Skip to main content

Many web apps are still majorly lacking in security

(Image credit: Shutterstock / Golden Sikorka)

Practically all businesses that run web apps with file upload capability worry about those apps being used as an attack vector. Concern isn't always translated into action, however, as only a handful of them actually deploy adequate cybersecurity protocols to make sure they can’t be targeted.

This is according to a new report from cybersecurity firm Opswat, based on a poll of 302 IT security professionals, which states that 87 percent of businesses are very concerned about this issue. Of that cohort, 82 percent have grown more worried in the past 12 months. 

At the same time, only 8 percent have implemented industry best practices when it comes to cybersecurity. A third (32 percent) don’t scan all file uploads to detect malicious files, and “an overwhelming majority” don’t sanitize file uploads with Content Disarm and Reconstruction (CDR).

The pandemic has forced businesses into faster digital transformation, often at the expense of cybersecurity. File upload services have become essential in the past couple of years, as they enhance productivity and user experience for the remote workforce.

However, at the same time, they introduce new attack surfaces, something most organizations are aware of, but are yet to tackle. 

Sead Fadilpašić

Sead is a freelance journalist with more than 15 years of experience in writing various types of content, from blogs, whitepapers, and reviews to ebooks, and many more, across sites including Al Jazeera Balkans, TechRadar Pro, IT Pro Portal, and CryptoNews.