CyCognito, the leading External Attack Surface Management platform, today released its semi-annual "State of External Exposure Management," revealing a staggering number of vulnerable public cloud, mobile and web applications exposing sensitive data, including unsecured APIs and personal identifiable information (PII). Developed by CyCognito's research division, the report is based on the analysis of 3.5 million assets across its enterprise customer base, including a number of Fortune 500 companies.
"The latest MOVEit exploit is a cautionary tale for all CISOs that attackers remain many steps ahead of web application and cloud security," said Rob Gurzeev, CEO and co-founder, CyCognito. "The volume of exposed PII stemming from this disastrous breach supports our findings and underscores the critical need for full-scope visibility of all assets across an organization's attack surface. Businesses can no longer afford to neglect their digital shadow and the many unknown and unmanaged risks within their systems."
Gurzeev continued, "The size of a company's attack surface fluctuates up and down by as much as 10 percent a month, making it a moving target rife with security gaps ready to be exploited. "Our latest research is not only a wake-up call that no business is immune to risk; it's also clear proof that unknown and undiscovered assets present a major threat to an organization."