The majority of organizations (nearly 70 percent) do not prioritize the protection of the applications that their business depend on — such as ERP and CRM systems — any differently than how low-value data, applications or services are secured, according to a new survey from CyberArk.
Respondents indicated that even the slightest downtime affecting business critical applications would be massively disruptive, with 61 percent agreeing that the impact would be severe.
Breaches affecting applications that are the lifeblood of business can result in punitive costs, with a 2018 report estimating the average cost of an attack on an ERP system at $5.5 million USD. The threat actors that enterprises face are formidable — organized crime was behind 50 percent of all breaches in 2018, with attacks using established tactics like privileges abuse to achieve their aims.
Despite the fact that more than half (56 percent) of organizations have experienced data loss, integrity issues or service disruptions affecting business critical applications in the previous two years, the survey found a large majority (72 percent) of respondents are confident that their organization can effectively stop all data security attacks or breaches at the perimeter. This brings to light a remarkable disconnect between where security strategy is focused and the business value of what is most important to the organization. An attacker targeting administrative privileges for these applications could cause significant disruption and could even halt business operations.
The survey also found that 74 percent of organizations indicated they have moved (or will move within two years) business critical applications to the cloud. A risk-prioritized approach to protecting these assets is necessary for this transition to be managed successfully. Further industry data shows that, globally, 69 percent of organizations are migrating data for popular ERP applications to the cloud.
“From banking systems and R&D to customer service and supply chain, all businesses in all verticals run on critical applications. Accessing and disrupting these applications is a primary target for attackers due to their day-to-day operational importance and the wealth of information that resides in them — whether they are on-premises or in the cloud,” said David Higgins, EMEA technical director at CyberArk. “CISOs must take a prioritized, risk-based approach that applies the most rigorous protection to these applications, securing in particular privileged access to them and assuring that, regardless of what attacks penetrate the perimeter, they continue to run uncompromised.”
Methodology: The independent survey was conducted among 1,450 business and IT decision makers, primarily from Western European economies.
The Latest
Over the last 20 years Digital Employee Experience has become a necessity for companies committed to digital transformation and improving IT experiences. In fact, by 2025, more than 50% of IT organizations will use digital employee experience to prioritize and measure digital initiative success ...
While most companies are now deploying cloud-based technologies, the 2024 Secure Cloud Networking Field Report from Aviatrix found that there is a silent struggle to maximize value from those investments. Many of the challenges organizations have faced over the past several years have evolved, but continue today ...
In our latest research, Cisco's The App Attention Index 2023: Beware the Application Generation, 62% of consumers report their expectations for digital experiences are far higher than they were two years ago, and 64% state they are less forgiving of poor digital services than they were just 12 months ago ...
In MEAN TIME TO INSIGHT Episode 5, Shamus McGillicuddy, VP of Research, Network Infrastructure and Operations, at EMA discusses the network source of truth ...
A vast majority (89%) of organizations have rapidly expanded their technology in the past few years and three quarters (76%) say it's brought with it increased "chaos" that they have to manage, according to Situation Report 2024: Managing Technology Chaos from Software AG ...
In 2024 the number one challenge facing IT teams is a lack of skilled workers, and many are turning to automation as an answer, according to IT Trends: 2024 Industry Report ...
Organizations are continuing to embrace multicloud environments and cloud-native architectures to enable rapid transformation and deliver secure innovation. However, despite the speed, scale, and agility enabled by these modern cloud ecosystems, organizations are struggling to manage the explosion of data they create, according to The state of observability 2024: Overcoming complexity through AI-driven analytics and automation strategies, a report from Dynatrace ...
Organizations recognize the value of observability, but only 10% of them are actually practicing full observability of their applications and infrastructure. This is among the key findings from the recently completed Logz.io 2024 Observability Pulse Survey and Report ...
Businesses must adopt a comprehensive Internet Performance Monitoring (IPM) strategy, says Enterprise Management Associates (EMA), a leading IT analyst research firm. This strategy is crucial to bridge the significant observability gap within today's complex IT infrastructures. The recommendation is particularly timely, given that 99% of enterprises are expanding their use of the Internet as a primary connectivity conduit while facing challenges due to the inefficiency of multiple, disjointed monitoring tools, according to Modern Enterprises Must Boost Observability with Internet Performance Monitoring, a new report from EMA and Catchpoint ...
Choosing the right approach is critical with cloud monitoring in hybrid environments. Otherwise, you may drive up costs with features you don’t need and risk diminishing the visibility of your on-premises IT ...
