Properly securing APIs is becoming increasingly urgent
Imperva released a new study that uncovers the rising global costs of vulnerable or insecure APIs. Large companies are particularly vulnerable to the security risks associated with exposed or unprotected APIs as these mature organizations accelerate digital transformation.
Today, as many as 1 in every 13 cyber incidents can be attributed to API insecurity. As the number of APIs in production multiplies, this figure is expected to grow in the coming years.
Recommendations for improving API security:
Identify and classify data flowing through every API: Visibility is crucial for understanding the full schema of every API as well as identifying and classifying the data that flows through it so risks can be assessed.
Automate discovery: APIs are produced quickly and modified often, making them a blindspot for many organizations. Through automation, organizations can eliminate rogue or shadow APIs. Further, by automating API inventory, the security team will have visibility into when developers modify APIs in production.
Enable API governance: For organizations in highly regulated industries, an API governance model is crucial.
Read more: Help Net Security