Over a quarter of businesses have critical vulnerabilities that could be exploited

1 Comment
Attack route

Over a quarter of businesses (28 percent) have critical vulnerabilities that could easily be exploited by cyberattack.

But even when these vulnerabilities are flagged by penetration testing, they are still being left unaddressed.

New research from cybersecurity firm Bulletproof, based on data from over 3,800 days' worth of penetration testing from its Defense.com platform, finds 37 percent of businesses have outdated and vulnerable components, 11 percent broken access controls, and seven percent SQL injection issues.

At the moment many vulnerabilities that are not addressed within the first year never get remediated, but the introduction of more stringent regulation means businesses will need to begin to address these historic vulnerabilities if they are to avoid sanction and remain secure.

Oliver Pinson-Roxburgh, CEO at Bulletproof, says:

Our research found that even when alerted to critical vulnerabilities which could be exploited by attackers, a quarter of businesses chose to leave them and hope for the best. In reality this proportion is likely to be much higher, considering that our research was only from companies who actually had a retest. This complacency has contributed to the huge growth industry that is cybercrime today.

Most businesses we work with do tackle the highest priority threats, but they are faced with limited time and resources. The problem we see is that almost every business is expanding its digital capabilities now, and this has led to an explosion of critical vulnerabilities as the attack surface grows. Most security teams I speak to are struggling to keep on top of even high-priority patches.

The solution is a defense in depth approach, layering multiple cyber resilience tools and tactics to thwart potential attackers and protect critical business functions. With the looming threat of new regulation for non-compliant MSPs on the horizon, it will be interesting to see how far security teams can go in addressing these vulnerabilities over the next 12 months.

You can get the full report from the Bulletproof site.

Image Credit: Jurgen Priewe / Shutterstock

Tags: , , ,
1 Comment

One Response to Over a quarter of businesses have critical vulnerabilities that could be exploited

Got News? Contact Us

Recent Headlines

Business leaders fear Gen Z employees may leak company secrets for likes and lols

HitPaw launches FotorPea 5 and VikPea 5, bringing AI smarts to its photo and video editors

Google tests fingerprinting block to boost Chrome Incognito Mode privacy

Mastodon to roll out post quoting with powerful protection options

Microsoft unbundles Teams from Office 365 to avoid EU fine

Microsoft helps out app developers by wiping out Store fees

How ‘confidential computing’ can add trust to AI [Q&A]

Most Commented Stories

This updated Windows 11 clone is Linux underneath and makes your old PC run faster -- get it now

17 Comments

Forget Windows 11, Windows 12.2 is the 'next evolution' of Microsoft's OS

17 Comments

As Windows 10 reaches end of life, Windows 11 is LOSING market share

12 Comments

The brilliant Windows 12 is everything Windows 11 isn't -- and the Microsoft OS we deserve

11 Comments

Why using a VPN is becoming more important than ever

8 Comments

Age verification laws are killing web traffic

8 Comments

Microsoft is rolling out Windows 11 25H2

5 Comments

Brits warned of scams ahead of emergency alert test

5 Comments

Why Trust Us



At BetaNews.com, we don't just report the news: We live it. Our team of tech-savvy writers is dedicated to bringing you breaking news, in-depth analysis, and trustworthy reviews across the digital landscape.

BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.

© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.