Hackers exploiting poor software service connections

Hackers are increasingly exploiting poor software service connections between IT platforms and businesses, according to an IT security report.

In particular, businesses often ignore the way their systems are configured with software as a service providers. In the report’s survey, up to 63 per cent either said security problems arose in this area – or might have done.

Poor visibility

The survey found two key problems. First, too many departments had access to security settings (35 per cent). And, organisations had poor visibility to the changes made to those settings (34 per cent).

In fact, many business departments need access to security in such environments to perform their roles. “Often they lack the proper training and focus on security to be making changes to security settings,” the report said.

Mismatch

While about eight in ten organisations (81 per cent) increased investment over the past year in software as a service, only 73 per cent reported increased in security in that area. Fewer (55 per cent) reported hiring specialist IT staff.

“The use of automation for monitoring SaaS security can help to decrease this pressure, but only 26 per cent of organisations utilise this technology,” the report said. “Security teams are spending more time manually assessing security, detecting, and remediating misconfigurations.”

Third-party risk

While the IT business Upguard agrees cloud misconfiguration is the major risk, it also warned that third-party risk is also an issue.

“Organisations must implement effective third-party risk management programs to consistently monitor and manage the unique cyber risks their SaaS vendors contribute to the attack surface,” it said.

In addition, cybercriminals attack organisations’ sensitive data. That can include targeting the source code, updating mechanisms, or building processes of vendor software. For example, the largest cyber attack on the US government to date was facilitated by an IT update from its SaaS vendor Solarwinds.

That is why traditional cybersecurity defences may not be enough. “Security teams need detailed visibility into the entire vendor ecosystem to identify and remediate supply chain vulnerabilities before cybercriminals exploit them,” it said.

 

  • About Enterprise Risk Magazine

    Enterprise Risk Magazine is the leading quarterly title for risk managers and enterprise risk, with a print circulation of over 5,500.

    Enterprise Risk is published on behalf of the Institute of Risk Management (IRM). The majority of IRM members receive their copy of Enterprise Risk at their home address, meaning the title... Read more
  • Categories

  • Tags