A wave of digital initiatives by organizations worldwide has created an explosion of human and machine identities that are increasing the exposure of those organizations to ransomware and supply chain threats, according to CyberArk’s 2022 Identity Security Threat Landscape report released Tuesday.
The report found that nearly four out of five of the 1,750 IT security decision makers surveyed for the report (79%) agreed that security was taking a back seat to other IT and digital initiatives. Those initiatives—especially those prioritizing remote or hybrid working, new digital services for customers and citizens, and increased outsourcing of remote vendors and suppliers—have created hundreds of thousands of new digital identities in each organization, which can increase their exposure to cybersecurity risk.
The so-called software supply chain has been generating a lot of buzz these days. It came fully into the spotlight because of the global intrusion campaign where attackers used the update process of the popular Orion management software from SolarWinds to upload malicious code. Over 18,000 customers were affected, although the attackers only selectively attacked major corporations and government agencies once their backdoor was installed.
SolarWinds was probably the highest-profile supply chain attack in recent history, but there have been many others. The attack led to a reevaluation of who is responsible for security. For example, one of the major responses to the SolarWinds attack was President Biden’s Executive Order on Improving the Nation’s Cybersecurity. Among other things, the order stresses the need for supply chain security. And for the first time, a high-profile government directive specifically mentioned developers’ responsibility to deploy secure software.
With the weight of Western sanctions crippling parts of the Russian economy, the consensus seems to be that Moscow’s ambitions of being a major player in the development of machine learning, robotics, natural language processing and other artificial intelligence (AI) tools are functionally dead. The consequences of the war waged against Ukraine on Russia’s wealth, workforce and access to sophisticated imported products such as microprocessors used to operate everything from mobile devices to automobiles are immense.
