Venafi study: CIOs massively underestimate SSH risks

Venafi study: CIOs massively underestimate SSH risks

Venafi, an inventor and leading provider of machine identity management, has released a new report offering insights into the security risks that poorly protected Secure Shell (SSH) machine identities pose to enterprises. The report compares findings from a survey of 550 CIOs from the United States, United Kingdom, France, Germany and Australia, with unique data and insights from aggregate SSH risk assessments conducted by Venafi SSH security experts.

SSH machine identities are critical to Digital Transformation strategies, as they authenticate privileged access between machines and are ubiquitous across enterprise networks. While CIOs say they are concerned about the security risks SSH machine identities pose, Venafi data indicates they seriously underestimate the scope of these risks. To better understand the scale of this problem, Venafi surveyed over 550 global CIOs and then compared the survey data with aggregate SSH risk assessments conducted over a two-year time period. The Venafi Risk Assessment team analysed more than 14 million SSH client keys and 3.3 million SSH host keys and found serious SSH security risks.

“SSH keys are extremely powerful assets that require careful protection,” said Kevin Jacque, Global Security Architect for Venafi. “It’s not surprising to find so many severe security risks because we know that most organisations do not use any automation to manage them. The only way to address these risks is to put in place a comprehensive SSH machine identity management solution that provides continuous visibility and leverages automation to enforce policies.”

Click below to share this article

Browse our latest issue

Intelligent CIO Europe

View Magazine Archive