Almost half of all on-prem database (opens in new tab) around the world contain some form of known, addressable security vulnerabilities, over half of which were ranked as high or critical severity. according to a new survey.
Conducted over five years by cybersecurity (opens in new tab) vendor Imperva (opens in new tab), the survey scanned around 27,000 databases, finding 46% contained vulnerabilities at an average of 26 vulnerabilities per database.
“Too often, organizations overlook database security because they’re relying on native security offerings or outdated processes. Although we continue to see a major shift to cloud databases (opens in new tab), the concerning reality is that most organizations rely on on-premises databases to store their most sensitive data,” observed Elad Erez, Imperva's Chief Innovation Officer.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
>> Click here to start the survey in a new window (opens in new tab) <<
- These are the best endpoint protection tools (opens in new tab)
- Here's our list of the best cloud hosting (opens in new tab) on the market
- Also take a look at the best firewall apps and services (opens in new tab)
Erez adds that owing to the large number of vulnerable on-prem databases, it shouldn’t be a surprise if there’s an increase in the number of reported breaches.
Lack of security awareness
Regional analysis reveals that France tops the list with 84% of the databases being vulnerable with an average of 72 vulnerabilities per database. The UK clocks in at the fourth position with 61% of vulnerable databases at an average of 37 vulnerabilities per database.
Imperva argues that since a majority of the scanned databases handle some of the most sensitive data, including that related with financial transactions, keeping them vulnerable to cyberattacks is a risky proposition not just for the organization, but for their customers as well.
“Whether it’s down to the perceived difficulty of fixing these vulnerabilities, or not even knowing how exposed databases are, organizations are quite simply making it far too easy for attackers,” Imperva believes.
And since the real issue is a lack of security awareness, the company suggests that there’s no guarantee that moving to the cloud (opens in new tab) will improve matters, since it might just mean that businesses are simply swapping “one set of mistakes for another.”
Instead, Erez suggests that businesses must respond by devising a comprehensive security strategy that’s built around the protection of data irrespective of where it exists.
- Protect your devices with these best antivirus software (opens in new tab)