Hackers Call out Password Protection, Facial Recognition, and Access Controls as Three Least Effective Enterprise Security Measures
CAMPBELL, CA – Sept. 14, 2017 - Bitglass, the Total Data Protection company, today announced the findings of its Data Games: Security Blind Spots According to Experts report. The report features survey insights from 129 White Hat and Black Hat hackers that attended the Black Hat 2017 national cybersecurity conference.
Fifty-nine percent of respondents identified phishing as the best data exfiltration strategy, as human error and ignorance will always be exploitable. Understandably, and in line with recent cyberattacks, malware and ransomware ranked second, at nearly 27 percent. Hackers also pointed out the three least effective enterprise security measures: password protection, facial recognition and access controls.
“Phishing and malware are threats made all the more potent by cloud adoption and the ease with which employees can share corporate data,” said Mike Schuricht, VP Product Management, Bitglass. “Many security technologies fail to address IT’s largest blind spots - unmanaged devices and anomalous access.”
Key Report Findings:
- The top five data security blind spots are unmanaged devices (61 percent), not-up-to-date systems, applications and programs (55 percent), mobile devices (36 percent), data at rest in the cloud (26 percent), and traditional on-premises security (20 percent)
- Password-protected documents (33 percent) were ranked as the least effective security tool, followed by facial recognition (19 percent)
- Facial recognition was rated as the worst tool six times more often than fingerprint authentication - an interesting insight in light of the new iPhone’s shift to face-recognition security
- Almost 60 percent of respondents ranked phishing as the number one method of data exfiltration, followed by malware and ransomware (27 percent)
- More than three quarters (83 percent) of respondents believe that hackers are motivated by the monetary value of stolen data, with ego and entertainment-value playing only a small role
To view the complete Data Games: Security Blind Spots report.
Bitglass, the total data protection company, is a global CASB and agentless mobile security company based in Silicon Valley. The company's solutions enable real-time end-to-end data protection, from the cloud to the device. Bitglass is backed by Tier 1 investors and was founded in 2013 by a team of industry veterans with a proven track record of innovation and execution.