New research by CyberArk reveals that organizations continue to operate with limited visibility into user activity and sessions associated with web applications, despite the ever-present risk of insider threats and credential theft. While the adoption of web applications has brought flexibility and increased productivity, organizations often lag in implementing the security controls necessary to mitigate risk of human error or malicious intent.
The global survey of 900 enterprise security leaders found that 80 percent of organizations experienced employees misusing or abusing access to business applications in the past year. This comes as 48 percent of organizations surveyed said they have limited ability to view user logs and audit user activity, leaving a blind spot for catching potentially risky behavior in user sessions.
According to the research, in 70 percent of organizations, the average end-user has access to more than 10 business applications, many of which contain high-value data – creating ample opportunity for a malicious actor.
To that end, the top-three high-value applications that organizations were most concerned with protecting against unauthorized access were IT service management apps such as ServiceNow, cloud consoles such as Amazon Web Services, Azure and Google Cloud Platform and marketing and sales enablement applications such as Salesforce.
For many security teams, investigation into questionable user activity represents a significant investment of time and drag on thin resources, and must be balanced with other priorities such as improving incident response and enforcing consistent controls across applications to reduce threat of credential theft.
According to the research:
- More than half (54 percent) of organizations investigate user activity stemming from security incidents or compliance at least weekly vs. 34 percent of organizations that investigate monthly
- Forty four percent of organizations said they need to enable the same security controls across all applications amid disparate built-in application controls
- Forty one percent of respondents said that better visibility into user activity would enable them to identify the source of a security incident more quickly