TRENDING in cybersecurity debt – unaddressed security vulnerabilities like unpatched software , unmanaged devices , shadow IT and insecure network protocols that act as access points for bad actors . Key findings from the report include :
Outdated practices are to blame
Eighty per cent of Australian and New Zealand IT decision makers say outdated cybersecurity practices have contributed to at least half of the cybersecurity incidents their organizations have experienced . Despite these concerning figures , only 62 % of respondents said they have immediate plans to address any of the outdated security practices that put their organizations at risk .
Basic cyber hygiene is lacking
The survey found that all Australian and New Zealand respondents are running one or more insecure network protocols . Despite calls from leading technology vendors to retire SMBv1 , which played a significant role in the explosion of WannaCry and NotPetya , 84 % are still running it in their environments .
When it comes to unmanaged devices , 53 % say some of their critical devices are capable of being remotely accessed and controlled and are exposed to the public Internet . workloads has never been greater . With a greater focus on their cloud environments , 79 % of respondents said they were completely or mostly confident in the security of their organization ’ s cloud workloads .
“ As organizations find themselves overburdened by staffing shortages and shrinking budgets , it ’ s no surprise that IT and security teams have deprioritized some of the basic cybersecurity necessities that may seem a bit more mundane or expendable ,” said Mark Bowling , Chief Risk , Security and Information Security Officer , ExtraHop .
“ The probability of a ransomware attack is inversely proportional to the amount of unmitigated surface attack area , which is one example of cybersecurity debt . The liabilities , and , ultimately , financial damages that result from this deprioritization compounds cybersecurity debt and opens organizations up to even more risk . Greater visibility into the network with an NDR solution can help reveal the cyber truth and shine a light on the most pressing vulnerabilities so they can better take control of their cybersecurity debt .”
ExtraHop recommends that organizations take the following steps to assess and remediate cybersecurity debt .
Step 1 : Perform continuous network monitoring
Confidence in cloud security is on the rise
As organizations move mission critical applications and sensitive data to the cloud , the need to monitor cloud
Maintaining an inventory of software and hardware in your environment is a fundamental necessity for security hygiene and is recommended in the first and second security controls in the CIS Top 20 . Despite being a vital security practice , maintaining this
24 INTELLIGENTCIO APAC www . intelligentcio . com