edgescan™ have released their 2015 Vulnerability Statistics Report. As the only EU based Vulnerability Management Company listed by Gartner in both the Magic Quadrant for Managed Security Services and the Gartner Application Security Hypercycle the report reveals the true state of cybersecurity.
This is based on vulnerability data gathered in 2015 via the SaaS, edgescan.com.
“63% of all vulnerabilities discovered could have been mitigated via patch, configuration and component management combined.”
We are still not maintaining our systems in a secure manner. This is not difficult to do but can be time-consuming. A major cause of this is awareness and a lack of adequate patch management process and policy.
“61.4% or 2 of every 3 servers had a cryptographic vulnerability”
This in effect may result in data privacy and eavesdropping attacks against users data.
This is a cause of concern as our economy relies heavily on privacy and protection of sensitive information for many reasons. Such weaknesses are regularly exploited by both cybercriminals and nation-state agents in order to get a competitive edge in business or aid in identity & financial theft.
“15.1% of Assets have high or critical risk vulnerabilities”
High or critical vulnerabilities are defined as:
- Easily exploitable
- Remotely exploitable
- In some cases, such issues can affect both application and network layers combined.
Remediation: Even though patch management is not as exciting as other aspects of security, it’s still a vital aspect of maintaining a secure and robust posture. Security patches are a result of security bugs being discovered in application, framework & operating systems provided by system vendors.
Client-Side Security is still a significant issue.
Weakness such as Cross-Site-Scripting (The ability for an attacker to inject code into a user’s browser and possibly steal user credentials or install malware) is common.
Averages of 4.78 vulnerabilities are being discovered per web application assessed.
Such weak protections also assist an attacker with Phishing attacks and malware distribution.
More about Irish Tech News
Irish Tech News are Ireland’s No. 1 Online Tech Publication and often Ireland’s No.1 Tech Podcast too.
You can find hundreds of fantastic previous episodes and subscribe using whatever platform you like via our Anchor.fm page here: https://anchor.fm/irish-tech-news
If you’d like to be featured in an upcoming Podcast email us at [email protected] now to discuss.
Irish Tech News have a range of services available to help promote your business. Why not drop us a line at [email protected] now to find out more about how we can help you reach our audience.
You can also find and follow us on Twitter, LinkedIn, Facebook, Instagram, TikTok and Snapchat.