STOCK TITAN

New Study Finds 84% of Security Professionals Experienced an API Security Incident in the Past Year

Rhea-AI Impact
(Low)
Rhea-AI Sentiment
(Neutral)
Tags

Akamai Technologies released its third annual API Security Impact Study, revealing concerning trends in API security. 84% of respondents experienced API security incidents in the past year, up from 78% in 2023. The study, surveying 1,207 security leaders across the US, UK, and Germany, found that only 27% of participants have a full API inventory and know which APIs exchange sensitive data, down from 40% in 2023.

The average cost to remediate API incidents was $591,404 in the US, rising to $832,801 in financial services. Energy/utilities reported the highest incident rate (91%), while retail/ecommerce had the lowest (68%). CISOs ranked addressing generative AI threats (25.5%) and securing APIs (24.8%) as top priorities.

Akamai Technologies ha pubblicato il suo terzo studio annuale sull'impatto della sicurezza delle API, rivelando tendenze preoccupanti nella sicurezza delle API. Il 84% dei rispondenti ha subito incidenti di sicurezza delle API nell'ultimo anno, in aumento rispetto al 78% del 2023. Lo studio, che ha interrogato 1.207 leader della sicurezza negli Stati Uniti, nel Regno Unito e in Germania, ha scoperto che solo il 27% dei partecipanti dispone di un inventario completo delle API e sa quali API scambiano dati sensibili, in calo rispetto al 40% nel 2023.

Il costo medio per sanare gli incidenti delle API è stato di $591.404 negli Stati Uniti, salendo a $832.801 nei servizi finanziari. Il settore dell'energia e dei servizi pubblici ha segnalato il tasso di incidenti più alto (91%), mentre il retail/ecommerce ha avuto il più basso (68%). I CISOs hanno classificato la gestione delle minacce generate dall'IA (25,5%) e la sicurezza delle API (24,8%) come massime priorità.

Akamai Technologies publicó su tercer estudio anual sobre el impacto de la seguridad de las API, revelando tendencias preocupantes en la seguridad de las API. El 84% de los encuestados experimentó incidentes de seguridad de API en el último año, un aumento con respecto al 78% en 2023. El estudio, que encuestó a 1.207 líderes de seguridad en Estados Unidos, Reino Unido y Alemania, encontró que solo el 27% de los participantes tiene un inventario completo de API y sabe cuáles intercambian datos sensibles, bajando del 40% en 2023.

El costo promedio para remediar incidentes de API fue de $591,404 en EE. UU., aumentando a $832,801 en servicios financieros. El sector de energía/utilidades reportó la tasa de incidentes más alta (91%), mientras que retail/ecommerce tuvo la más baja (68%). Los CISOs clasificaron abordar las amenazas de IA generativa (25.5%) y asegurar las API (24.8%) como prioridades principales.

Akamai Technologies는 API 보안에 대한 우려스러운 추세를 밝힌 제3회 연례 API 보안 영향 연구를 발표했습니다. 응답자의 84%가 지난 1년 동안 API 보안 사고를 경험했습니다, 2023년의 78%에서 증가한 수치입니다. 이 연구는 미국, 영국 및 독일의 1,207명의 보안 리더를 조사하였으며, 참가자의 27%만이 전체 API 목록을 보유하고 있으며 어떤 API가 민감한 데이터를 교환하는지 알고 있다고 밝혔습니다. 이는 2023년의 40%에서 감소한 수치입니다.

API 사고를 해결하는 평균 비용은 미국에서 $591,404였으며, 금융 서비스에서 $832,801로 증가했습니다. 에너지/유틸리티 부문은 가장 높은 사고율(91%)을 보고했으며, 소매/ecommerce 부문은 가장 낮은 사고율(68%)을 기록했습니다. CISO들은 생성적 AI 위협 대응(25.5%)과 API 보안(24.8%)을 최우선 과제로 정했습니다.

Akamai Technologies a publié sa troisième étude annuelle sur l'impact de la sécurité des API, révélant des tendances préoccupantes en matière de sécurité des API. 84 % des répondants ont connu des incidents de sécurité des API au cours de l'année écoulée, en hausse par rapport à 78 % en 2023. L'étude, qui a interrogé 1 207 responsables de la sécurité aux États-Unis, au Royaume-Uni et en Allemagne, a montré que seulement 27 % des participants disposent d'un inventaire complet des API et savent quelles API échangent des données sensibles, en baisse par rapport à 40 % en 2023.

Le coût moyen pour remédier aux incidents liés aux API était de $591,404 aux États-Unis, grimpant à $832,801 dans les services financiers. Le secteur de l'énergie/utilités a signalé le taux d'incidents le plus élevé (91 %), tandis que le secteur du commerce de détail/ecommerce a enregistré le plus bas (68 %). Les CISO ont classé la gestion des menaces génératives de l'IA (25,5 %) et la sécurisation des API (24,8 %) parmi les priorités les plus élevées.

Akamai Technologies hat seine dritte jährliche Studie über die Auswirkungen der API-Sicherheit veröffentlicht und besorgniserregende Trends in der API-Sicherheit aufgezeigt. 84 % der Befragten hatten im letzten Jahr API-Sicherheitsvorfälle, ein Anstieg gegenüber 78 % im Jahr 2023. Die Studie, die 1.207 Sicherheitsverantwortliche in den USA, Großbritannien und Deutschland befragte, ergab, dass nur 27 % der Teilnehmer über ein vollständiges API-Inventar verfügen und wissen, welche APIs sensible Daten austauschen, ein Rückgang von 40 % im Jahr 2023.

Die durchschnittlichen Kosten zur Behebung von API-Vorfällen betrugen $591.404 in den USA und stiegen auf $832.801 im Finanzwesen. Der Energiesektor/Versorgungsunternehmen meldete die höchste Vorfallsrate (91 %), während der Einzelhandel/eCommerce die niedrigste (68 %) hatte. CISOs stuften die Bekämpfung von Bedrohungen durch generative KI (25,5 %) und die Sicherung von APIs (24,8 %) als höchste Prioritäten ein.

Positive
  • Retail/ecommerce sector shows lowest API incident rate at 68%
  • API security ranks as second-highest priority for CISOs (24.8%)
Negative
  • 84% of respondents experienced API security incidents, up from 78% in 2023
  • Only 27% of participants have full API inventory visibility, down from 40% in 2023
  • High remediation costs: $591,404 average in US, $832,801 in financial services
  • Real-time API testing decreased from 18% to 13% in US and UK
  • 91% incident rate in energy/utilities sector despite low priority ranking

Insights

The rising trend in API security breaches presents significant market implications for Akamai. The $591,404 average remediation cost in the US, reaching $832,801 in financial services, highlights a substantial market opportunity. With 84% of organizations experiencing API incidents and only 27% having proper API visibility, this demonstrates a critical security gap that Akamai can capitalize on.

The decline in real-time API testing from 18% to 13% among US/UK respondents, coupled with increasing attack frequencies, suggests growing market demand for comprehensive API security solutions. This positions Akamai favorably as organizations seek to address these vulnerabilities, particularly with CISOs ranking API security (24.8%) as a top priority alongside AI threats.

The industry-specific findings reveal important market dynamics. The energy/utilities sector's paradox of highest incident rate (91%) but lowest priority ranking indicates an untapped market opportunity. Conversely, retail/ecommerce's proactive stance with lower incidents (68%) but higher prioritization (21.3%) suggests a model for cross-sector marketing strategies. The disconnect between incident rates and security prioritization across industries presents Akamai with strategic opportunities to expand market share through targeted solutions and education initiatives.

Only 27% of respondents know which APIs return the sensitive data that attackers seek

CAMBRIDGE, Mass., Nov. 13, 2024 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today announced new research showing that while API attacks are rising, visibility into API risks that open doors for attackers is declining. Now in its third year, the API Security Impact Study (formerly the API Security Disconnect) explores the state of API protection based on a survey of 1,207 security leaders and practitioners across the United States, United Kingdom, and Germany.

The study finds that 84% of respondents experienced an API security incident over the past 12 months. This marks the third straight year of increased incursions and marks an all-time high (up from 78% in 2023). The number is also consistent with recent Akamai research that shows a rise in API attacks.

Although API incursions are up, the percentage of participants who have a full API inventory and know which APIs exchange sensitive data dropped from an already low 40% in 2023 to just 27% in 2024. According to the May 2024 Gartner® Market Guide for API Protection: "Current data indicates that the average API breach leads to at least 10 times more leaked data than the average security breach." This suggests API security will be a major issue for the foreseeable future.

The API Security Impact Study surveyed security leaders from the following industries: financial services, retail/ecommerce, healthcare, government/public sector, manufacturing, energy/utilities, automotive, and insurance. Energy/utilities reported the highest number of API security incidents (91%), yet that industry ranked API security as their lowest priority among the 13 options given. Conversely, retail/ecommerce reported the lowest number of API incidents (68%) and cited API security as a top priority (21.3%) — higher than any other industry surveyed.

Other findings of the survey include:

  • The average cost to remediate API incidents was $591,404 in the United States In sectors such as financial services, the average rose to $832,801.
  • There is general consensus among all roles in all regions that the greatest impacts of API security incidents fall on security staff. Participants ranked the levels of stress and/or pressure on their teams from API security to be slightly higher than those from remediation costs and regulatory fines.
  • The top-ranked security priorities for CISOs over the next 12 months are addressing generative AI–fueled threats (25.5%) and securing APIs (24.8%).
  • In 2023, 18% of U.S. and U.K. respondents said they tested APIs in real time. Among the same cohort in 2024, that figure fell to 13%. Many of the causes for API incidents that were cited by survey takers are exactly the types of issues real-time testing can help address.
  • Top-ranked causes of API incidents include vulnerabilities cited in the OWASP Top 10 API Security Risks and a candid admission that commonly used API tools did not catch the issues.

"Our research shows that API security has yet to become a key element in a comprehensive security strategy," said Rupesh Chokshi, Senior Vice President and General Manager, Application Security, Akamai. "Organizations mostly treat API threats as emerging, when the attack data — as well as the financial impact and stress on security teams — shows they keep growing. We believe that the API Security Impact Study will help companies to better assess API protections and improve them where needed."

The study offers not only insights about survey findings but also recommendations that security teams can use to enhance their API security strategies. This includes undertaking a full inventory of APIs, regular testing to ensure APIs are coded correctly, and implementing runtime detection to differentiate between "normal" and "abnormal" API activity.

The API Security Impact survey was conducted by Opinion Matters between June 12, 2023, and July 7, 2024.

About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.

Contact
Jim Lubinskas
Akamai Media Relations
703.907.9103
jlubinsk@akamai.com 

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/new-study-finds-84-of-security-professionals-experienced-an-api-security-incident-in-the-past-year-302303810.html

SOURCE Akamai Technologies, Inc.

FAQ

What percentage of companies experienced API security incidents in 2024 according to Akamai (AKAM)?

According to Akamai's study, 84% of respondents experienced an API security incident in the past year, marking an all-time high and an increase from 78% in 2023.

How much does it cost to remediate API security incidents according to Akamai's (AKAM) 2024 study?

The average cost to remediate API incidents was $591,404 in the United States, with financial services sector experiencing higher costs averaging $832,801.

What percentage of companies have full API inventory visibility in 2024 according to Akamai (AKAM)?

Only 27% of participants have a full API inventory and know which APIs exchange sensitive data, down from 40% in 2023.

Which industry reported the highest API security incidents in Akamai's (AKAM) 2024 study?

The energy/utilities sector reported the highest number of API security incidents at 91%.

Akamai Technologies Inc

NASDAQ:AKAM

AKAM Rankings

AKAM Latest News

AKAM Stock Data

13.45B
150.23M
1.84%
98.8%
5.27%
Software - Infrastructure
Services-business Services, Nec
Link
United States of America
CAMBRIDGE