Subscribe
About

What is cyber security debt and how does it threaten your business?

As your organisation digitises, it's accruing cyber security debt. What is this debt, how does it happen and what can you do about it?
David Higgins, Senior Director, Field Technology Office, CyberArk.
David Higgins, Senior Director, Field Technology Office, CyberArk.

Businesses have faced unprecedented challenges over the past two years. The pandemic forced them to pivot how and where they operate. Digitising operations as rapidly as possible has created gaps in their security. Consequently, they've had to deal with a growing number of ransomware threats and software supply chain attacks.

"Security has taken a back seat in favour of investing in digital initiatives," says David Higgins, CyberArk's Senior Director, Field Technology Office. "Many digital initiatives have been a necessary response to the pandemic, such as enabling remote workers or providing new services to customers. Understandably, the boardroom's focus has been on agility, resilience, profitability and survival. But they are still paying a price: an increase in cyber security debt."

Cyber security debt is when security programmes and tools don't keep pace with digital initiatives, exposing the business to increased security risks. High levels of cyber crime activities underscore this widening gap. According to CyberArk's 2022 Identity Security Threat Landscape Report, 70% of organisations have experienced ransomware attacks, with an average of two per company, while 71% suffered a software supply chain attack that resulted in data loss or asset compromise.

Shockingly, 62% of organisations have done nothing to secure their software supply chain, with 64% admitting that if a supplier were compromised, they wouldn't be able to stop an attack on their own organisation.

South African organisations are not strangers to such challenges. Several recent high-profile breaches of large local organisations prove the undeterred interest of criminals in SA's digital assets. Authorities such as Interpol and the South African Banking Risk Information Centre (SABRIC) frequently warn that the country is a major target for cyber crime. Accenture ranks South Africa third globally for its number of cyber crime victims.

An explosion of digital identities has compounded these challenges and significantly worsened cyber security debt.

Identity and security

Every major IT initiative results in a growth in digital interactions between people, applications and processes. Whether human or machine, each of these interactions is represented by a digital identity. The surge of initiatives during the pandemic has led to many more digital identities – running to the hundreds of thousands for the average organisation – and the figure keeps growing.

In their hurry to roll-out projects, organisations haven't always adequately secured their identities. Permission creep (when users keep demanding extra account permission without any long-term oversight) and account cloning (a time-saving method where administrators clone permissions from existing accounts) are two examples of insufficient account management leading to significant security issues.

"It's critical that the influx of new identities being created is managed and secured correctly," Higgins explains. "But less than half of organisations currently have identity security controls in place for their business-critical applications. While security teams struggle to keep up with the speed of digital acceleration in the business, vulnerabilities grow."

For example, 80% of security professionals agree that developers currently have more privileges than they need, opening up businesses to further unnecessary risk. Businesses must take stock of and respond to their growing cyber security debt. Otherwise, they're leaving a door wide open for cyber criminals to simply walk through.

Reducing your cyber security debt

Poorly protected credentials are the number one risk for organisations, as they're a primary means for attackers to gain entry to business systems. Yet, only 3% of organisations use a centralised secrets management platform to manage credentials used by apps.

So, what can be done?

"There are simple steps you can take to improve the management of security, such as establishing zero trust principles. This is a cyber security approach that demands that any person or machine trying to connect to an organisation's system must first be verified before access is granted. With the rising number of digital identities that are likely to be created through digital acceleration, the security leaders we surveyed named the top three strategic initiatives to reinforce zero trust principles as workload security, identity security tools and data security."

Understandably, businesses have had to be very reactive over the last few years. But now's the time to take back proactive control of their security and reverse the cyber security debt they've accrued.

Once they acknowledge the debt's existence, they can uncover where their weaknesses lie and begin to shore up cyber walls. It's not a giant leap in logic: we know every action has a reaction. The reaction to the quick and wholesale digitisation of businesses is the sharp rise in cyber security debt – particularly the proliferation of under-managed digital identities and their permissions.

To address this debt, use identity management solutions that incorporate zero trust principles and leverage a platform approach that makes integration, management and visibility easy for your security teams.

"Good identity management is the cornerstone of healthy and proactive modern cyber security," Higgins concludes. "If you can establish such a capability, you will radically reduce your cyber security debt and attack surfaces."

Share