According to Gartner, global SaaS revenue will grow by nearly 38% to more than $140 billion between 2019 and 2022. Although cloud-based applications dramatically increase the efficiency and productivity throughout an enterprise, there is a significant threat that is often underestimated by CIOs and CISOs: the unchecked and unmanaged data access by the SaaS provider. And with the growing adoption of SaaS applications, this threat is growing exponentially, putting companies at greater risk for data leaks.

As a benchmark, the average 1,000-person company stores between 500K to 10M assets in SaaS applications. Companies enabling public sharing may unwittingly allow up to 200,000 of these assets to be shared publicly. DoControl aggregated and analyzed data from its customer base, and categorized its key findings by external and insider threat:

• Insider threats:
  • Of the companies analyzed, an average of 400 encryption keys are shared internally to anyone with a link.
  • 20% of SaaS assets are shared internally with a link, exposing many employees to data points they are not authorized to view.
  • 8% of employees share their corporate account assets with their personal account, exposing company data to employees on an ongoing basis.
• External threats:
  • Between 1,000 and 15,000 external collaborators (vendors, contractors, customers, partners, prospects, media, analysts, etc.) have access to company data.
  • Between 200 and 3,000 external (specifically third-party) companies have access to company assets.
  • 18% of SaaS application assets are shared externally and remain shared externally even after deleting users.

“The past year forced many organizations to collaborate with many external parties and adjust their existing workforce to support remote collaboration,” said Adam Gavish, CEO and Co-Founder of DoControl. “To date, security practitioners have focused on enabling SaaS access in a secure manner, but now is the time to prioritize the relevancy of this data access internally and externally. Unmanageable data access poses a significant risk to any organization and increases the likelihood of a data breach. While SaaS apps are designed to promote collaboration, this also creates an ever-growing attack surface that requires attention to ongoing data access at scale. DoControl is committed to helping organizations ensure that no unauthorized person has access to company data, all without slowing down business enablement or changing the end-user’s day-to-day work.”

Image licensed by: Unsplash.com

Related News:

Want to Learn about Digital Marketing? Talk to a Cybercriminal.

Phunware and HID Global’s Partnership will Deliver Smart Workplace Solution on Mobile

The post 40% of SaaS Data Access is Unmanaged, New Data-Driven Study Reveals appeared first on Digital IT News.

The findings come from Trend Micro’s biannual Cyber Risk Index (CRI) report, which measures the gap between respondents’ cybersecurity preparedness versus their likelihood of being attacked. In the first half of 2021 the CRI surveyed more than 3,600 businesses of all sizes and industries across North America, Europe, Asia-Pacific, and Latin America.

Read a full copy of the report, produced by the Ponemon Institute, here: https://www.trendmicro.com/cyberrisk.

The CRI is based on a numerical scale of -10 to 10, with -10 representing the highest level of risk. The current global index stands at -0.42, a slight increase on last year which indicates an “elevated” risk.

“Once again we’ve found plenty to keep CISOs awake at night, from operational and infrastructure risks to data protection, threat activity and human-shaped challenges,” said Jon Clay, vice president of threat intelligence for Trend Micro. “To lower cyber risk, organizations must be better prepared by going back to basics, identifying the critical data most at risk, focusing on the threats that matter most to their business, and delivering multi-layered protection from comprehensive, connected platforms.”

Organizations ranked the top three negative consequences of an attack as customer churn, lost IP and critical infrastructure damage/disruption.

Key findings from the report include:

• 86% said it was somewhat to very likely that they’d suffer serious cyber-attacks in the next 12 months, compared to 83% last time
• 24% suffered 7+ cyber attacks that infiltrated networks/systems, versus 23% in the previous report.
• 21% had 7+ breaches of information assets, versus 19% in the previous report.
• 20% of respondents said they’d suffered 7+ breaches of customer data over the past year, up from 17% in the last report.

“Trend Micro’s CRI continues to be a helpful tool to help companies better understand their cyber risk,” said Dr. Larry Ponemon, CEO for the Ponemon Institute. “Businesses globally can use this resource to prioritize their security strategy and focus their resources to best manage their cyber risk. This type of resource is increasingly useful as harmful security incidents continue to be a challenge for businesses of all sizes and industries.”

Among the top two infrastructure risks was cloud computing. Global organizations gave it a  6.77, ranking it as an elevated risk on the index’s 10-point scale. Many respondents admitted they spend “considerable resources” managing third party risks like cloud providers.

The top cyber risks highlighted in the report were as follows:

• Man-in-the-middle attacks
• Ransomware
• Phishing and social engineering
• Fileless attack
• Botnets

The top security risks to infrastructure remain the same as last year, and include organizational misalignment and complexity, as well as cloud computing infrastructure and providers. In addition, respondents identified customer turnover, lost intellectual property and disruption or damages to critical infrastructure as key operational risks for organizations globally.

The main challenges for cybersecurity preparedness include limitations for security leaders who lack the authority and resources to achieve a strong security posture, as well as organizations struggling to enable security technologies that are sufficient to protect their data assets and IT infrastructure.

Image licensed by: Pixabay.com

Related News:

Optiv Security Launches Next-Gen Managed XDR to Stop Threats Earlier in Attack Lifecycle

68% of Sysadmins Say Their Organizations Faced Increased Risk of Cybersecurity Attacks Due to the Shift to Remote Work

The post 80% of Global Organizations Expect to Experience a Breach of Customer Records in the Next Year appeared first on Digital IT News.

Saudi Aramco’s data up for sale, includes documents pertaining to Saudi Aramco refineries, personal information about more than 14,000 employees, project specifications for systems, pricing sheets and internal analyses, as well as security-related information including IP addresses, Wi-Fi access points, and IoT devices.

“We confirm that the release of data has no impact on our operations, and the company continues to maintain a robust cybersecurity posture,” Aramco told BleepingComputer via a spokesperson.

As reported, at some point last year, the hackers behind the breach did not manage to infiltrate the network and systems of the Saudi Arabian Oil Company but rather those of third-party contractors working for the company and called it “zero-day exploitation.”  The threat actors, identified as ZeroX, and Aramco both reported this data breach was not ransomware or any other kind of an extortion attack. Instead the group is selling off the data for $5m, though it is also open to doing an exclusive, one-off sale in which it provides all of the data and deletes it from its systems for $50m.

ZeroX published some limited fragments of Saudi Aramco’s data which included blueprints and proprietary documents from the company with personally identifiable information (PII) redacted to a Dark Web forum back in June, to generate intrigue for the impending exchange. In conjunction, a countdown timer was set to 662 hours. Once this 28-day deadline occurs, the sale and negotiations for the data will launch. In a statement to BleepingComputer, ZeroX said that it intentionally chose “662 hours” as part of a “puzzle” for Saudi Aramco to solve or simply established as bait for prospective buyers.  But the exact reason still remains unclear.

In 2012, Aramco was the target of an attack with the Shamoon computer virus which forced the giant to shut down its network and destroy 30,000 computers. Another virus was transmitted across the kingdom and breached computers at Sadara in 2017, a partnership between Aramco and Michigan-based Dow Chemical Co. But the upsurge in cyberattacks on the global energy industry with Colonial Pipeline being most exposed just a short time ago has companies reevaluating security spending.

“For Aramco and its 3rd party suppliers this should be seen as a reminder that preventive tools alone will not provide for a resilient cyber security posture (or even a robust one), actively detecting signs of breach by controlling any and all suspicious activities in your infrastructure, controlling what changes and which of these changes is malicious is even more important nowadays.” a statement from Dirk Schrader, Global VP of Security Research, NNT, now part of Netwrix.

The post Saudi Aramco’s Data Breach with a 28 Day Puzzle Twist appeared first on Digital IT News.

The post Rampant Cloud Service Misconfigurations & Over 2 Million Exposed Databases: Censys Labs Finds appeared first on Digital IT News.