Report: Credential access is the biggest risk for ransomware attacks

We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!

Every major IT-related initiative – from enabling hybrid work to introducing new digital services for customers or citizens – results in more digital interactions between people, applications and processes. A new report from CyberArk highlights how the emergence of human and machine identities has led to an accumulation of identity-related cybersecurity debt, exposing organizations to greater cybersecurity risks.

Recent organization-wide digital initiatives have come at the cost of accrued cybersecurity debt – driven by security investments that have failed to keep pace with organizations’ efforts to focus on driving business and growth. Seventy-nine percent agree that in the past 12 months, their organization has prioritized maintaining operations over ensuring robust cybersecurity.

This acceleration of digitization and the resulting proliferation of digital identities is creating a growing attack surface. More than 70% of organizations surveyed have experienced ransomware attacks in the past year. The report found that access to credentials was the highest risk for respondents (at 40%), followed by defense evasion (31%), execution (31%), initial access (29%) and privilege escalation (27%) .

The debt is compounded by the recent rise in geopolitical tensions, which have fueled the need for greater awareness of the physical impact of cyber-attacks, particularly on critical infrastructure. The report shows that 88% of energy and utilities companies have had a successful attack on the software supply chain.

Participants identified several new measures that their organizations have already introduced or plan to introduce to help reduce cybersecurity debt. The top three measures, each mentioned by 54% of respondents, are real-time monitoring and analytics to control all privileged session activities; least-privilege security / zero-trust principles on infrastructure running mission-critical applications; and processes to isolate mission-critical applications from Internet-connected devices to limit lateral movement.

The report represents the findings of a global survey conducted by Vanson Bourne of 1,750 IT security decision-makers, highlighting their experiences over the past year in supporting their organizations’ growing digital initiatives. Respondents were located in the US, UK, France, Germany, Japan, Italy, Spain, Brazil, Mexico, Israel, Singapore and Australia.

Read the full report by CyberArk.

The mission of VentureBeat is a digital city square for technical decision-makers to gain knowledge about transformative business technology and transactions. Learn more about membership.

Shreya Christina
Shreya has been with for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

More from author


Please enter your comment!
Please enter your name here

Related posts


Latest posts

The Nostalgia Factor: Why Retro Gaming Continues to Thrive

In the fast-paced world of modern video games with their stunning graphics, lifelike simulations, and complex narratives, there's a distinct charm in returning to...

The Rise of Cross-Platform App Development in Australia

In the ever-evolving landscape of app development, the need for efficiency, cost-effectiveness, and wider reach has given rise to a significant trend: cross-platform app...

Embracing Efficiency and Nature: Why Outdoor Pods Trump Typical Cubicles

In the ever-evolving world of work, the concept of the traditional office is undergoing a profound transformation. The limitations of the conventional cubic office...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!