Businesses around the world are leaving themselves open to online attack by failing to invest in proper security protection, new research has claimed.
A global report from CA Veracode found that instead of focusing on security protection in the wake of 2017's huge cyber-attacks, many companies are instead choosing to spend big on digital transformation projects.
Its survey also discovered that many leaders have a worrying lack of knowledge when it comes to the benefits of security, as only half understand the risk that vulnerable software poses.
Perhaps more shockingly, the report suggests that a quarter (25 per cent) of all business leaders surveyed in Britain and the US don’t understand many common cybersecurity threats including ransomware, phishing and DDoS attacks.
Only one-third of business leaders surveyed had heard of the global WannaCry ransomware attack, although awareness was greater among British business leaders at 40 per cent.
Despite this lack of knowledge, the report claims that many leaders are businesses are choosing to focus on new software developments and innovation instead of boosting security.
Of those surveyed, around one in five believed that their software budget had increased 50 per cent or more over the past three years, primarily to support digital transformation projects in the workplace.
“Digital transformation presents both massive opportunity to innovate and significant security risks, with 77 percent of applications having at least one vulnerability when first scanned, which could be exploited to inject ransomware or steal data,” said Chris Wysopal, CTO, CA Veracode.
“Many business leaders have yet to fully grasp the most common cyber threats to their business, nor are they keeping up with some of the most catastrophic cyber events of our time. We need to bridge this disconnect between business leaders and the cybersecurity threat: without greater awareness of the threats and what is needed to defend against them, their company could easily be the next headline.”