A new report released today argues that politics will play an increasing role in cyber security.
In its 2016 Cyber Risk Report, HP Enterprise suggested that security professionals should prepare for “shifting politics” when it comes to security policies.
“Cross-border agreements pose challenges for enterprises struggling to keep their systems secure and in compliance,” HPE said in a statement. “Organizations must follow the changing legislative activity closely and maintain a flexible security approach.”
This comes in addition to challenges posed by hackers. The report identified that in 2015, application and software vulnerabilities continue to top the list of risks to enterprises.
Mobile applications in particular pose a threat due to their frequent use of personal information, which can be stolen thanks to the high rate of vulnerabilities present (up to 75 per cent of mobile apps have at least one critical or high-severity vulnerability, compared to 35 per cent of non-mobile applications, according to the report).
In comparison, risks posed by software is not disappearing. According to HPE, the top ten vulnerabilities used in 2015 were more than a year old, meaning patching still remains an issue. In fact, nearly a third of all successful exploits last year used a 2010 Stuxnet infection vector that has been patched twice, the company’s security organization said.
As for countermeasures, HPE recommends companies monitor not just network parameters but rather interactions between users, apps and data. The company also recommends more timely transparent patches, explaining their purpose to convince users to implement them more quickly.