Research carried out by the University of Bedfordshire in conjunction with 7Safe, the IT forensics specialist, has found that there are a number of areas where organisations are commonly neglecting internet security and being rewarded with a data loss incident.
According to the internet security report, a high percentage of insecure web applications and susceptibility to SQL injection plus malware demonstrates a widespread lack of understanding about these subjects.
It also, says the study, highlights the need for educating software developers about preventative measures.
Delving into the research reveals the need for companies to take further steps to protect their web server environments, conduct security testing and also ask questions of their web developers/ hosting companies, who often claim that their website software has been written securely.
The data also suggests a strong link between security breaches and the absence of thorough security auditing – most notably penetration testing and security assessments.
Commenting on the research, which was drawn from more than 60 computer forensic investigations undertaken by 7Safe, the firm's CEO Alan Phillips, said: "Compared with many existing studies that are based purely on survey data, this report reveals what is really happening in the UK."
"The work carried out by 7Safe's breach investigation team has been expertly analysed by Professor Carsten Maple of the University of Bedfordshire, and the results are intriguing", he added.
Read this full article at InfoSecurity Magazine UK
Only registered users can write comments. Please login or register. Powered by AkoComment! |