Cybersecurity In-Depth

The Edge

Suppliers, Cloud Providers Are Threats to Enterprise Data, Survey Says

Other threats to enterprise data include cybercriminals, authorized users, foreign governments, and application vulnerabilities, according to Dark Reading's recent Strategic Security Report.

Security threats come in many shapes and forms – and enterprise security teams have their hands full dealing with data breaches, ransomware infections, and supply chain attacks. Data from Dark Reading’s latest Strategic Security Survey shows that the majority of IT security leaders are concerned about the broad array of threats against enterprise data, despite feeling confident in their ability to detect and respond to incidents. As the figure shows, 58% of security leaders say cybercriminals pose the biggest threat to enterprise data, followed by 40% concerned about authorized users and internal employees. Tellingly, a small but significant number of respondents cited cloud and network service providers, and suppliers and contractors, two groups that didn’t really come up in the 2020 survey, as significant threats.

In the survey, 23% of the respondents say they are concerned about the risks suppliers and contractors pose to enterprise data, followed by 18% who named cloud and network service providers. Application vulnerabilities and foreign governments, at 36% and 25%, were also in the top 6.

The list of threats data map very closely to types of security incidents defenders are most worried about. Cybercriminals are continually refining their techniques to make it possible to steal corporate data and personal information, whether that is through ransomware or otherwise compromising applications and systems. Phishing attacks and business email compromise trick authorized users into giving up information or performing tasks they shouldn’t be. There have been a number of attacks targeting application vulnerabilities, such as the PrintNightmare vulnerability in Microsoft’s Windows Print Spooler service that allowed attackers to view, change, or delete data. Attacks by foreign government don’t sound as far-fetched anymore, especially after reports that Chinese-sponsored attackers targeted Microsoft Exchange swept up emails, calendars entries, and contacts information. The Kaseya attack highlighted anew how compromising suppliers and contractors can impact downstream customers. Researchers also uncovered a vulnerability in Azure Cosmos DB which, if exploited, could have impacted thousands of Azure customers. And finally, attacks by malicious insiders remain an important area of concern.