Many web applications are still severely lacking in security

Virtually all businesses that run web applications with file upload capability are concerned that those applications could be used as an attack vector. However, worry doesn’t always translate into action, as only a handful of them actually deploy adequate cybersecurity protocols to ensure they can’t be targeted.

That’s according to a new report from cybersecurity firm Opswat, based on a survey of 302 IT security professionals, which indicates that 87% of businesses are very concerned about this issue. Of this cohort, 82 percent have become more worried in the past 12 months.

At the same time, only 8% have implemented industry best practices in cybersecurity. One-third (32%) do not scan all file downloads for malicious files, and the “overwhelming majority” do not clean up file downloads with Content Disarm and Reconstruction (CDR).

The pandemic has forced companies to accelerate their digital transformation, often at the expense of cybersecurity. File download services have become essential over the past couple of years as they improve productivity and user experience for the remote workforce.

At the same time, however, they introduce new attack surfaces, which most organizations are aware of, but have yet to face.

Comments are closed.