Enterprises Fear Disruption to Applications, Yet Don't Prioritize Security
April 15, 2019
Share this

The majority of organizations (nearly 70 percent) do not prioritize the protection of the applications that their business depend on — such as ERP and CRM systems — any differently than how low-value data, applications or services are secured, according to a new survey from CyberArk.

Respondents indicated that even the slightest downtime affecting business critical applications would be massively disruptive, with 61 percent agreeing that the impact would be severe.

Breaches affecting applications that are the lifeblood of business can result in punitive costs, with a 2018 report estimating the average cost of an attack on an ERP system at $5.5 million USD. The threat actors that enterprises face are formidable — organized crime was behind 50 percent of all breaches in 2018, with attacks using established tactics like privileges abuse to achieve their aims.

Despite the fact that more than half (56 percent) of organizations have experienced data loss, integrity issues or service disruptions affecting business critical applications in the previous two years, the survey found a large majority (72 percent) of respondents are confident that their organization can effectively stop all data security attacks or breaches at the perimeter. This brings to light a remarkable disconnect between where security strategy is focused and the business value of what is most important to the organization. An attacker targeting administrative privileges for these applications could cause significant disruption and could even halt business operations.

The survey also found that 74 percent of organizations indicated they have moved (or will move within two years) business critical applications to the cloud. A risk-prioritized approach to protecting these assets is necessary for this transition to be managed successfully. Further industry data shows that, globally, 69 percent of organizations are migrating data for popular ERP applications to the cloud.

“From banking systems and R&D to customer service and supply chain, all businesses in all verticals run on critical applications. Accessing and disrupting these applications is a primary target for attackers due to their day-to-day operational importance and the wealth of information that resides in them — whether they are on-premises or in the cloud,” said David Higgins, EMEA technical director at CyberArk. “CISOs must take a prioritized, risk-based approach that applies the most rigorous protection to these applications, securing in particular privileged access to them and assuring that, regardless of what attacks penetrate the perimeter, they continue to run uncompromised.”

Methodology: The independent survey was conducted among 1,450 business and IT decision makers, primarily from Western European economies.

Share this

The Latest

June 20, 2024

The total cost of downtime for Global 2000 companies is $400 billion annually — or 9% of profits — when digital environments fail unexpectedly, according to The Hidden Costs of Downtime, a new report from Splunk ...

June 18, 2024

With the rise of digital transformation and the increasing reliance on applications for business operations, the need for application performance management (APM) has become more critical ... This blog explains what APM is all about, its significance and key features ...

June 17, 2024

Generative AI (GenAI) has captured significant attention by redefining content creation and automation processes. Despite this surge in GenAI's popularity, it's crucial to highlight the continuous, vital role of machine learning (ML) in underpinning crucial business functions. This era is not about GenAI replacing ML; rather, it's about these technologies collaborating to supercharge intelligent automation across industries ...

June 13, 2024

As organizations continue to navigate their digital transformation journeys, the need for efficient, secure, and scalable data movement strategies has never been more critical ... In an era when enterprise IT landscapes are continually evolving, the strategic movement of data has become a cornerstone of maintaining agility, competitive edge, and operational efficiency ...

June 12, 2024

In May, New Relic published the State of Observability for IT and Telecommunications Report to share insights, statistics, and analysis on the adoption and business value of observability for the IT and telecommunications industries. Here are five key takeaways from the report ...

June 11, 2024
Over the past decade, the pace of technological progress has reached unprecedented levels, where fads both quickly rise and shrink in popularity. From AI and composability to augmented reality and quantum computing, the toolkit of emerging technologies is continuing to expand, creating a complex set of opportunities and challenges for businesses to address. In order to keep pace with competitors, avoiding new models and ideas is not an option. It's critical for organizations to determine whether an idea has transformative properties or is just a flash in the pan — a challenge tackled in Endava's new 2024 Emerging Tech Unpacked Report ...
June 10, 2024

The rapidly evolving nature of the industry, particularly with the recent surge in generative AI, can catch firms off-guard, leaving them scrambling to adapt to new trends without the necessary funds ... This blog will discuss effective strategies for optimizing cloud expenses to free up funds for emerging AI technologies, ensuring companies can adapt and thrive without financial strain ...

June 06, 2024

Software developers are spending more than 57% of their time being dragged into "war rooms" to solve application performance issues, rather than investing their time developing new, cutting-edge software applications as part of their organization's innovation strategy, according to a new report from Cisco ...

June 05, 2024

Generative Artificial Intelligence (GenAI) is continuing to see massive adoption and expanding use cases, despite some ongoing concerns related to bias and performance. This is clear from the results of Applause's 2024 GenAI Survey, which examined how digital quality professionals use and experience GenAI technology ... Here's what we found ...

June 04, 2024

Many times customers want to know why their measured performance doesn't match the speed advertised (by the platform vendor, software vendor, network vendor, etc). Assuming the advertised speeds are (a) within the realm of physical possibility and obeys the laws of physics, and (b) are real achievable speeds and not "click-bait," there are at least ten reasons for being unable to achieve advertised speeds. In situations where customer expectations and measured performance don't align, use the following checklist to help determine the reason(s) why ...