Gartner has predicted that 33% of attacks experienced by enterprises will be as a result of shadow IT resources by 2018. These ‘digital’ shadow IT assets provide the functionality website visitors expect (video, images, social, reviews, customer id, etc.) as well as enable more efficient management of digital property (CMS, DMP, analytics, etc.) The problem is that this code may also contain malware, but website IT would never see it. Chris Olson, CEO at The Media Trust commented below.
Chris Olson, CEO at The Media Trust:
“With GDPR around the corner, IT departments need to assess the risks present in their Digital Shadow IT–the undocumented third parties executing in their website environment. These vendors provide specialized services–data management platforms, image or video hosting, marketing analytics, content delivery, customer identification, payment processing, etc.–which operate outside the IT infrastructure. How can IT control something they can’t see? GDPR will prove to be a watershed moment for digital businesses. When enterprises realize they have no control or insight into the code executing in their websites, security teams will be forced to clamp down on the third-party vendors currently used to render consumer-facing content.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
