A security audit found that many companies still consist of critical vulnerabilities that could potentially lead to a cyberattack.

More than 50% of websites audited by Positive Technologies found critical vulnerabilities that cyber criminals could use to steal personal data and carry out denial of service.

Over 70 web applications revealed that manufacturing and e-commerce organisations topped the amount of websites with vulnerable web applications; 43% of manufacturing and 34% of e-commerce websites were rated “extremely poor”.

The Positive Technologies research found that 58% of websites have at least one vulnerability, 12% of websites have high-severity vulnerabilities decreased, and security flaws were found in all analysed applications.

Testers then obtained personal data from 20% of web applications, including banking, government and data websites.

Evgeny Gnedin, head of information security analytics at Positive Technologies, said to Computer Weekly: “Security testing is imperative, both during development and on-going operations.

“We urge all companies to use web application firewalls for protecting their applications – automated source code analysis throughout the development process is key for identifying issues as quickly and efficiently as possible.”

The results also found that 74% of high-risk vulnerabilities belonged to telecommunication companies.

Written by Leah Alger