RiskIQ: ‘Unpatched web infrastructure causes data breaches’

New RiskIQ research revealed that unpatched web infrastructure and de-centralised web management practices are leaving UK organisations vulnerable to cyber attacks and data breaches.

The research found five key areas expose businesses to cyber attacks: servers and frameworks, certificates, test site, data collection, and web management.

RiskIQ discovered 5,127 at risk servers and 2,045 at risk frameworks among the UK’s top 30 firms. This is an average of 171 at risk servers and 68 at risk frameworks currently existing per organisation.

When assessing the public websites of the FT30, 99,467 live websites were discovered – an average of 3,315 websites per business.

‘Losing control of infrastructure and web assets’

A total of 13,194 instances of data collection through login or input forms was also found, with 29% having no encryption.

Fabien Libeau, vice-president at RiskIQ, said: “Gaining visibility over an ever expanding web presence isn’t a simple task. We have recently seen the consequence of Equifax losing control of its infrastructure and web assets before falling victim to cyber crime and impacting millions of customers.

It is crucial that other organisations don’t follow suit by ensuring their digital attack surface is constantly monitored, kept under control and secure from cyber adversaries on the prowl.”

Written from press release by Leah Alger