1 | 96% of the SMEs and public organisations analysed don’t use email security protectionPhishing, spear phishing, malware and ransomware: the email inboxes of SMEs and public sector organisations offer a treasure trove of unlocked gateways for computer hackers. The specialist study carried out by Ozon reveals that almost all private and public organisations have no security protection to detect and/or block cyber attacks on their employees’ emails. With the rising popularity of working from home and the increased stress caused by Covid-19 rises, there is a much greater risk of human error that could expose businesses or local governments to private data theft or ransom demands.
2 | 95% of websites have no specific protection against application cyber attacksAttacks such as Cross-Site Scripting (XSS) and SQL injection (SQLi) exploit security flaws in websites, web services and web applications:
- The first allows malicious programs to be installed in an attempt to steal sensitive customer data,
- The second allows cybercriminals to directly access the database.
3 | 80% of public organisations are vulnerable to cyber attacksEight out of ten public organisations are vulnerable to a cyber attack, compared to seven out of a private SMEs of a comparable size. And yet the consequences are just as devastating for an organisation in the public sector than the private: data theft, service downtime, financial loss, etc. The Covid pandemic has also led to more ransomware attacks on hospitals, since hackers know that such establishments will choose to pay up rather than risking long-term disruption.
4 | 79% of e-Commerce websites aren’t protected by a web application firewall (WAF)
An overwhelming majority of e-Commerce sites use a CMS, a content management system that serves as the foundation for the website. The most popular CMS release regular updates to improve features but they use a web application firewall for security. A WAF protects e-Commerce websites against cyber attacks such as SQL injections, XSS and any other threats to known software vulnerabilities. A sample of 1,508 e-Commerce websites found that only 21% are protected by a web application firewall. This lack of protection is even more critical considering that each site had an average of 68 common vulnerabilities and exposures (CVE).