Understanding the composition of this 1% of users is crucial for security teams: often times, this subset of users includes super-privileged users, software architects, as well as machine-based identities (i.e., applications with programmatic access) that grant access privileges and archive data.
The disproportionate nature of cybersecurity risk extends to cloud-based collaboration. While organizations on average collaborate with 865 external parties, just 25 of these account for 75% of cloud-based sharing per organization. Unexpectedly, 70% of external file sharing occurs with non-corporate email addresses over which security teams have little control.
Many cloud applications support integration with third-party applications, outside the network and undetectable via traditional security tools, such as proxy- or gateway-based solutions. These apps are frequently targeted by cybercriminals as entry points to organizations. CloudLock’s research revealed that 52,000 instances of applications were installed by highly privileged users - a number that should be zero given privileged accounts are highly coveted by malicious cybercriminals.
By involving the most active users in the security process, organizations can rapidly mitigate the majority of cybersecurity risk. One CloudLock client decreased public exposures by 62% in just one day by doing so.
“Cyber attacks today target your users - not your infrastructure. As technology leaders wake up to this new reality, security programs are being reengineered to focus where true risk lies: with the user,” says CloudLock CEO and co-founder Gil Zimmermann. “The best defense is to know what typical user behavior looks like - and, more importantly, what it doesn’t.”