London, UK – June 26, 2019 – A new study from Outpost24, an innovator in identifying and managing cyber security exposure, has revealed that 34 percent of organisations admit to bypassing security to get products out to market faster, even despite the dire findings from the recent Verizon Data Breach Investigations report, which uncovered that unpatched vulnerabilities caused data breaches in 27 percent of organisations in 2018.
The study, carried out at Infosecurity Europe in June 2019, studied the attitudes of 300 security professionals, also revealed 64 percent of security professionals believe their customers could easily be breached as a result of unpatched vulnerabilities in their organisation’s products and applications. Additionally, 29 percent of respondents were not sure or didn’t believe their organisation’s products and applications would fare well if a security penetration test was carried out on them.
“Our study shows that even despite continuous warnings, organisations today are still leaving their customers at risk because of a failure to address security vulnerabilities in products before they are introduced to market. If organisations are not addressing these security vulnerabilities, they are taking a huge gamble and abusing customer trust,” said Bob Egner, VP at Outpost24. “Negligence towards security will eventually lead to disastrous outcomes for technology and application vendors and their customers. There should be no excuses today, especially when security is such a big issue and so many breaches, which have happened up and down the technology stack, are well publicised.”
Additionally, the study also revealed that 92 percent of security professionals say their organisation believes it is important to carry out security testing on new products and applications, however 39 percent of organisations don’t introduce security testing from the beginning of the product or application lifecycle.
“While many organisations seem to understand the importance of security testing, they are not necessarily putting it into practice. A combination of penetration testing and automated application scanning is a great way to unearth software vulnerabilities in products and applications, and organisations are advised to carry out the process continuously or at least before they put a product out to market. The aim is not to address every single vulnerability detected, but to understand which are the most dangerous to the business and its customers and then work to remediate them first,” continued Egner.
Notes to editor:
This survey was carried out in June 2019 at the Infosecurity Europe Conference in London and studied the attitudes of 300 security professionals.
For more information on the study, please visit here
Outpost24 is a leading cyber assessment company focused on enabling its customers to achieve maximum value from their evolving technology investments. By leveraging our full stack security insights to reduce attack surface for any architecture, Outpost24 customers continuously improve their security posture with the least effort. Over 2,000 customers in more than 40 countries around the world trust Outpost24 to assess their devices, networks, applications, cloud and container environments and report compliance status for government, industry sector, or internal regulations. Founded in 2001, Outpost24 serves leading organizations across a wide range of segments including financial and insurance, government, healthcare, retail, telecommunications, technology, and manufacturing.