Home Innovation Security UK Faces Record Increase in AP...

UK Faces Record Increase in API Security Incidents

Security

Business Honor
14 November, 2024

UK organizations see an 83% rise in API security incidents, with critical sectors most impacted

API security breaches have increased by a substantial 83% for UK organizations, up from a 69% rise the previous year, according to a new report by Akamai. Based on a survey of 1,207 leaders and practitioners in the US, UK, and Germany, the new report points to stark trends in API security that underscore growing vulnerabilities in critical sectors.

The API Security Impact Study, in its third year, showed that 84 percent of respondents from all three countries had at least one API security incident during the previous 12 months. The UK however had the sharpest rise, with a 14 percent increase from that registered in 2023. This is particularly concerning, especially within the UK's key infrastructure sectors, including government, finance, and healthcare. Indeed, 94.1% of UK government or public sector organizations and 90% of healthcare entities indicated the occurrence of security breaches of APIs. The financial services vertical also recorded a 92% breach rate for the same scenario.

Real-time failure to test is the most feared takeaway from this report. Nine out of 10 US and UK respondents indicated that they are not testing their APIs in real time, though 13% will do that in 2024-down from 18% in 2023. This gap in testing could lead to severe financial consequences. The average cost that UK organizations incurred to redress API security incidents over the previous year was £420,103, which included system repairs, downtime, fines, and legal fees.

The survey also indicates a worrying trend in sensitive data oversight. Not even 28.5% of UK enterprises with full API inventories have an idea on which of the APIs handle sensitive information, though this figure has dropped sharply from 40% in 2023.

Despite these challenges, the retail and eCommerce sectors experienced the fewest incidents at 68 percent, though API security is still of topmost concern for 21.3 percent of respondents. According to Akamai's Richard Meeus, more organizations need to take API security seriously as a critical and ongoing concern rather than an emerging threat.