Today, IT auditing provider Titania released a new independent study that explores the effects of vulnerable misconfigurations on network security.
Network professionals are confident in their security and compliance procedures, according to the study "The impact of exploitable misconfigurations on network security," but data shows that they may also be leaving their organizations vulnerable, which is costing them a significant amount of money.
9% of Companies' Annual Revenue Were Lost Due to Misconfigurations on Network Security
According to Venture Beat, the new study says firms estimate that network misconfigurations cost them 9% of their yearly revenue on average.
The report also discovered that because of inconsistent auditing activity, firms were unable to resolve misconfigurations efficiently. In practice, the majority of businesses only audit their devices once a year, with switches and routers being tested for configuration errors 96% of the time-a method known as risk assessment by sampling.
The report emphasizes that misconfigurations for businesses lead to significant network flaws that cybercriminals can exploit to create major financial disruption.
Having Poor Vulnerability Management Is Not Cheap
When it comes to operational difficulties, data breaches are among the most costly errors. Millions of dollars in losses may be incurred as a result of a single vulnerability that is exploited. Additionally, it might cause clients to stop trusting the company.
A recent report from IBM Security shows that this year saw a record-high increase in the average cost of a data breach, reaching $4.4 million.
The costs indicated in the study are based on out-of-pocket charges like ransom payments and the price of locating and limiting the breach. Regulatory penalties and lost sales that may not be detected for years are added expenses.
These data breaches don't just damage businesses; other parties are also impacted. Consumers are greatly affected by data breaches, according to the report.
This is due to the fact that more than half of the businesses questioned said they raised the prices of their goods and services to account for these costs.
Maybe you're wondering what it implies.
Basically, customers (and perhaps you) pay for them.
Companies' Responsibility to Emphasize the Value of cyber Security to Their Employees
A recent report cited a Tessian research, which shows that 30% of workers do not think they personally maintain the cybersecurity posture of their firm.
Additionally, only 39% of workers believe they are very likely to report a security problem. Because it is far more difficult for security teams to carry out an investigation and put corrective measures in place in the case of a data breach, this section is extremely important to the organization.
The results highlight a cultural divide between security leaders and the amount of security awareness that chief information security officers (CISOs) promote.
The fundamental cause of what appears to be a cultural disconnect between security leaders and employees is a failure on the part of businesses to effectively communicate the importance of maintaining security-conscious procedures.