Beware of online data leaking, warns KPMG
Exposure to data hackers should be a growing concern for businesses, according to professional services KPMG’s innovative ‘Cyber Vulnerability Index’.
A simulated 6-month long attack from the company on a variety of websites showed how businesses could be vulnerable to sustained infiltration on their online security, after KPMG investigated how hackers could act against companies in the Forbes 2000 list of global businesses.
As the first of its kind, the innovative report showed that the UK was strongly protected in comparison with other nations, while over three-quarters of organisations are unknowingly leaking data to external sources.
Technology and software companies were shown to be the most at risk of disclosing information in online forums and the news groups, while 16% of companies are vulnerable to hacking as a result of expired server software.
Martin Tyley, a director in KPMG’s Northern Risk Consulting team, said: ““The world of cyber security has been tilted on its axis over the past two years, from the actions of hacktivists and associated groups, through to state sponsored agencies with seemingly unlimited resources.
“Attackers have differing aims which require different levels of protection. Organised crime remains predominantly focussed on personal data, hacktivitsts on causing maximum embarrassment and state sponsored activity on gaining access to intellectual property or any commercial insight that will allow competitive advantage.
“Our findings send out a clear message to business – while the internet may be your shop window to the world, it can be a substantial security risk as well.”
Mr Tyley advised that businesses must install up-to-date security measures, educate their employees, as well as investing in the latest technology. He emphasised the importance of this three-part strategy to ensure data security.
UK organisations fare much better than other European businesses in their data security, with Switzerland, Japan and Spain taking the top three slots for most vulnerable to attacks via web server software.