Data leaks and ghost assets are the biggest sources of exposure to cyberattacks facing large organizations across the globe. Identifying exposed assets as quickly as possible must become a priority according to CybelAngel.
Based on data from a sample of CybelAngel customers, the “A Year in Proactive Cybersecurity” report highlights the security impact of digital risks that have occurred as a result of seismic shifts in the world of work.
As proof, incidents related to data breaches have increased, overall, by 63%. Another worrying finding: exposure to vulnerable phantom assets increased by 40% in 2021.
“ This reflects the ever-increasing digital footprint of organizations and the expansion of the attack surface of today’s connected companies”, insists the French start-up CybelAngel.
The shortage of developers has led to more outsourcing of development projects: 86% of hiring managers and technical recruiters now find it difficult to hire the right people.
Credential Leak = Major Incident
At the same time, accelerating digital transformation meant more development projects were needed, with a 47% increase in new public repositories created on GitHub between 2020 and 2021.
The increase in outsourced development projects has led to a 66% increase in source code leaks. The last quarter of 2021 saw a massive 117% jump in the number of GitHub incident reports sent to CybelAngel’s sample group of customers, compared to the previous quarter.
One of the most significant findings is that the severity of incidents related to exposed credentials changed dramatically, with a 50% increase in the number of “major” incidents.
These incidents are defined as those likely to interrupt the activities of the company following an account takeover.
Another disturbing finding: cloud storage leaks have increased by 150% year over year. As digital transformation continues following the work-from-home revolution, incidents of leaks of proprietary data, or confidential information, in online storage have increased by 150% year-over-year. One of the reasons: is the lack of suitable tools.
This growing prevalence of cloud adoption, and the ease with which applications and services can be used without the sanction of IT departments, has direct effects on Shadow IT.
The risks are moving to the cloud:
The number of vulnerable phantom assets increased by 40% in H2 2021. 17% of phantom asset incidents sent to CybelAngel customers in 2021 were deemed “major” or “critical”.
The accelerated migration to the cloud and the growing reliance of organizations on outsourcing development work means that all risk is, in fact, shifting to the cloud. However, multi-cloud environments are difficult to manage due to a lack of visibility.
. Organizations face systemic cyber risks, fueled by sophisticated criminal groups that exploit the fact that external threats reach an unavoidable level of risk.
The good news for organizations is that, if addressed in time, each of the threats identified in the report can be remediated relatively quickly and at a low cost.