Organizations are facing a major challenge when it comes to security posture management; tens of thousands of attack path assessments conducted in 2022 revealed that only 2% of attack paths lead to critical assets. This means that securing the choke points through which they pass is a priority, as it can dramatically reduce risk. XM Cyber’s State of Exposure Management in 2023 report details the findings of the analysis.
The report found that 75% of the exposures identified by the assessment were dead ends and could not be exploited. It also found that attackers can access 70% of critical assets in on-prem networks in just 3 steps and 90% of critical assets in cloud infrastructures are just one hop away from initial compromise. It also found that techniques targeting credentials and permissions affect 82% of organizations and exploit over 70% of all security exposures.
Organizations must take a new approach to remediation efficiency by focusing on the remediation of exposures that lie on choke points. This does not mean that an attacker’s presence can be ignored even on a dead-end path, as they can still do considerable damage, even if they don’t have immediate access. Vendors should also distribute products with a secure-by-default configuration and organizations should provide guidance and best practices governing passwords and access management.
Organizations should also consider adopting a zero-trust security model and keep attackers out of cloud infrastructures by protecting the on-prem infrastructure. The report also recommends that organizations take a consolidated view of the distinct parts of their environment to prevent missing common threads and otherwise obvious attack paths.
Key Points:
- Only 2% of attack paths lead to critical assets.
- Securing the choke points through which they pass dramatically reduces risk.
- 75% of the identified exposures were dead ends.
- Attackers can access 70% of critical assets in on-prem networks in just 3 steps and 90% of critical assets in cloud infrastructures are just one hop away from initial compromise.
- Organizations should adopt a zero-trust security model and focus on remediating choke points.
- Vendors should distribute products with a secure-by-default configuration and organizations should provide guidance and best practices governing passwords and access management.
- Organizations should take a consolidated view of their environment to prevent missing common threads and otherwise obvious attack paths.
