The convergence of tech and brands

By

MadTech Staff

·

Cybernews Business Digital Index reveals major shortcomings in corporate customer data security

Despite the growing threat of cyberattacks, many companies continue to fall short in strengthening their security measures. The Cybernews Business Digital Index reveals that 63% of analyzed companies worldwide score D or worse for their cybersecurity efforts.

To determine the cyber health of companies worldwide, Cybernews has developed the Business Digital Index, which grades businesses based on their online security measures, using available data from external sources.

The index serves a dual purpose: it enables users to verify if the companies they rely on have solid digital security measures. At the same time, businesses can assess their own security practices and receive actionable insights on how to enhance their digital security posture and respond to threats faster.

Firms should up their security game

The reality is that organizations of all sizes are constantly under threat from cyberattacks. Therefore, every company should assume that it will likely face a cyberattack at some point and recognize that it has a responsibility not only to protect itself but also safeguard its customers’ data.

Nevertheless, according to The Business Digital Index, 63% of companies analyzed received a security rating of D or worse, with 40% falling into the F category. Only 11% of companies earned an A rating for their security measures.

The healthcare industry is particularly vulnerable, with 22% of the scored companies receiving a D rating and almost half (48%) an F rating. Only 5% of the analyzed companies in this sector achieved an A grade. Overall, the healthcare sector received an average security score of 69—the lowest of the analyzed sectors.

In contrast, businesses offering crypto wallets fared better, with 21% earning an A grade for their security and achieving an average score of 78. Yet, 43% of companies in this sector were also rated D or worse.

A look at individual regions shows that companies in Asia have some of the poorest cyber health, with an average security score of 68—6% below the global average. In contrast, companies in the Middle East achieved the highest rating of 77 among the regions analyzed, followed closely by Europe and Oceania, both with an average rating of 76.

Most common security issues

The Business Digital Index shows that the most common security issue is related to Secure Sockets Layer (SSL) configuration, affecting 99% of organizations. SSL is a technology that encrypts data transmitted between a web server and a browser to ensure secure communications.

If a company has issues with its SSL setup, it can expose sensitive data to interception, making its systems vulnerable to man-in-the-middle attacks and compromising user trust and data security.

An astonishing 99% of companies have website security issues, 86% struggle with phishing and malware-related issues, and 84% have network security problems. More than half (54%) have issues with email security.

In addition, around 35% of companies have high-risk vulnerabilities and have been affected by recent data breaches, 49% have employees reusing compromised passwords, and 34% have had corporate credentials stolen.

All of these weaknesses can open up companies to data breaches, which often have far-reaching consequences, such as damage to a company’s reputation, financial losses, legal penalties, and loss of customer trust.

However, issues like employees reusing compromised passwords are easily solvable yet they create significant vulnerabilities, making it especially easy for attackers to exploit security gaps and gain unauthorized access.

How the index works

To provide assessment of companies’ cybersecurity health, the Business Digital Index pulls data from a variety of reputable sources, such as IoT search engines, IP or domain reputation databases, and custom security scans.

It allows evaluating risks in seven key areas: software updates, web security, email protection, system reputation, SSL setup, system hosting, and data breach history. By looking into different risk factors and using smart analysis, the Business Digital Index offers insights into how secure an organization may be.

Currently, the index provides ratings for more than 1,000 companies worldwide, particularly in the financial and healthcare sectors, with plans to expand to more companies, industries, and regions in the near future.

FAQs from the web

1. What steps can companies take to improve their cybersecurity and raise their Business Digital Index rating?

Companies can improve their cybersecurity by focusing on key areas identified in the Business Digital Index, such as:

  • Updating software and systems: Ensure all software, especially security patches, is up to date.
  • Improving SSL configuration: Correctly configure SSL to encrypt data between the server and browser, safeguarding sensitive information.
  • Enhancing email security: Implement stronger email filtering tools and two-factor authentication (2FA) to reduce phishing and malware attacks.
  • Strengthening password policies: Encourage or enforce the use of unique, strong passwords and implement password management tools to prevent the reuse of compromised credentials.
  • Monitoring network vulnerabilities: Regularly scan for vulnerabilities and address any high-risk areas.
  • Employee training: Conduct regular cybersecurity awareness training to help employees identify phishing scams, secure their accounts, and avoid risky online behaviors.

2. Why is the healthcare industry particularly vulnerable to cyberattacks?

The healthcare industry is vulnerable for several reasons:

  • Large amounts of sensitive data: Healthcare organizations store vast amounts of patient data, which is highly valuable for cybercriminals aiming for identity theft or ransom attacks.
  • Legacy systems: Many healthcare facilities use outdated systems that lack robust security measures, making them easier to exploit.
  • Complex and fragmented systems: Healthcare organizations often have complex IT infrastructure with various systems integrated, making it harder to secure the entire ecosystem.
  • Focus on patient care over cybersecurity: In many cases, healthcare facilities prioritize patient care, which can lead to cybersecurity being underfunded or underdeveloped.

3. What is the significance of SSL configuration issues, and how can they be resolved?

SSL (Secure Sockets Layer) configuration issues are critical because SSL is responsible for encrypting data between a user’s browser and a web server, ensuring secure communication. If improperly configured, data can be exposed to interception, making organizations vulnerable to attacks like man-in-the-middle attacks.

To resolve SSL issues:

  • Ensure proper installation: Use a valid SSL certificate from a trusted certificate authority (CA).
  • Update outdated protocols: Disable older, insecure SSL versions and only support the latest versions of TLS (Transport Layer Security).
  • Regular testing: Perform routine security checks and SSL audits to ensure correct configuration and fix vulnerabilities.
  • Enable HTTPS: All websites should use HTTPS instead of HTTP to enhance the security of online communications.