CyberArk’s global report reveals how the tension between difficult economic conditions and the pace of technology innovation is influencing the growth of identity-led cybersecurity exposure.
The CyberArk 2023 Identity Security Threat Landscape Report details how these issues have the potential to result in a compounding of ‘cyber debt’: where investment in digital and cloud initiatives outpaces cybersecurity spending, creating a rapidly expanding and unsecured identity-centric attack surface.
In 2022, organisations experienced growing cyber debt, where security spending over the pandemic lagged investment in broader digital business initiatives.
Now In 2023, levels of cyber debt are at risk of compounding, driven by an economic squeeze, elevated levels of staff turnover, a consumer spending downturn and an uncertain global environment.
With investment in digital and cloud initiatives still ongoing as business leaders seek to unlock greater efficiencies and innovation, these factors have had knock-on effects on cybersecurity.
The report found that over two-thirds (71%) of Australian organisations expect employee churn-driven cyber issues in 2023.
Additionally, 98% expect identity-related compromise this year, with a majority (52%) saying this will happen as part of a digital transformation initiative such as cloud adoption or legacy app migration.
Australian organisations also cited economic-driven cutbacks and geopolitical factors (44%), hybrid working (41%), and cloud adoption (37%) will be key drivers of identity-related compromises.
Moreover, highlighting the 2023 threat landscape, 89% of security professionals surveyed expect AI-enabled threats to affect their organisation this year, with AI-powered malware cited as the number one concern.
Over nine in ten Australian organisations surveyed experienced ransomware attacks in the past year, and 57% of affected organisations reported paying up twice or more to allow recovery, signalling that they were likely victims of double extortion campaigns.
Over two-thirds (68%) of Australian organisations stated they could not prevent or detect an attack from their supply chain. 71% also admit they hadn’t taken any measures to further secure their software supply chain in the last 12 months.
The report found that humans and machines are at the heart of nearly all attacks, with organisations stating that both identities are equally challenging to secure and manage.
Specifically, credential access remains the most significant area of risk for 39% of Australian organisations, followed by impact (35%), persistence (33%), initial access (32%) and discovery (26%).
The report also found that critical areas of the IT environment are inadequately protected.
69% stated that highest-sensitivity employee access is not adequately secured, and 68% lacked a complete picture of human and non-human access to sensitive data and assets, with machine identities having more access to sensitive data than humans (48% vs 39%).
Thomas Fikentscher, Regional Director for Australia and New Zealand, says: “In light of the increasing legislative pressure faced by Australian organisations and the rapid growth of human and machine identities due to accelerated digitalisation, we have arrived at a critical juncture.”
“It is no longer acceptable for the majority of Australian organisations to overlook the necessity of robust security measures that safeguard sensitive data and assets.”
“The stakes are high, with the potential for severe financial and operational risks looming. The time is now to take immediate action to mitigate these risks and ensure the long-term cyber resilience within organisations,” says Fikentscher.
Matt Cohen, Chief Executive Officer, CyberArk, says: “The organisational desire to drive ever-greater business efficiencies and innovation remains undiminished, even as cutbacks in staffing and macro-economic forces are creating significant pressures.”
“Business transformation, driven by digital and cloud initiatives, continues to result in a surge in new enterprise identities. While attackers are constantly innovating, compromising identities remains the most effective way to circumvent cyber defenses and access sensitive data and assets.”
“Such profound risk puts the issue of “who and what to trust” at the forefront of efforts to prevent cyber debt from compounding, and to build long-term cyber resilience,” says Cohen.
In light of this, things that can be done, outlined in the report, include; zero trust alignment and strategies to secure sensitive access.
This includes embedding credentials to secure passwords, secrets and other credentials used by applications and machines, adopting processes to monitor access to SaaS applications and equally the same percentage plan to remove standing access for third-party vendors and implementing least privilege access principles to secure business-critical applications.