NEWTON, Mass. & PETACH TIKVA, Israel--(BUSINESS WIRE)--
According to a new CyberArk
(NASDAQ: CYBR)
survey, the
majority of organizations (nearly 70 percent) do not prioritize the
protection of the applications that their business depend on – such as
ERP and CRM systems – any differently than how low-value data,
applications or services are secured.
The independent survey was conducted among 1,450 business and IT
decision makers, primarily from Western European economies. Respondents
indicated that even the slightest downtime affecting business
critical applications would be massively disruptive, with 61 percent
agreeing that the impact would be severe.
Breaches affecting applications that are the lifeblood of business can
result in punitive costs, with a 2018 report estimating the average cost
of an attack on an ERP system at $5.5 million USD.1 The
threat actors that enterprises face are formidable – organized crime was
behind 50 percent of all breaches in 2018, with attacks using
established tactics like privileges abuse to achieve their aims.2
Despite the fact that more than half (56 percent) of organizations have
experienced data loss, integrity issues or service disruptions affecting
business critical applications in the previous two years, the survey
found a large majority (72 percent) of respondents are confident that
their organization can effectively stop all data security attacks or
breaches at the perimeter. This brings to light a remarkable disconnect
between where security strategy is focused and the business value of
what is most important to the organization. An attacker targeting
administrative privileges for these applications could cause significant
disruption and could even halt business operations.
The survey also found that 74 percent of organizations indicated they
have moved (or will move within two years) business critical
applications to the cloud. A risk-prioritized approach to protecting
these assets is necessary for this transition to be managed
successfully. Further industry data shows that, globally, 69 percent of
organizations are migrating data for popular ERP applications to the
cloud.3
“From banking systems and R&D to customer service and supply chain, all
businesses in all verticals run on critical applications. Accessing and
disrupting these applications is a primary target for attackers due to
their day-to-day operational importance and the wealth of information
that resides in them – whether they are on-premises or in the cloud,”
said David Higgins, EMEA technical director at CyberArk. “CISOs must
take a prioritized, risk-based approach that applies the most rigorous
protection to these applications, securing in particular privileged
access to them and assuring that, regardless of what attacks penetrate
the perimeter, they continue to run uncompromised.”
About the Survey
The CyberArk-sponsored survey was conducted
by Arlington Research amongst 1,450 business and IT decision makers in
eight countries in Europe, the Middle East and Africa: the UK, France,
Germany, Italy, Spain, Switzerland, Netherlands and Israel.
Additional Resources
1 – Industry-Focused Data Breach Report 2018 – ERPScan
2–2018
Verizon Data Breach Investigations Report (DBIR)
3 – Enterprise
Resource Planning (ERP) Applications and Cloud Adoption 2019
About CyberArk
CyberArk (NASDAQ: CYBR)
is the global leader in privileged access security, a critical layer of
IT security to protect data, infrastructure and assets across the
enterprise, in the cloud and throughout the DevOps pipeline. CyberArk
delivers the industry’s most complete solution to reduce risk created by
privileged credentials and secrets. The company is trusted by the
world’s leading organizations, including more than 50 percent of the
Fortune 500, to protect against external attackers and malicious
insiders. A global company, CyberArk is headquartered in Petach Tikva,
Israel, with U.S. headquarters located in Newton, Mass. The company also
has offices throughout the Americas, EMEA, Asia Pacific and Japan. To
learn more about CyberArk, visit www.cyberark.com,
read the CyberArk
blogs or follow on Twitter via @CyberArk, LinkedIn or Facebook.
Copyright © 2019 CyberArk Software. All Rights Reserved. All
other brand names, product names, or trademarks belong to their
respective holders.
View source version on businesswire.com:
https://www.businesswire.com/news/home/20190326005500/en/
Media Relations Contacts:
Brian Merrill, fama PR
Phone:
+1-617-986-5005
Email: cyberark@famapr.com
Liz Campbell, CyberArk
Phone: +1-617-558-2191
Email: press@cyberark.com
Investor Relations Contact:
Erica Smith, CyberArk
Phone:
+1 617-630-6426
Email: ir@cyberark.com
Source: CyberArk