53% of organizations struggle with shadow IT

A new survey of IT and security leaders reveals they are concerned about attacks that leverage malware-exfiltrated authentication data, with 53% expressing extreme concern. 

Only 1% admitted they weren’t concerned at all, according to the data from SpyCloud. 

Despite the level of concern, many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively mitigate follow-on attacks with 98% indicating better visibility into at-risk applications would significantly improve their security posture. 

According to the report, the most overlooked entry points for malware include: 

• 57% of organizations allow employees to sync browser data between personal and corporate devices, enabling threat actors to siphon employee credentials and other user authentication data through infected personal devices while remaining undetected. 

• 54% of organizations struggle with shadow IT due to employees’ unsanctioned adoption of applications and systems, creating gaps not only in visibility but also in basic security controls and corporate policies. 

• 36% of organizations allow unmanaged personal or shared devices to access business applications and systems, opening the door for devices lacking robust security measures to access sensitive data and resources and minimizing oversight security teams require for proper monitoring and remediation. 

• Every infection exposes access to an average of 26 business applications. 

Twenty-seven percent don't routinely review their application logs for signs of compromise, 36% don't reset passwords for potentially exposed applications and 39% don't terminate session cookies at the sign of exposure. In the first half of 2023, researchers found that 20% of all recaptured malware logs had an antivirus program installed at the time of successful malware execution.