Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

11/3/2020
05:07 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Survey: Biggest Concerns About Securing Digital Infrastructure Include COVID, Unsanctioned Apps, Collaboration Platforms, Marketing Technology

New SafeGuard Cyber Poll Suggests Enterprises Should Harden Systems Against Unconventional Attack Vectors

CHARLOTTESVILLE, Va., (October 29, 2020)—SafeGuard Cyber, the only SaaS platform dedicated to managing the full lifecycle of digital risk protection driving digital communications, today announced the results of a new survey of 600 senior enterprise IT and security professionals. Companies surveyed ranged in size from $100M to more than $1BN in revenue.   

SafeGuard Cyber’s Digital Risk Survey was conducted to understand how businesses rate their own security and compliance risks in the new digital reality of the workplace wrought by COVID-19 pandemic. Respondents were asked to effectively grade their adaptations to date, articulate what gaps still exist, and how they are planning for the future. Fully 31% of respondents reported their entire business process has changed and is still evolving, while 26% said they’ve rushed certain projects that were scheduled for later.

The study revealed the need to harden unconventional attack vectors in cloud, mobile, and social media technologies. Moreover, enterprise organizations are juggling the twin demands of budget constraints and the need to drive business outcomes.

Key findings include:

  • There is a significant disconnect and tension between the perceived security and compliance needs and the level of organizational planning. Despite perceived digital risk around unsanctioned apps, ransomware attacks, and securing various tech stacks, only 18% of respondents cite security as being a board-level concern.

  • 57% of those surveyed cited internal collaboration platforms, like Microsoft Teams and Slack, as the tech stack representing the most risk, followed closely by marketing technologies (41%).

  • 1 in 4 respondents cite Executives’ personal social media as being an area of risk.

  • The biggest security and compliance challenge is the use of unsanctioned apps (52%), followed by trying to monitor business communications in multi-regional environments (43%), suggesting global enterprises are seeing more friction in adapting processes to the new post-COVID digital workspace.

  • When it comes to purchasing new technology, 59% cite budget as the top concern, followed very closely by “impact on business outcomes” like revenue growth and agility (56%). Enterprises are juggling the twin demands of budget constraints and the need to drive business outcomes. 

“We all know the pandemic has had a seismic impact on businesses, but we were still surprised to learn how vulnerable organizations feel about the digital communications they’ve had to adopt rapidly,” said Jim Zuffoletti, CEO and Co-founder, SafeGuard Cyber. “Bad actors typically migrate to where the action is, so it makes sense digital channels are more likely to be targets than ever before. Surprisingly, marketing technologies have moved up on the list of exploits, and we’re seeing more and more attacks on organizations’ executive leaders.” 

“It’s telling that budget and business impact are top of mind when buying new technologies,” said Otavio Freire, CTO and Co-founder, SafeGuard Cyber. “As business look to 2021, leaders will need security controls that enable rather than block new communication channels in order to sustain growth. With the pandemic’s disruption to fundamental operations, simply saying ‘no’ to channels like WhatsApp or Slack is no longer an option. It’s the way business gets done.”

About SafeGuard Cyber SafeGuard Cyber is a Charlottesville, Virginia-based company with a cloud-based platform that empowers organizations to use social media and digital channels securely, compliantly, and at the scale of global business. With coverage across more than 50 channels, SafeGuard Cyber helps security, compliance, and marketing teams work better together to drive business forward. For more information, visit www.safeguardcyber.com/digitalrisksurvey.

*Poll conducted by Pollfish over a week long period in early October, 2020

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-23727
PUBLISHED: 2020-12-03
There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD).
CVE-2020-28175
PUBLISHED: 2020-12-03
There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. Attackers can use constructed programs to increase user privileges
CVE-2020-13524
PUBLISHED: 2020-12-03
An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim n...
CVE-2020-13525
PUBLISHED: 2020-12-03
The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
CVE-2020-23726
PUBLISHED: 2020-12-03
There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD).