Story image

Cyber threats: Legacy systems aren't always the culprit

A new survey has revealed that organisations are putting the blame on legacy systems for cyber threats, while in reality they need to manage cyber risks across many different factors an.d a holistic and constant approach should be employed to manage security threats

The survey, conducted by Axis Communications, was designed to understand customers' attitudes to cyber threats, how cybersecurity impacts their business and how prepared they feel to face an attack.

Among the 175 security management professionals interviewed, the survey concluded that despite cyberattacks being recognised as a real and incumbent danger by most companies (87% prioritised it as a risk), only a few felt that they had adequate defences (15%).

While 76% of the respondents regard physical protection of assets and safety as their main responsibilities, none of them mention internal attack factors as a threat. Instead, around 60% of them lay the blame on legacy systems. 

While these systems are a clear weakness, cyber threats are actually just as relevant for recently deployed firmware and software versions as for older ones. 

This suggests a common misconception that product security is the only way to mitigate vulnerabilities and threats. On the contrary, companies need to manage cyber risks across many dimensions.

Tackling cyber threats requires a practical and constant approach, such as setting clear and actionable policies and procedures, as well as having the correct measures performed on a daily basis. Adopting this holistic mindset is the only effective way to manage all the various types of cybersecurity threats.

Highlights of the survey include:

  • 87% of the respondents prioritise cybersecurity as a risk, but only 15% say they are well prepared
  • 57% recognise a lack of internal priority and competences as a reason for not being properly prepared
  • Where an attack took place, 45% blamed on social engineering and phishing email while 59% on legacy systems
  • Only 35% report having a cybersecurity expert working in their business
  • 26% report having experienced a cyberattack in the past 12 months, however 28% are unsure of whether an attack took place
  • The consequences of a cyberattack can damage not only the company's monetary resources, but also the trust between them and their customers
Story image
BitSight enhances fourth-party risk management solution
BitSight for Fourth-Party enables customers to identify areas of business and cyber risk. It does this by automatically pinpointing connections between any organisation, its business partners, and potentially risky fourth parties.More
Story image
Kiwis concerned over digital identity and personal data
“Kiwis are seeking greater transparency and control, however seven out of 10 say it’s currently too hard to protect their identity and data online."More
Story image
Kaspersky named top dog in Canalys channel satisfaction report
The company was named the top cybersecurity vendor for channel satisfaction after achieving the highest overall rating against 10 others.More
Story image
Enabling cybersecurity professionals with project management skills
Cybersecurity professionals are increasingly expected to master project management skills to meet the objectives of their positions. But technical skills are only the tip of the iceberg. More
Story image
Citrix flaw puts 80,000 companies at risk
"Considering the high risk brought by the discovered vulnerability, and how widespread Citrix software is in the business community, we recommend information security professionals take immediate steps to mitigate the threat."More
Story image
Blink XT2 surveillance cams patched after 'severe' vulnerabilities found
If exploited, the vulnerabilities could give attackers full control of an affected device, allowing them to remotely view camera footage, listen to audio output and hijack the device for use in a botnet.More