Historically, many enterprise IT departments have been preoccupied with shoring up their internal networks in an effort to thwart external threats and malicious activity. Individuals operating inside those internal networks with trusted relationships and access – such as third-party vendors, suppliers, or partners – have often been the subject of relatively minimal attention. Yet third-party data breaches are now accounting for an increasingly larger share of enterprise cybersecurity incidents. Analysts estimate that over 60% of data breaches are linked to third parties, while at CybelAngel, 90% of the data breaches we identify for enterprise customers can be attributed to a third party.
In this whitepaper, we explore some findings from CybelAngel’s continuous connected storage scanning, and demonstrate the ease with which threat actors can obtain information exposed on connected storage. The intention is to alert enterprise IT professionals to the risks of the expanding use of connected storage by third parties, and to help avert the potential damage of this new cybersecurity blind spot.