Nearly 75% of organizations have experienced at least one cyberattack. That’s according to a new study by Marsh McLennan and Microsoft. The report also found that only a third of companies believe their cyber hygiene is satisfactory or better.
Given these findings, now more than ever your organization must identify security flaws and resolve them before they are exploited. But which security flaws should you prioritize for remediation?
To answer this question, the Marsh McLennan Cyber Risk Analytics Center has identified the most common security flaws that significantly correlate with the likelihood of cybersecurity incidents. In this blog we review those findings and recommend steps you can take to quickly discover vulnerabilities and lower the probability of becoming a victim.
The top 8 security flaws that correlate with cyber incidents
- Unpatched systems
- Outdated desktop software
- Compromised systems
- Mobile software
- Botnet infections
- Insecure systems
- Web application headers
- User behavior
1. Unpatched systems
At the top of the list are systems that are unpatched or running out-of-date software. An organization’s patching cadence – the rate at which security teams remediate important vulnerabilities – is one of many risk vectors that Bitsight analyzes to inform its Bitsight Security Ratings. Security ratings are a numerical measure of an organization’s cybersecurity program performance.
Unpatched systems are both common and dangerous. Marsh McLennan found that unpatched systems correlate most strongly to cybersecurity incidents. Indeed, the highly damaging WannaCry, NotPetya, Bluekeep, and other exploitations in recent years targeted unpatched systems.
Bitsight data and analytics platform can help. This powerful tool continuously monitors for unknown vulnerabilities, such as unpatched systems, and alerts you when new risks are discovered.
2. Outdated desktop software
The second highest ranked security flaw that correlates to cyber risk is outdated versions of browser and operating systems versions for laptops, servers, and other computers (excluding mobile devices) that are connected to the internet.
Bitsight can help you keep a tab on these systems by automatically and continuously discovering outdated desktop software on your network.
3. Compromised systems
Perhaps, not surprisingly, compromised systems – i.e., devices that Bitsight observes to be running potentially malicious or unwanted programs or software (i.e. grayware or adware) – are at number three.
Many of these programs – such as malware, ransomware, and viruses – can lie dormant and go undetected until executed by a hacker or unsuspecting user.
Use Bitsight to shine a light on compromised systems and identify user behavior that could introduce malicious software onto your network.
4. Mobile software
Users are accustomed to updates and security fix alerts on their mobile devices. But if those updates are not executed in a timely manner, they can leave their devices exposed to critical vulnerabilities and security flaws that manifest as malware, phishing, and zero day vulnerabilities and exploits.
According to researchers, in 2021 Android devices had a total of 574 vulnerabilities while iOS had 357 (although 67% of these had a high severity rating).
Use Bitsight to detect unsupported mobile devices on your network and determine whether they are in need of an update.
5. Botnet infections
A botnet (or “robot network”) is a collection of networked devices infected with malware and hijacked to perpetrate large-scale scams and data breaches.
Botnet infections occur when a vulnerability – such as careless user behavior – is exploited. Once a device is infected, the malware takes control of the machine and quickly spreads across the network. Having an army of bots infect and control your network is like having a hacker living inside your IT infrastructure ready to initiate nefarious activity at any time.
Because botnets are continually evolving, it’s critical that you continuously and automatically monitor your environment for their presence.
Read more about how botnets correlate to a high likelihood of a significant breach.
6. Insecure systems
Insecure systems connected to your corporate network represent a significant risk. Software in these systems may have been modified or misconfigured to communicate with a remote server, from which a hacker could inject malicious code or extract sensitive information.
Bitsight can help you quickly identify insecure systems on your network or your third parties’ networks.
7. Web application headers
A web application header specifies the security details of HTTP communication between a client (usually a web browser) and a server. An HTTP security header restricts the behaviors the browser and server may perform once a web application is launched. However, a failure to implement the right headers can introduce security flaws that hackers exploit.
Bitsight detects this security flaw by analyzing security-related fields in the header section of HTTP requests and responses.
8. User behavior
Your employees introduce significant cyber risk into your organization, whether because of careless use of networks and files or malicious intent. Thus, user behavior ranks eighth in the list of most common security flaws.
These behaviors include sharing files using peer-to-peer networks, falling victim to phishing attacks that expose their credentials, or downloading a compromised file.
Use Bitsight to continuously monitor user behavior and lower the risk of an incident.
What else can you do to protect against these security flaws?
As your digital ecosystem expands and cyber-attacks increase, identifying where security flaws reside across your IT infrastructure is more challenging than ever. But there are best practices you can follow to address security risks and lower the probability of experiencing a cybersecurity incident.
For instance, remediating vulnerabilities in a timely manner, reducing attack surface exposure, and maintaining a relentless focus on security hygiene can measurably reduce the likelihood of a cyber-attack.
To focus your efforts, refer to the Marsh McLennan report. Pay close attention to the security flaws and risk vectors that most correlate with cyber incidents, such as unpatched systems, outdated desktop software, and compromised systems. Leverage this analysis and trusted data to prioritize resources and address security risks – both internally and across your supply chain.
Download the full report for more insights into these and other security flaws that statistically correlate with cybersecurity incidents.