IT and security leaders were surveyed by SpyCloud on malware readiness. The report revealed security leaders are concerned about attacks that leverage malware-exfiltrated authentication data, with 53% expressing extreme concern and less than 1% admitting they weren’t concerned at all. 

However, many still lack the necessary tools to investigate the security and organizational impact of these infections and effectively mitigate follow-on attacks with 98% indicating better visibility into at-risk applications would significantly improve their security posture.

According to the report, the most overlooked entry points for malware include:

• 57% of organizations allow employees to sync browser data between personal and corporate devices, enabling threat actors to siphon employee credentials and other user authentication data through infected personal devices while remaining undetected.
• 54% of organizations struggle with shadow IT due to employees’ unsanctioned adoption of applications and systems, creating gaps not only in visibility but also in basic security controls and corporate policies.
• 36% of organizations allow unmanaged personal or shared devices to access business applications and systems, opening the door for devices lacking robust security measures to access sensitive data and resources and minimizing oversight security teams require for proper monitoring and remediation.
• According to SpyCloud research, every infection exposes access to an average of 26 business applications.

Twenty-seven percent don't routinely review their application logs for signs of compromise, 36% don't reset passwords for potentially exposed applications and 39% don't terminate session cookies at the sign of exposure. In the first half of 2023, researchers found that 20% of all recaptured malware logs had an antivirus program installed at the time of successful malware execution. 

Read the full report here.