One-third of new cloud vulnerabilities are introduced by new enterprise applications. Moreover, with new internet services being introduced rapidly, it is becoming increasingly difficult for companies to have an overview of their IT assets.
The entire IT infrastructure is an organization’s number one surface that cybercriminals can penetrate. It only proves difficult for IT teams to keep an overview of this, as new digital services are regularly added.
The media and entertainment industry appears to be the fastest innovating, with more than 7,000 new services each month. The telecom, insurance, pharmaceutical, and biomedical industries added an average of 1,000 services per month. Critical industries such as financial services and healthcare saw their attack surfaces increase by more than 200 new services each month.
Introduces cloud vulnerabilities
Overall, across all sectors, an average of 300 new services are added monthly. Recent research from Unit 42 shows that these new services compromise the cloud environment. Nearly 32 percent of new cloud vulnerabilities were introduced with new Internet applications.
The Attack Surface Threat Report by the Palo Alto Networks research team finds many vulnerabilities are added by flaws in application layer protocols (25 percent) particularly. Examples of such protocols include SNMP, NetBIOS, PPTP and VPNs. 73 percent of the exposures came from IT and network infrastructure, business process applications, and remote access services.