According to new research from Coalfire, a trusted provider of cybersecurity advisory services.midsized businesses are benefitting from a security sweet spot that has allowed them to outperform their larger competitors.
The first annual Coalfire Penetration Risk Report found that, contrary to accepted wisdom on cybersecurity, large enterprises are not the best prepared to protect against cybercrime, despite having bigger budgets and resources.
Although large organizations are best at protecting against phishing and other social engineering attacks, the report – which was based on more than 300 penetration tests in 148 companies worldwide – found a cybersecurity sweet spot among midsized businesses, which performed best at protecting their assets and mitigating their security risks in tests.
Coalfire’s extensive penetration test results flip the thinking that large enterprises are the most secure overall, even with the largest cybersecurity budgets and investments in staffing and other resources. Across all sizes and sectors, however, people remain companies’ biggest weakness, whether through human error or creating opportunities for social engineering hacks, the report found.
Some of the key findings from the report include:
Midsized companies are in a cybersecurity ‘sweet spot,’ proven more secure than large enterprises.
Businesses tend to overlook the risk of internal threats due to a false sense of security related to cloud and virtualization.
Financial Services businesses are the most secure; Healthcare has the worst external security posture, and Retail performs three times worse than other industries when it comes to cyber defenses.
Humans are the “weakest link” in security as phishing continues to be first line of attack in the majority of incidents
“While overall, our results have found that the midsized business is in the technological sweet spot, conversely, we can conclude that humans – employees, vendors and customers – still represent the greatest vulnerability as they are prone to social engineering techniques, shortcuts or inadvertent oversights in the IT/security management process,” said Mike Weber, Vice President, Coalfire Labs. “Most organizations today, as they increasingly leverage the cloud and virtualization, concern themselves more with external network security than internal network defenses, creating significant internal security gaps and vulnerabilities that need to be addressed.”
The Coalfire Penetration Risk Report used customer penetration test data to analyze the security challenges within enterprises of various sizes and in different industries, including retail, healthcare, financial and technology/cloud service provider industries, and compared the security posture between small, midsized and large organizations.
Coalfire concluded that security gaps weren’t left through negligence, with organizations that did have weaknesses often struggling with restrictive budgets, competing priorities, staffing shortfalls and a lack of highly trained cybersecurity talent.
Financial services lead the way
Globally, the financial services industry performed better at cybersecurity than tech and cloud.
Healthcare had the worst external security posture, while retail performed three times worse than other industries when it comes to cyber defenses.
Common weak points
The report found that a range of vulnerabilities in external and internal networks and in applications enabled cyber attackers to progress through the cyberattack chain and infiltrate an organization.
Phishing was demonstrated to be highly successful as the “foot in the doorway” for attackers who use it as an entry point to infiltrate the organization, then pivot to navigate internally to escalate for greater control.
Out-of-date software, insecure protocols, misconfiguration and password flaws were found to be the greatest threats to external networks, while insecure protocols, password flaws and patching flaws were the top vulnerabilities in internal networks.
The full report can be found here.