Radware survey finds significant numbers of data breaches in 2017
Radware, a leading provider of cyber security and application delivery solutions, has released a new study today titled Radware Research: Web Application Security in a Digitally Connected World. The report identifies how organisations, from retail, finance and healthcare protect their web applications, buyt has identified a number of gaps in security processes.
The healthcare sector, from insurance companies and acute healthcare facilities, to pharmaceutical businesses are all impacted by bot-driven web traffic, affecting application security. In fact, the study has indicated that across the three industries, bots conduct more than half (52%) of all Internet traffic flow. For some organisations, bots represent more than 75% of their total traffic. This is a significant finding considering one-in-three (33%) organisations cannot distinguish between ‘good’ bots and ‘bad’ ones.
The report also found that nearly half (45%) of respondents had experienced a data breach in the last year. What’s more, companies often leave sensitive data under-protected, or at risk of having encrypted traffic breached. In fact, 52% do not inspect the traffic that they transfer to-and-from APIs, and 56% do not have the ability to track data once it leaves the company. Healthcare organisations are particularly unlikely to monitor the Darknet for stolen data, with 37% saying they did so, compared to 56% in financial services, and 48% in retail.
However, any organisation that collects information on European citizens will soon be required to meet the strict data privacy laws imposed by General Data Protection Regulations (GDPR). These regulations take effect in May 2018.
- How GE Healthcare has harnessed digital technology to transform itself and the world around it
- Amazon shares could climb 20% if the company joined healthcare industry
- Microsoft Health: The healthcare revolutionaries
However, with less than a year until the due date, 68% of organisations are not confident in their organisation’s ability to rapidly adopt security patches and updates without compromising operations. Although healthcare providers have placed significant investment in medical equipment, they are often supported by old, outdated systems which run on Windows XP, according to the study.
Patching systems remains a critical element to an organisation’s security and its ability to mitigate today’s leading threats. Over 60% of healthcare respondents have highlighted little or no confidence .
“It’s alarming that executives at organisations with sensitive data from millions of consumers collectively don’t feel confident in their security,” commented Carl Herberger, Vice President of Security Solutions at Radware. “Until companies get a handle on where their vulnerabilities are and take steps to protect them, major attacks and data breaches will continue to make headlines.”
Just 27% of healthcare respondents have voiced confidence that they could safeguard patients’ medical records in the study, even though nearly 80% are required to comply with government regulations.
The survey, conducted by Ponemon Research on behalf of Radware, included responses from more than 600 Chief Information Security Officers and other security leaders across retail, healthcare, and financial services in six continents. Over 200 healthcare security executives undertook the study, and have strongly stated that the sector is behind.
Check Point: Securing the future of enterprise IT
Cybersecurity solutions provider Check Point was founded in 1993 with a mission to secure ‘everything,’ and that includes the cloud. Conscious that nothing remains static in the digital world, the company prides itself on an ability to integrate new technology with its solutions. Across almost three decades in operation, Check Point, with its team of over 3,500 experts, has become adept at protecting networks, endpoints, mobile, IoT, and cloud.
“The pandemic has been somewhat of an accelerator in the evolution of cyber risk,” explains Erez Yarkoni, Global VP for Cloud Business. “We had remote workers and cloud adoption a long time beforehand, but now the volume and surface area is far greater.” Formerly a CIO for several big-name telcos before joining Check Point in 2019, Yarkoni considers the cloud to be “part of [his] heritage” and one of modern IT’s most valuable tools.
Check Point has three important ‘product families’, Quantum, CloudGuard, and Harmony, with each one providing another layer of holistic IT protection:
- Quantum: secures enterprise networks from sophisticated cyber attacks
- CloudGuard: acts as a scalable and unified cloud-native security platform for the protection of any cloud
- Harmony: protects remote users and devices from cyber threats that might compromise organisational data
However, more than just providing security, Yarkoni emphasises the need for software to be proactive and minimise the possibility of threats in the first instance. This is something Check Point assuredly delivers, “the industry recognises that preventing, not just detecting, is crucial. Check Point has one platform that gives customers the end-to-end cover they need; they don't have to go anywhere else. That level of threat prevention capability is core to our DNA and across all three product lines.”
In many ways, Check Point’s solutions’ capabilities have actually converged to meet the exact working requirements of contemporary enterprise IT. As more companies embark on their own digital transformation journeys in the wake of COVID-19, the inevitability of unforeseen threats increases, which also makes forming security-based partnerships essential. Healthcare of Ontario Pension Plan (HOOPP) sought out Check Point for this very reason when it was in the process of selecting Microsoft Azure as its cloud provider. “Let's be clear: Azure is a secure cloud, but when you operate in a cloud you need several layers of security and governance to prevent mistakes from becoming risks,” Yarkoni clarifies.
The partnership is a distinctly three-way split, with each bringing its own core expertise and competencies. More than that, Check Point, HOOPP and Microsoft are all invested in deepening their understanding of each other at an engineering and developmental level. “Both of our organisations (Check Point and Microsoft) are customer-obsessed: we look at the problem from the eyes of the customer and ask, ‘Are we creating value?’” That kind of focus is proving to be invaluable in the digital era, when the challenges and threats of tomorrow remain unpredictable. In this climate, only the best protected will survive and Check Point is standing by, ready to help.
“HOOPP is an amazing organisation,” concludes Yarkoni. “For us to be successful with a customer and be selected as a partner is actually a badge of honor. It says, ‘We passed a very intense and in-depth inspection by very smart people,’ and for me that’s the best thing about working with organisations like HOOPP.”