Businesses fail to understand threats and fail to keep patches updated

News by SC Staff

Security attacks are growing in quantity and frequency, as well as having more impact on business operations.

Security attacks are growing in quantity and frequency, as well as having more impact on business operations.

According to a new bi-annual report from security experts TippingPoint, SANS Institute and Qualys, many businesses are still extremely vulnerable to security attacks that can damage brand reputation and business operations.

The report claimed that with so many different types of security attacks targeting the enterprise, it is becoming difficult for organisations to see which threats pose the greatest risk. Key findings of the Top Risks Report included how unpatched popular client-side applications are putting businesses at risk of data theft, as windows are left open for hackers to steal critical data, impact network performance and affect business continuity.

Also, the number of web application attacks is increasing, elevating the threat posed by previously trusted websites, as web applications comprise more than 60 per cent of the total attack attempts occurring on the internet. These vulnerabilities are being exploited widely to convert trusted websites into malicious servers serving client-side exploits.

Alan Paller, director of research for the SANS Institute, said: “Our goal in releasing this is to give overwhelmed security professionals the tools they need to prioritise their resources and security practices to achieve the best protection for their network.”

Rohit Dhamankar, director of TippingPoint's DVLabs security research team, said: “The security attacks we describe in this report pose the highest risk for disrupting business operations. For organisations, understanding these attacks and how they exploit the vulnerabilities inherent in the network is a critical first step in building an effective security strategy.”

Wolfgang Kandek, CTO of Qualys, said: “The aggregate data in this new Top Risks report from the SANS Institute, TippingPoint intrusion prevention systems and Qualys vulnerability statistics enabled us to produce a new level of reporting with a more comprehensive picture of the state of internet security. This initiative underscores the importance of collaboration to fight the increased sophistication of attacks and helps business respond faster to new emerging threats.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews