Study Reveals Massive Gap in Cyber Defenses

Identity and credential misconfigurations account for 80% of security exposures in organizations, with one-third directly endangering critical assets, according to a new study.

ITPro Today

May 6, 2024

3 Min Read
padlock icon on abstract background

XM Cyber recently published its third annual research report, "Navigating the Paths of Risk: The State of Exposure Management,” which sheds light on prominent risks and vulnerabilities that organizations face in today's dynamic threat environment.

The report reveals alarming gaps in the cyber defenses of many organizations, calling out misconfigured identity and access controls as a massive attack vector exploited by adversaries. For example, the study indicates that identity and credential misconfigurations account for a staggering 80% of security exposures across organizations, with one-third of these exposures directly jeopardizing critical assets. Many of these exposures stem from misconfigurations in Active Directory, a central system for managing user access, due to it inherently containing vulnerabilities often missed by many security tools. Blind spots in tasks such as user account management and password resets pose issues for nearly every organization.Top of Form

The report also shows that while vulnerabilities tracked by common identifiers like CVEs are a primary concern for most security programs, they represent only 1% of the massive exposure landscape. On average, organizations have about 15,000 exposures scattered across their environments, presenting opportunities for skilled attackers. Given that CVE-based vulnerabilities represent less than 1% of this vast risk surface, security strategies focused solely on vulnerability patching have critical blind spots. 

Related:Using PowerShell for Brute-Force Password Cracking (Example Script)

An example attack graph identifying entities, dead ends, choke points, and critical assets.

An example attack graph identifying entities, dead ends, choke points, and critical assets. (Credit: XM Cyber)

Cloud environments are not immune to the risk of exposure. As cloud adoption continues to increase, the report reveals how these risks extend to cloud environments, with more than half (56%) of exposures affecting critical assets residing in platforms like AWS, Azure, and Google Cloud Platform. Attackers can easily pivot between on-premises and cloud systems in 70% of organizations and then compromise 93% of critical assets in the cloud in just two hops. This presents significant threats to cloud-based assets.

Overall, the findings underscore the importance of comprehensive exposure management for organizations to understand and mitigate cyber risk effectively, extending beyond merely addressing vulnerabilities. Organizations with poor exposure management posture scores have six times as many security exposures compared to those with higher posture scores. Additionally, exposure management cannot be treated as a one-time or annual project; it must be an ongoing process to continually enhance an organization's cyber risk posture. Identifying all possible attack vectors, analyzing how threat actors can chain together disparate exposures, and prioritizing remediation efforts accordingly are critical in reducing risk. 

This report presents insights from the analysis of more than 40 million exposures affecting 11.5 million critical business entities. These exposures were uncovered through hundreds of thousands of attack path assessments conducted by XM Cyber's Continuous Exposure Management platform in 2023. The data collected from XM Cyber's platform was anonymized and provided to Cyentia Institute for independent analysis to generate the report's insights.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like