Scans of public websites by Symantec found that 78 per cent of sites contained vulnerabilities. Sixteen per cent of them were classified as critical vulnerabilities that could allow attackers to access sensitive data, alter the website’s content or compromise visitors’ computers. This means that when an attacker looks for a site to compromise, one in eight sites make it relatively easy to gain access.
Every year Symantec issues an Internet Security Threat report, which gathers data from its products, services and third party sources to paint a picture of the security landscape. What it found in 2013 wasn’t pretty – and that was before Heartbleed.
ESG noted that no single enterprise mobility initiative rises to the prioritization level of information security on an individual basis, but getting employees mobile feeds into an overall goal of improving collaboration and productivity.
BYOD initiatives are still in the mix at 18%, but desktop virtualization (25%), mobile workforce enablement (19%) and deploying applications on or for new mobile devices (19%) are all higher up the food chain.
The rise of mobility and different endpoints is already being reflected in the developer capabilities of Windows 10, which is more cognizant of data being consumed across different platform and infrastructures, even the Internet of Things. These are numbers that should have every organization concerned: The number of identities exposed through data breaches last year was astonishing. Mobile threats are increasing but users seem indifferent.
If you want to do something to improve your organization’s security, consider advice in the U.S. National Institute of Standards and Technology’s cyber security framework or its framework for critical infrastructure.