Misconfigured APIs Make-Up Two-Thirds of Cloud Breaches

<p style=\"font-weight: 400;\">To accelerate the ability to meet business needs, moving IT systems to the cloud became a key tactic and this was accelerated during the pandemic; if businesses were not digital, they were at risk of dying.</p>
<p style=\"font-weight: 400;\">While IT and security organizations have typically been gatekeepers, ensuring strong IT practices, compliance, security, and risk management, their processes are often perceived as slow by business owners.</p>
<p style=\"font-weight: 400;\">In addition to moving to the cloud — often without IT support — businesses now rely on software and web apps that rely on microservices, building blocks of functionality that come from multiple sources — a veritable software supply chain. While this allows for much greater speed, flexibility, and distribution of effort, from a risk management perspective it creates a very dangerous situation. IT doesn’t know when and where technology is deployed, and even when they do, the supply chain approach means that known vendors or partners may themselves obtain code from their partners. This dependence may be unknown and therefore, undisclosed, lengthening the software supply chain, increasing business risk, and creating a perfect storm for potential vulnerabilities. Smart organizations should invest in visibility and control tools, and change the culture of security to be one that enables business rather than one that blocks or slows it down.</p>