UK Companies Face Increasing Cyber Security Risks Across a Range of Threats, New Report Reveals
London (ots) - - 'Cyber Security Report 2024/2025' by Horizon3.ai for the United
Kingdom
- "Thinking that software can be made completely invulnerable or that
conventional cyber security defences are sufficient is a common misjudgement,"
warns cyber security expert Keith Poyser. "Most organisations today use dozens,
if not hundreds, of software applications and solutions, creating an expansive
attack surface. A vulnerability remains harmless only until a hacker uncovers
how to exploit it. Real world exploitable vulnerabilities are chained together
to form effective attack paths, with clear business impact. This very real risk
presents numerous potential threats, underscoring the importance for companies
to strengthen their defences before an attack occurs, across all attack
surfaces...and that means testing from an attacker's perspective."
Hackers employ a wide range of tactics, techniques, and procedures to exploit
vulnerabilities in software. At the same time, they use targeted phishing
attacks, third-party data breaches, and open-source information (OSINT) to gain
access to a user's credentials, which can provide the much needed gateway to
valuable systems and data. This is a key takeaway from the "Cyber Security
Report UK 2024/25" by Horizon3.ai, which surveyed 150 organisations across the
United Kingdom. The findings reveal that almost half of these organisations
(48%) regard stolen user and admin credentials as one of the most significant
cyber security threats they face. Additionally, an overwhelming 42% of
respondents (who could select multiple threats) identify insufficiently secured
data and/or unknown data stores as a significant potential risk to their
organisations.
Another key finding reveals that more than a quarter (29%) of companies consider
attacks via unpatched but known security vulnerabilities in corporate networks
to be a major threat. These are software vulnerabilities that are already known,
with a patch available from the vendor, but have yet to be patched by the
companies using the software. An additional 27% are concerned about incorrectly
configured software and/or hardware devices as a source of potential risk to
their organisations. "These issues are a prime opportunity for cybercriminals.
At the end of the day, a considerable proportion of the successful cyberattacks
are the result of human error," Keith Poyser, Vice President for EMEA at cyber
security company Horizon3.ai, explains.
Penetration Testing as a Solution to Cyber Threats
Kingdom
- "Thinking that software can be made completely invulnerable or that
conventional cyber security defences are sufficient is a common misjudgement,"
warns cyber security expert Keith Poyser. "Most organisations today use dozens,
if not hundreds, of software applications and solutions, creating an expansive
attack surface. A vulnerability remains harmless only until a hacker uncovers
how to exploit it. Real world exploitable vulnerabilities are chained together
to form effective attack paths, with clear business impact. This very real risk
presents numerous potential threats, underscoring the importance for companies
to strengthen their defences before an attack occurs, across all attack
surfaces...and that means testing from an attacker's perspective."
Hackers employ a wide range of tactics, techniques, and procedures to exploit
vulnerabilities in software. At the same time, they use targeted phishing
attacks, third-party data breaches, and open-source information (OSINT) to gain
access to a user's credentials, which can provide the much needed gateway to
valuable systems and data. This is a key takeaway from the "Cyber Security
Report UK 2024/25" by Horizon3.ai, which surveyed 150 organisations across the
United Kingdom. The findings reveal that almost half of these organisations
(48%) regard stolen user and admin credentials as one of the most significant
cyber security threats they face. Additionally, an overwhelming 42% of
respondents (who could select multiple threats) identify insufficiently secured
data and/or unknown data stores as a significant potential risk to their
organisations.
Another key finding reveals that more than a quarter (29%) of companies consider
attacks via unpatched but known security vulnerabilities in corporate networks
to be a major threat. These are software vulnerabilities that are already known,
with a patch available from the vendor, but have yet to be patched by the
companies using the software. An additional 27% are concerned about incorrectly
configured software and/or hardware devices as a source of potential risk to
their organisations. "These issues are a prime opportunity for cybercriminals.
At the end of the day, a considerable proportion of the successful cyberattacks
are the result of human error," Keith Poyser, Vice President for EMEA at cyber
security company Horizon3.ai, explains.
Penetration Testing as a Solution to Cyber Threats
Autor folgen