New Study Finds 84% of Security Professionals Experienced an API Security Incident in the Past Year
Monday, November 18, 2024
Only 27% of respondents know which APIs return the sensitive data that attackers seek
CAMBRIDGE, Mass., Nov. 13, 2024 /PRNewswire/ -- Akamai Technologies, Inc. (NASDAQ: AKAM), the cloud company that powers and protects life online, today announced new research showing that while API attacks are rising, visibility into API risks that open doors for attackers is declining. Now in its third year, the API Security Impact Study (formerly the API Security Disconnect) explores the state of API protection based on a survey of 1,207 security leaders and practitioners across the United States, United Kingdom, and Germany.
The study finds that 84% of respondents experienced an API security incident over the past 12 months. This marks the third straight year of increased incursions and marks an all-time high (up from 78% in 2023). The number is also consistent with recent Akamai research that shows a rise in API attacks.
Although API incursions are up, the percentage of participants who have a full API inventory and know which APIs exchange sensitive data dropped from an already low 40% in 2023 to just 27% in 2024. According to the May 2024 GartnerĀ® Market Guide for API Protection: "Current data indicates that the average API breach leads to at least 10 times more leaked data than the average security breach." This suggests API security will be a major issue for the foreseeable future.
The API Security Impact Study surveyed security leaders from the following industries: financial services, retail/ecommerce, healthcare, government/public sector, manufacturing, energy/utilities, automotive, and insurance. Energy/utilities reported the highest number of API security incidents (91%), yet that industry ranked API security as their lowest priority among the 13 options given. Conversely, retail/ecommerce reported the lowest number of API incidents (68%) and cited API security as a top priority (21.3%) -- higher than any other industry surveyed.
Other findings of the survey include:
-- The average cost to remediate API incidents was $591,404 in the United
States In sectors such as financial services, the average rose to
$832,801.
-- There is general consensus among all roles in all regions that the
greatest impacts of API security incidents fall on security staff.
Participants ranked the levels of stress and/or pressure on their teams
from API security to be slightly higher than those from remediation
costs and regulatory fines.
-- The top-ranked security priorities for CISOs over the next 12 months are
addressing generative AI-fueled threats (25.5%) and securing APIs
(24.8%).
-- In 2023, 18% of U.S. and U.K. respondents said they tested APIs in real
time. Among the same cohort in 2024, that figure fell to 13%. Many of
the causes for API incidents that were cited by survey takers are
exactly the types of issues real-time testing can help address.
-- Top-ranked causes of API incidents include vulnerabilities cited in the
OWASP Top 10 API Security Risks and a candid admission that commonly
used API tools did not catch the issues.
"Our research shows that API security has yet to become a key element in a comprehensive security strategy," said Rupesh Chokshi, Senior Vice President and General Manager, Application Security, Akamai. "Organizations mostly treat API threats as emerging, when the attack data -- as well as the financial impact and stress on security teams -- shows they keep growing. We believe that the API Security Impact Study will help companies to better assess API protections and improve them where needed."
The study offers not only insights about survey findings but also recommendations that security teams can use to enhance their API security strategies. This includes undertaking a full inventory of APIs, regular testing to ensure APIs are coded correctly, and implementing runtime detection to differentiate between "normal" and "abnormal" API activity.
The API Security Impact survey was conducted by Opinion Matters between June 12, 2023, and July 7, 2024.
About Akamai
Akamai is the cybersecurity and cloud computing company that powers and protects business online. Our market-leading security solutions, superior threat intelligence, and global operations team provide defense-in-depth to safeguard enterprise data and applications everywhere. Akamai's full-stack cloud computing solutions deliver performance and affordability on the world's most distributed platform. Global enterprises trust Akamai to provide the industry-leading reliability, scale, and expertise they need to grow their business with confidence. Learn more at akamai.com and akamai.com/blog, or follow Akamai Technologies on X and LinkedIn.
Contact
Jim Lubinskas
Akamai Media Relations
703.907.9103
jlubinsk@akamai.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/new-study-finds-84-of-security-professionals-experienced-an-api-security-incident-in-the-past-year-302303810.html
SOURCE Akamai Technologies, Inc.
|
|
|
|
|
 |
pgEdge Announces pgEdge Agentic AI Toolkit for Postgres | Jan 22, 2026
|
|
Identiv Completes Thailand Manufacturing Transition, Unlocking Next-Generation Multicomponent Manufacturing for Advanced IoT Solutions | Jan 22, 2026
|
|
Android Mobile Adware Surges in Second Half of 2025 | Jan 22, 2026
|
|
Guardz 2025 SMB Cybersecurity Report: Nearly 50% of U.S. Small Businesses Have Been Hit by Cyber Attack | Jan 22, 2026
|
|
Global Cyber Alliance Identifies Five Cybersecurity Forces That Defined 2025 - And Will Shape 2026 | Jan 22, 2026
|
|
New Report Names States Most Vulnerable to Holiday Scams | Jan 22, 2026
|
|
LG ELECTRONICS INTRODUCES 2026 LG GRAM LINEUP ELEVATED BY AEROMINUM | Jan 22, 2026
|
|
Truvista Fiber Acquires SlyTel | Jan 22, 2026
|
|
Breakthrough Progress: METiS TechBio Publishes Consecutive Research Findings in Nature Communications and the Journal for ImmunoTherapy of Cancer | Jan 22, 2026
|
|
Healthcare Industry Executives are Likely to be Personal Targets of Cybercrime | Jan 22, 2026
|
|
|
