In a new survey by Netsparker Ltd., a provider of web applications security, developers agreed that the government and financial services are the two sectors most vulnerable to hacking and that smart home IoT is the most vulnerable technology.
Propeller Insights conducted the recent survey of U.S.-based software developers for Netsparker from July 5-7, 2017.
Government most vulnerable to hacking
Developers are sounding the alarm: almost two-thirds (61 percent) feel that the government is vulnerable to hacking; another half (50 percent) say the
financial services industry is the most vulnerable. This is followed by:
- Media: 44 percent
- Communications: 32 percent
- Healthcare: 31 percent
- Gaming: 29 percent
- Energy: 25 percent
In terms of vulnerable technologies, more than half (52 percent) of developers think IoT and smart home technologies are currently at the greatest risk, followed by:- Smart TVs: 42 percent
- Web apps and online services: 41 percent
- Connected cars: 35 percent
- ATMs: 34 percent
Safeguarding future elections
The past two years have provided many “teachable” moments in the world of cybersecurity. When asked which recent hacks were the most “innovative,” developers agreed that the Russian hacking of the Democratic National Committee (DNC) topped the list (47 percent), followed by WannaCry (32 percent), the CIA security breach (30 percent), Chipotle (25 percent) and OneLogin (23 percent).
When it comes to election hacking, developers are united in feeling that democratic governments are vulnerable to it because political parties
lack IT/security expertise (57 percent) and because of outdated and potentially insecure polling equipment (54 percent).
According to survey respondents, the ways to most effectively combat the risk include:- Increasing background checks on volunteers and staffers: 52 percent
- Hiring specialists: 47 percent
- Federal governments allocating money to the problem: 45 percent
Another 40 percent believe that governments should provide secure systems to political parties; however, only 10 percent felt that politicians communicating over email was a concern.
Cybersecurity in the boardroom
Of the reasons corporations don’t take cybersecurity seriously, developers believe the two biggest culprits are lack of IT understanding and budget (57 percent each), followed by an absence of concern (39 percent) and the fact that
cybersecurity is complicated to understand (30 percent).
When data breaches do strike, developers think companies should turn to the police and IT forensics specialists:- Contact law enforcement: 55 percent
- Assess the type of threat: 52 percent
- Hire IT forensics specialists: 52 percent
- Isolate parts of the network: 38 percent
- Limit insider access to the investigation: 33 percent