As companies in various business verticals are increasingly implementing RPA to increase efficiency and reduce costs, they must be careful that they are not creating new vulnerabilities in their networks. Israeli cybersecurity firm CyberArk, in its Global Advanced Threat Landscape 2019, specifically called out RPA as a budding area of concern.
CyberArk, highlighting attack surfaces that businesses are not fully aware of, noted that only 30 percent of respondents to its survey understood that RPA implementations involve privileged accounts hackers can use to gain access to a company’s wider network. Even in instances where organizations were aware that privileged access, credentials or secrets existed within RPA, many have not integrated access security controls to protect their network.
“Organizations are showing increasing understanding of the importance of mitigation along the cyber kill chain and why preventing credential creep and lateral movement is critical to security,” said Adam Bosnian, executive vice president of global business development for CyberArk. “But this awareness must extend to consistently implementing proactive cybersecurity strategies across all modern infrastructure and applications, specifically reducing privilege-related risk in order to recognize tangible business value from digital transformation initiatives.”