Check Point report highlights security risks
Most importantly, the report provides security recommendations on how to protect against these threats.
As the arms race between attackers and IT professionals unfolded in 2012, it has become clear that many of the most serious threats remained hidden from network administrators. These threats come from ever-changing techniques deployed by criminal hackers in addition to risky online activities by employees, which unintentionally create vulnerabilities in the corporate network. In order to develop a strong security blueprint, organisations must first be aware of and fully understand the activities occurring on their networks.
Major security risks
Based on research of nearly 900 companies - including 35 from South Africa, the Check Point 2013 Security Report sheds light on what is hiding on corporate networks, and the major security risks that organisations are exposed to on a daily basis. Findings were split into Europe, Middle East and Africa (EMEA), Asia Pacific (APAC) and Americas specific insights.
Some of the key findings, which proved particularly relevant in South Africa include:
- Sixty-three percent of the organisations that were researched were infected with hazardous bots.
- Every 23 minutes a host accessed a malicious website.
- In 61% of organisations, a peer-to-peer (P2P) file sharing application was used.
"The findings from the report confirm that data security and threat prevention need to be included among the top security priorities for business leaders in South Africa today," said Doros Hadjizenonos, sales manager at Check Point South Africa. "A key recommendation from these findings is adopting a security vision that redefines security as a three-dimensional business process that combines policies, people and enforcement for stronger protection across all layers of security - including network, data and endpoints."
Other findings from the report include:
- Hidden security threats: From crimeware to hacktivism, cyber attacks will continue to evolve this year, impacting on organisations of all sizes. The research revealed that 63% of organisations were infected with bots and more than half were infected with new malware at least once a day. The report reveals a list of top threats, including the most infamous botnets, top malware location by country, top vendor vulnerabilities and exposures, and Structured Query Language (SQL) injection events by source country, among other surprising findings.
- Risky web 2.0 applications: The surge in web 2.0 applications has given criminal hackers unprecedented options to penetrate corporate networks. The research found that 91% of organisations used applications with potential security risks. These risky web applications are brought to light in the report, including frequency and usage of anonymisers (surfing the Internet anonymously), Peer-to-Peer (P2P) applications, file storage and sharing applications, and top social networks - all of which can potentially open a back door to enterprise networks.
- Data loss incidents: Corporate information is more accessible and transferable today than ever before, leading to higher risk of data loss or leakage. More than half of the organisations studied had at least one potential data loss incident. The report exposes the different types of sensitive data leaked and lost, including Payment Card Industry (PCI)-related information, as well as HIPAA-protected health information. It also sheds light on the industries with the highest tendency toward data loss.
"Our research uncovered many alarming vulnerabilities and security threats on networks that most organisations were not aware of," said Amnon Bar-Lev, president of Check Point Software Technologies. "With clearer visibility, IT professionals can now better define a security blueprint to protect their organisations from the constant stream of evolving security threats, ranging from botnets, to employees using risky web applications like anonymisers, to data loss."
Read the full report on www.checkpoint.com.