97% of the leading cybersecurity companies have had their data exposed on the Dark Web in 2020, with over 160,000 high or critical incidents that may jeopardize their clients.
Introduction
In light of the rapidly growing sophistication and quantity of cyber-attacks targeting trusted third-parties in the last 12 months, ImmuniWeb made exploratory research on the global cybersecurity industry to illuminate and measure its exposure on the Dark Web in 2020.
A survey by the Ponemon Institute says that 59% of companies had a data breach due to compromised third parties including cybersecurity vendors. Recent research, published in July 2020 by Digital Shadows, estimates that there are over 15 billion stolen records from over 100,000 data breaches currently available for sale.
A few weeks ago, a report from Malwarebytes suggested that Working From Home (WFH) causes a surge in security breaches. To better understand the multifaceted challenge, Forrester provides an insightful report on how insiders use the Dark Web to sell corporate data.
This research purports to help better understand the emerging risks and modern threat landscape both in qualitative and qualitative aspects, and to help cybersecurity companies better prioritize and address emerging cyber risks.
Key Findings
Below are the key findings of the leading global cybersecurity companies:
- 97% of companies have data leaks and other security incidents exposed on the Dark Web
- 631,512 security incidents were found whereas 160,529 are of a high or critical risk levels
- 29% of stolen passwords are weak, employees from 161 company reuse their passwords
- 5,121 records with professional emails come from hacked porn or adult dating websites
- 63% of the cybersecurity companies’ websites do not comply with PCI DSS requirements
- 48% of the cybersecurity companies’ websites do not comply with GDPR requirements
- 91 companies had exploitable website security vulnerabilities, 26% are still unfixed
A more thorough report can be found here.
