67 percent of organizations believe hackers can penetrate their network
Around two-thirds of executives and IT professionals responding to a new survey believe that hackers would be able to penetrate their networks.
The study from security and application delivery company Radware focused on global companies and reveals that at least 89 percent of respondents have experienced attacks against web applications or web servers of the past year.
Almost half (46 percent) of organizations surveyed say they have experienced data security breaches in the last 12 months, and respondents find application layer attacks to be the most difficult to both detect and mitigate. In particular, respondents reporting of encrypted web attacks increased from 12 percent in 2017 to 50 percent in 2018. Most respondents (59 percent) reported daily or weekly attacks taking place.
"While organizations are recognizing they are under attack, often they're discovering the breach only after pertinent information has been leaked," says Carl Herberger, vice president of security solutions at Radware. "With today's evolving threat landscape, organizations still need to be vigilant in equipping themselves to deal with increasing attack frequency and complexity."
Among other findings are that around half of respondents say they only collect customer data for internal use and don't share it. However, 43 percent of respondents are specifically sharing data about user behavior, preferences and analytics.
As a result of a data breach, 52 percent of respondents say their customers asked for compensation, 46 percent report major reputation loss, 35 percent customer churn, 34 percent a drop in stock price, 31 percent report customers took legal action, and 23 percent say executives were let go.
APIs lead to increased vulnerabilities too, 82 percent of organizations who use API gateways do so to share and/or consume data, however, the survey indicates inadequate security measures around APIs. In fact, 70 percent of respondents don't require authentication from third party APIs, 62 percent don't encrypt data sent by APIs and 33 percent allow third parties to perform actions, opening the door to additional threats.
Frequent application updates introduce new security concerns too. Organizations are updating applications much more frequently than reported in previous years. According to Radware's 2017 survey, 40 percent of respondents claimed their organization updates applications at least once per week. This year's results show that around a third of all application types are updated on an hourly or daily basis, with about a quarter updated weekly.
You can find out more in the full report which is available on the Radware website.