Security News > 2022 > September > Risk management focus shifts from external to internal exposure
Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers internal and external attack vectors, application development and mobile app security, social engineering and phishing, and PCI- and FedRAMP-specific findings, with data segmented by industry and company size.
Long-term data shows that cyber risk significantly shifts year over year based on company size, vertical market, and many other factors.
Due to a surge of publicized catastrophic breaches, the dominating focus on external risk means that internal threats are allowed to persist.
"Smaller businesses are doing a better job balancing internal and external risks; however, mid-size companies struggle in the face of complex hybrid environments, heavy compliance demands, and extensive supply chains expanding their attack surfaces."
Within Coalfire's application risk data on financial services, high risk was a low 8%. However, high risk for mobile apps was 37%, meaning mobile apps performed much worse than web or desktop apps.
Over the last two years, the large CSPs reduced high-level risk exposure by more than one-third.
News URL
https://www.helpnetsecurity.com/2022/09/23/enterprise-csps-attack-vectors/