Expert Reacted On News: Research exposes cyber security industry’s vulnerabilities

A staggering 97% of top cybersecurity companies have data leaks or other security incidents exposed on the dark Web, and on average, there are over 4 000 stolen credentials and other sensitive data exposed per company. This was one of the findings of ImmuniWeb’s research into the state of the global cybersecurity industry’s exposure on the dark Web this year. Even the cybersecurity industry itself is not immune to these problems as demonstrated in ImmuniWeb’s research. Some 398 cybersecurity companies across 26 countries, mostly the US and Europe, were tested. Cybersecurity companies in the US suffered the most high-risk incidents, followed by the UK and Canada, then Ireland, Japan, Germany, Israel, the Czech Republic, Russia, and Slovakia.

More information: https://www.itweb.co.za/content/KA3WwMdDZ3NMrydZ

Experts Comments

September 16, 2020
Boris Cipot
Senior Sales Engineer
Synopsys
Immunity to cyber threats does not exist. For example, looking at software, we can see that its architectural complexity, the mixture of proprietary and open-source code and added application interfaces, requires organisations to be on guard at all times and protect what was created. When it comes to software, Software Composition Analysis is a form of testing which can help with this by tracking the cyber risk that emerges from open source code. We can utilise the same logic when looking at.....Read More
Immunity to cyber threats does not exist. For example, looking at software, we can see that its architectural complexity, the mixture of proprietary and open-source code and added application interfaces, requires organisations to be on guard at all times and protect what was created. When it comes to software, Software Composition Analysis is a form of testing which can help with this by tracking the cyber risk that emerges from open source code. We can utilise the same logic when looking at a company's ecosystem. The ever-changing composition of employees, each with their own understanding of the technology stack at their disposal and their own perception of the risks associated, impedes any attempt of achieving 'immunity to cyber risk'. The only thing organisations can do is to monitor the situation, educate their employees and try to follow up on risks they can control, endeavouring to mitigate these. Everyone needs to understand that not all employees are cybersecurity experts, even if they work in a security company.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.