Member Article

Software vulnerabilities are the top cause of internal data security issues for business

Vulnerabilities in legitimate software regularly used by employees at work are the leading cause of internal cyber-security incidents in business, according to a Kaspersky Lab study[1]. The company also found that these vulnerabilities are a major source of corporate computer infections and critical data leakage. Approximately 39 per cent of the survey participants said that over the past 12 months, this had been the case at least once for their organisations.

Although the number of such incidents has fallen substantially since 2011 – from 47 per cent to 39 per cent – it is still worryingly high. In total, approximately 85 per cent of companies have reported internal IT security incidents, and software vulnerabilities were the single biggest cause.

The highest percentage of incidents was noted in Russia, where 51 per cent of survey respondents were affected. 43 per cent of companies based in Asia-Pacific encountered these issues, as did 38 per cent of companies in North America. Japanese companies had the lowest frequency of vulnerability-related security problems at just 29 per cent.

In addition, 25 per cent of survey participants suffered data leakages within their organisation, caused by vulnerabilities in corporate software, while 10 per cent of companies reported leakages of critical corporate data that led to financial losses.

Protect your company against the mistakes of others.

Vulnerabilities are ultimately the responsibility of developers, rather than companies using the software. But regardless of who is to blame, without extra protection, the company’s IT infrastructure will remain vulnerable until software developers release updates to patch these vulnerabilities.

Using a security solution with advanced technologies, facilitating the detection and interception of attacks launched via software vulnerabilities is critical for any company. An advanced security solution will also help prioritise the update of software programs once vulnerabilities have been detected.

These advanced technologies, which offer top-of-the-line protection against malware and other cyber threats, are built into Kaspersky Endpoint Security for Business, the professional security platform from Kaspersky Lab. Automatic Exploit Prevention detects and blocks attempts to exploit vulnerabilities found in commonly used applications, while Systems Management component effectively manages company workstations, and allows company IT professionals to centrally install security updates for the applications running on company computers.

Kaspersky Lab’s solution delivers high-level security and protection for corporate IT infrastructures, even when the developers of popular software programs are not always quick to deliver updates for their own products — and can inadvertently introduce new vulnerabilities along with these updates.

-ENDS-

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at www.kaspersky.co.uk

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report “Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.

[1] http://media.kaspersky.com/en/business-security/Kaspersky_Global_IT_Security_Risks_Survey_report_Eng_final.pdf

This was posted in Bdaily's Members' News section by Alice Collins .