A study by security company Check Point of 900 companies in Europe, the Middle East, the Americas and Asia Pacific, including 35 companies in South Africa, found that 63% of the companies were infected with hazardous bots.
“Many of the most serious threats remained hidden from network administrators. These threats come from ever-changing techniques deployed by criminal hackers, in addition to risky online activities by employees, which unintentionally create vulnerabilities on the corporate network. To develop a strong security blueprint, organisations must, firstly, be aware of and fully understand the activities occurring on their networks,” Check Point states.
The research showed that more than half of the companies were infected with new malware at least once a day. Significant cyber threats include botnets, malware, vendor vulnerabilities and exposures, as well as structured query language injection events.
Further, 91% of organisations used Web applications that had potential security risks. The surge in business Web applications has given criminal hackers unprecedented options to penetrate corporate networks. These risky Web applications include the frequency and use of anonymisers (enabling users to surf the Internet anony-mously), peer-to-peer applications, file-storage and sharing applications, as well as popular social networks – all of which can potentially open a backdoor to enterprise networks.
“More than half of the organisations studied had at least one potential data-loss incident. Corporate information is more accessible and transferable today than ever before, leading to higher risks of data loss or leakage. The study shows that different types of sensitive data were leaked and lost; including pay- ment card industry-related information and protected health information,” Check Point adds.
“The findings confirm that data security and threat prevention need to be included among the top security priorities for business leaders in South Africa. A key recommendation from these findings is adopting a security vision, which redefines security as a three-dimensional business process that combines policies, people and enforcement for stronger protection across all layers of security, including network, data and endpoints,” says Check Point South Africa sales manager Doros Hadjizenonos.
Our research uncovered many alarming vulnerabilities and security threats on networks, of which most organisations were not aware.