Detection and Response (ITDR) solution. This includes a Rogue Apps capability that makes Huntress the first vendor to offer proactive protection against OAuth (Open Authorization) application threats. These applications are frequently weaponized to access valuable data and establish persistent backdoors that can lurk in environments for years undetected. Rogue Apps proactively detects malicious or risky OAuth applications installed in Microsoft 365 environments and gives clear, actionable steps for removal.
You can get the full report on the Huntress site and find out more about the ITDR solution and request a free trial.
Image credit: chachar/depositphotos.com