"Unsecured APIs Could Be Costing Firms $75bn Per Year"

Security researchers at Imperva discovered that global businesses could be exposing themselves to billions in annual losses because they aren't properly securing their APIs. Imperva teamed up with the Marsh McLennan Cyber Risk Analytics Center to analyze nearly 117,000 unique cybersecurity incidents for their report, Quantifying the Cost of API Insecurity. The researchers found that vulnerable and unsecured APIs cause an estimated 7.5% of cyber events and losses globally, rising to 18-23% in the IT and information sector. Professional services (10-15%) and retail (6-12%) rounded out the top three. The researchers stated that APIs are an increasingly common feature of digital transformation projects, connecting applications, data, and experiences. The researchers estimated that around half of businesses have 50-100 APIs deployed internally or publicly, and some have thousands. The researchers warned that deploying many APIs could unwittingly expand a company's digital attack surface.

Infosecurity reports: "Unsecured APIs Could Be Costing Firms $75bn Per Year"