How Vulnerable Is Your Sector? Find Out From The World's Best Hackers
The 2021 Synack Trust Report relies on data from thousands of security tests to reveal new insights into how organizations are prepared to fight ransomware and other digital threats.
REDWOOD CITY, Calif., June 15, 2021 /PRNewswire/ -- Government and Healthcare sectors are the most secure against the punishing barrage of cyberattacks such as ransomware and supply chain compromises that a growing number of organizations suffered over the past year, according to the 2021 Synack Trust Report.
In its fourth year, this global report has become a critical benchmark for CISOs and security leaders across all sectors. Based on thousands of security tests carried out by the world's most skilled ethical hackers from July 2020 through April 2021, it measures security preparedness and the depth of cybersecurity defenses across organizations.
Synack's Attacker Resistance Score (ARS)™ Rating, which draws information from tests conducted on Synack's Premier Crowdsourced Platform for On-Demand Security Expertise, provides the foundation for the annual Trust Report. The higher the ARS, the more hardened assets are against attacks.
"Building trust across our customers, employees, and our team is core to my role as GDIT CISO," said Michael Baker, Chief Information Security Officer for General Dynamics Information Technology. "Measuring risk and carefully choosing the right capabilities with the right business partners who understand today's threat landscape helps me achieve those three key objectives that define success for myself as the GDIT CISO."
Some sectors that cyber criminals target such as Manufacturing and Critical Infrastructure have shown improvements and recovered from an ARS drop in 2020, gaining 5 points in 2021. But with an overall rating of 50, some organizations in this sector may continue to face challenges, especially as U.S. officials have characterized today's cybersecurity risks as a "national security threat."
"We're facing a global cybersecurity crisis. Some organizations are doing the right thing, creating effective defensive strategies and being proactive. Others are simply checking boxes. Today's threat requires an aggressive and assertive approach," said Jay Kaplan, CEO and Co-Founder of Synack. "The Trust Report and the ARS are vital tools for understanding the gaps in any organization's security plan."
Over the past year, 16% of vulnerabilities found by the Synack Red Team (SRT), Synack's global community of highly skilled and vetted security researchers, were considered critical. Beyond that, the SRT saw a 14% increase over the past two years in authorization and permission vulnerabilities, which can give attackers access to sensitive networks.
In light of the cyber threat for Critical Infrastructure, and the need for the sector to take swift action to harden its defences, some organizations are setting the standard for others to follow. Organizations such as energy giant bp (LSE:BP) have become industry leaders when it comes to security innovation.
"Testing—when it comes to security, safety, and resilience—makes all the difference in the world," wrote Ritesh Patel, Security Principal at bp, in the foreword to the 2021 Synack Trust Report. "Measurements such as the Attacker Resistance Score (ARS) keep us honest and informed. The ARS lets us constantly assess our performance and compare how we're doing across sectors. It's a strong indicator that bp is performing above industry average, which sends a clear and powerful message within the organization that security—and trust—are essential in everything we do at bp."
Other Key 2021 Trust Report findings:
Most industries improved their ARS in 2021
Across all industries, scores recovered from previous declines, and in 2021, all but two sectors improved their average ARS.
Attackers need less Time to find vulnerabilities
On average, pentesters needed only 18 hours to find a vulnerability in targeted applications, down from 21 hours in 2020.
Financial Services remains under assault
The Financial Services sector historically has been a top target of cybercriminals. At the beginning of the pandemic, the sector suffered a drop of 6 points, from an ARS of 62 in early 2020, but began to recover by 2021.
Visit www.synack.com/trustreport to download the report for free and learn how the most trusted brands in the world measure their risk.
About Synack:
Synack is the premier crowdsourced platform for on-demand security expertise. The Synack platform delivers 24/7 penetration testing, vulnerability management, and vulnerability assessment from a global network of trusted researchers, enabled by smart technology, to accelerate global organizations' critical cybersecurity missions. Headquartered in Silicon Valley with regional teams around the world, Synack protects leading global banks, federal agencies, DoD classified assets, and more than $6 trillion in Fortune 500 and Global 2000 revenue. A 4-time CNBC Disruptor 50 company, Synack was founded in 2013 by former NSA security experts Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO.
For more information, please visit www.synack.com.
Photo - https://mma.prnewswire.com/media/1532944/Synack_New_Trust_Report.jpg
Photo - https://mma.prnewswire.com/media/1532945/social_Trust2021_ARSRatings.jpg
Logo - https://mma.prnewswire.com/media/838158/Synack_Logo.jpg
Share this article