Security Market Segment LS
Thursday, 28 March 2019 00:41

Organisations not securing business applications, despite data losses: report Featured

Organisations not securing business applications, despite data losses: report Image courtesy of Stuart Miles at

Organisations are mostly not securing business critical applications, but despite this many of those surveyed indicate that they are confident their organisation can effectively stop all data security attacks or breaches at the perimeter.

According to research by security vendor CyberArk, despite the fact that most (56%) of the business and IT leaders surveyed had experienced data loss, integrity issues or service disruptions affecting business critical applications, the majority (72%)  expressed confidence in stopping the attacks.

And the majority of organisations (nearly 70%) do not prioritise the protection of the applications that their business depends on — such as ERP and CRM systems — any differently to how low-value data, applications or services are secured.

The independent survey was conducted among 1450 business and IT decision-makers, primarily from Western European economies, with respondents indicating that even the slightest downtime affecting business critical applications would be massively disruptive, with 61% agreeing that the impact would be severe.

CyberArk says that breaches affecting applications that are the lifeblood of business can result in punitive costs, with a 2018 report estimating the average cost of an attack on an ERP system at A$7.7 million.

“The threat actors that enterprises face are formidable – organised crime was behind 50% of all breaches in 2018, with attacks using established tactics like privileges abuse to achieve their aims,” the company notes.

CyberArk says the survey findings bring to light a “remarkable disconnect” between where security strategy is focused and the business value of what is most important to the organisation.

“An attacker targeting administrative privileges for these applications could cause significant disruption and could even halt business operations,” it says.

The survey also found that 74% of organisations indicated they have moved (or will move within two years) business critical applications to the cloud.

And CyberArk says a risk-prioritised approach to protecting these assets is necessary for this transition to be managed successfully.

Further industry data shows that, globally, 69% of organisations are migrating data for popular ERP applications to the cloud.

“From banking systems and R&D to customer service and supply chain, all businesses in all verticals run on critical applications. Accessing and disrupting these applications is a primary target for attackers due to their day-to-day operational importance and the wealth of information that resides in them – whether they are on-premises or in the cloud,” said David Higgins, EMEA technical director at CyberArk.

“CISOs must take a prioritised, risk-based approach that applies the most rigorous protection to these applications, securing in particular privileged access to them and assuring that, regardless of what attacks penetrate the perimeter, they continue to run uncompromised.”


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments