Seventy-five percent of exposed resources across 20 million entities last year were unexploitable dead ends but 2% of exposures were found to be on choke points that could permit access to critical assets, reports SecurityWeek
Moreover, 82% of organizations are impacted by techniques aimed at credentials and permissions, which exploit more than 70% of all discovered exposures, a report from XM Cyber revealed. The findings also showed that 70% of critical on-prem network assets could be accessed in only three steps, while 90% of critical cloud assets could be compromised in just one step.
"Organizations face tough challenges in managing their diverse on-prem and cloud environments. Part of that struggle stems from failing to consider the big picture and only focusing on each piece in isolation," said the report.
The report also downplayed the importance of zero-trust
in protecting critical assets, a point disagreed upon by Keeper Security Vice President of Security and Architecture Patrick Tiquet.
"The only realistic way to go about identity management in a cloud-based world is to adopt a zero-trust security model," Tiquet added.