Radware's study shows that security measures are falling flat for organizations

A study found that most organizations (67%) believe hackers can still penetrate their networks. (Radware)

Despite the ongoing concern over security, a recent study by cybersecurity vendor Radware found that organizations are still being hacked at an alarming rate. 

Radware's second annual 2018 State of Web Application Security report found that at least 89% of the survey respondents have experienced attacks against web applications or web servers over the past 12 months. The study also revealed that most organizations (67%) believed that hackers could still penetrate their networks.

Also, encrypted web attacks increased from 12% last year to 50% this year, Radware reported. A majority of the respondents (59%) said they were under daily or weekly attacks.

Sponsored by Ribbon

Webinar: Identity Assurance – Restoring Your Customer’s Trust in the Phone

Learn about Ribbon Call TrustTM, an identity assurance solution that encompasses STIR/SHAKEN and on a per-call, real-time basis will: determine caller intent and identify bad actors from network and call data analytics; provide multi-dimensional reputation scoring using Machine Learning algorithms; and recommend optimal call validation treatment. And will do this for both IP and TDM phone calls. With Ribbon Call Trust™ you can defeat robocalls and fraud attacks, truly restoring your customer’s trust in the phone.

“While organizations are recognizing they are under attack, often they’re discovering the breach only after pertinent information has been leaked,” said Radware's Carl Herberger, vice president of security solutions, in a prepared statement. “With today’s evolving threat landscape, organizations still need to be vigilant in equipping themselves to deal with increasing attack frequency and complexity.”

APIs are a particular Achilles' heel for security. The study found that while 82% of the organizations used API gateways to share information or consume data, there's a decided lack of security around the API themselves. Among the survey respondents, 70% don't require authentication from third-party APIs while 62% don't encrypt data sent by APIs. A third of the respondents allow third-parties to perform actions, which opens the door to additional security threats.

The lack of proper security measures is costly. As a result of data breaches, 52% said their customers asked for compensation, 46% reported "major reputation loss," and 35% reported customer churn. The study found that 34% of the respondents suffered drops in their stock prices while 31% took legal action, and 23% said executives were let go.

Radware commissioned Merrill Research for the study, which included surveying 301 executives and IT professionals around the globe.

Suggested Articles

Employers used to give some workers a company phone; now they have the option to offer company internet.

CenturyLink is not a wireless company, but the company expects to be an important player in 5G and IoT.

Verizon Business’ Chief Product Officer Aamir Hussain said four categories of Verizon Business services are hot commodities during Covid.