News, news analysis, and commentary on the latest trends in cybersecurity technology.
One-quarter of pharmaceutical manufacturers received a failing grade on patch management, which is a vital step in heading off ransomware attacks.
"The 2021 Ransomware Risk Pulse: Pharmaceutical Manufacturing" report from Black Kite grades the performance of the top 200 companies from the Pharma 1000 on various aspects of security preparedness. Overall, the group got a B rating, indicating a decent level of preparedness to fend off ransomware, but there were holes in coverage.
Most companies rated well across most of the security postures, including awareness of attack surface (196 As, 4 Bs), fraudulent apps (185 As, 11 Bs, 4 Cs), and social media risks (189 As, 9 Bs, 1 C, and 1 F).
However, a quarter of the companies need to improve their patch management; 50 out of the 200 companies rated an F here, with another 8 earning a D. Other weak spots included content-delivery network (CDN) security (48 Ds, 2 Fs), credential management (8 Ds, 36 Fs), and application security (18 Ds, 22 Fs). In the area of information disclosure practices, 41 companies got Ds and 7 got Fs — a little alarming for medicine-adjacent companies.
But the biggest area for improvement is in SSL/TLS strength. While only 24 failed outright, another 81 squeaked by with a D grade — which means over half of the companies examined (105 of 200) got a D or lower when it comes to encrypting Internet communications.
Overall, the study offers some positive feedback, but even more importantly it points out where cybersecurity needs to improve. View the full pharmaceutical manufacturing sector report on Black Kite.
About the Author(s)
You May Also Like
Guarding the Cloud: Top 5 Cloud Security Hacks and How You Can Avoid Them
April 4, 2024Cybersecurity Strategies for Small and Med Sized Businesses
April 11, 2024Defending Against Today's Threat Landscape with MDR
April 18, 2024Securing Code in the Age of AI
April 24, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024Black Hat Asia - April 16-19 - Learn More
April 16, 2024