Shadow IT responsible for cyber attacks

Exclusive: Widespread security flaw affects hundreds of UK news sites

Shadow IT has always been considered a huge risk to an enterprise’s cyber-security efforts, but now we have a new survey which supports the claim and shows the scope of the problem.

The report, recently released by Tenable Network Security, says that both German and UK-based companies acknowledged shadow IT as a problem, but the former reported more cyber-attacks.


That being said, 88 percent of IT decision makers in UK and German companies believe shadow IT makes them more vulnerable, with 65 percent of Germany-based respondents saying the use of shadow IT directly lead to a cyber-attack in the past 12 months. In the UK, the number is at 45 percent.

"The presence of unknown or undiscovered assets makes it difficult for security teams to identify and manage the available attack surface", says Gavin Millard, EMEA technical director, Tenable Network Security. "If organizations want to stay ahead of the curve they need security solutions that provide the continuous visibility required to stop shadow IT from becoming an attack vector".

Engineering, design, research and development, and finance, have been identified as the "most egregious offenders". Despite the grim numbers, businesses in both countries expect the use of shadow IT to grow in the next year.

"The fact that many respondents are feeling the pain of shadow IT isn’t a surprise to the industry, but the numbers were much higher than we expected", says Millard. "The foundation of security is having insight into what’s in use on the network and it’s important that security and operations embrace the needs of the business or they will continue to remain vulnerable to cyber threats".

Published under license from, a Net Communities Ltd Publication. All rights reserved.

Photo credit: arda savasciogullari / Shutterstock

Comments are closed.

© 1998-2021 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.