Community Edition
Total Tests:
This Week:
Today:
Recent Blog Posts
An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft
April 18, 2024
Hacker Fakes His Own Death To Avoid Child Support Payments
April 11, 2024
ATM Skimming Ring Leader Sentenced To 75 Months In Prison
April 4, 2024
German Authorities Dismantle the Nemezis Market Dark Web Marketplace
March 28, 2024
A Cybercrime Ring Responsible For Hijacking Over 100M Email, Instagram Accounts Dismantled
March 21, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Research exposes cyber security industry’s vulnerabilities

ITWeb
Tuesday, September 15, 2020

Moreover, 48% of the company’s Web sites did not comply with GDPR requirements – because of vulnerable software, they had no conspicuously visible privacy policy or cookie disclaimer when cookies contain PII or traceable identifiers.

Ilia Kolochenko, CEO & founder of ImmuniWeb, said: “Today, cyber criminals endeavour to maximise their profits and minimise their risk of being apprehended by targeting trusted third parties instead of going after the ultimate victims. For instance, large financial institutions commonly have formidable technical, forensic and legal resources to timely detect, investigate and vigorously prosecute most of the intrusions, often successfully.”

On the other hand, he said their third-party partners, ranging from law firms to IT companies, usually lack internal expertise and budget required to react quickly to the growing spectrum of targeted attacks and APTs. “Eventually, they become low-hanging fruit for pragmatic attackers who also enjoy virtual impunity. In 2020, one need not spend on costly 0days but rather find several unprotected third parties with privileged access to the ‘Crown Jewels’ and swiftly crack the weakest link.”

He advises organisations to have holistic visibility and inventory of their data, IT and digital assets to maintain a strong security and compliance posture. “Modern technologies, such as machine learning and AI, can significantly simplify and accelerate a considerable number of laborious tasks spanning from anomaly detection to false positive reduction.”

However, these tools need to be supplemented by the continuous monitoring of the deep and dark Web, as well as countless resources in the surface Web, including public code repositories and paste Web sites, he ends.

“You cannot protect your organisation in isolation from the surrounding landscape that will likely become even more intricate in the near future.” Read Full Article


Previous Media Publications:

IT World Canada: Cyber Security Today – How firms plan for cyber attacks, the failings of cybersecurity companies, Artech hit by ransomware and email bomb threats return

CIO: Les prestataires de cybersécurité sont-ils des cordonniers mal chaussés?

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential