sb-au logo
Story image

Cyber threats: Legacy systems aren't always the culprit

A new survey has revealed that organisations are putting the blame on legacy systems for cyber threats, while in reality they need to manage cyber risks across many different factors an.d a holistic and constant approach should be employed to manage security threats

The survey, conducted by Axis Communications, was designed to understand customers' attitudes to cyber threats, how cybersecurity impacts their business and how prepared they feel to face an attack.

Among the 175 security management professionals interviewed, the survey concluded that despite cyberattacks being recognised as a real and incumbent danger by most companies (87% prioritised it as a risk), only a few felt that they had adequate defences (15%).

While 76% of the respondents regard physical protection of assets and safety as their main responsibilities, none of them mention internal attack factors as a threat. Instead, around 60% of them lay the blame on legacy systems. 

While these systems are a clear weakness, cyber threats are actually just as relevant for recently deployed firmware and software versions as for older ones. 

This suggests a common misconception that product security is the only way to mitigate vulnerabilities and threats. On the contrary, companies need to manage cyber risks across many dimensions.

Tackling cyber threats requires a practical and constant approach, such as setting clear and actionable policies and procedures, as well as having the correct measures performed on a daily basis. Adopting this holistic mindset is the only effective way to manage all the various types of cybersecurity threats.

Highlights of the survey include:

  • 87% of the respondents prioritise cybersecurity as a risk, but only 15% say they are well prepared
  • 57% recognise a lack of internal priority and competences as a reason for not being properly prepared
  • Where an attack took place, 45% blamed on social engineering and phishing email while 59% on legacy systems
  • Only 35% report having a cybersecurity expert working in their business
  • 26% report having experienced a cyberattack in the past 12 months, however 28% are unsure of whether an attack took place
  • The consequences of a cyberattack can damage not only the company's monetary resources, but also the trust between them and their customers
Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
How security awareness training can safeguard companies from cyber-attacks
Training goes a long way in embedding a culture of cybersecurity compliance within the company.More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Report: 151% increase in DDoS attacks compared to 2019
It comes as the security risk profile for organisations around the world increased in large part thanks to the COVID-19 pandemic, forcing greater reliance on cloud technology and thrusting digital laggards into quick and unsecured migrations.More
Story image
Revealed: The behaviours exhibited by the most effective CISOs
As cyber-threats pile up, more is being asked of CISOs - and according to Gartner, only a precious few are 'excelling' by the standards of their CISO Effectiveness Index.More