In-brief: data from the firm BitSight finds a link between outdated web browser and operating system software and headline-grabbing breaches. Are we surprised?
In the popular imagination, data breaches and other cyber incidents are the work of master hackers and cybercriminals. “It’s not whether you’ll be breached, but when” is common wisdom these days. (Editor’s note: this post original appeared on Digital Guardian’s blog.)
But a survey from the firm BitSight of more than 35,000 companies found that almost a quarter of them (8,500) were running out of date Internet browsers. Those firms, BitSight said, were more than twice as likely to experience a publicly disclosed breach as companies with less than half their computers using out of date browsers.
The situation is even worse for organizations that were running outdated operating systems on more than half of their computers. Researchers at BitSight found that those organizations were nearly three times as likely to experience a breach than organizations with less than 50 percent, the company reported.
More than 2,000 organizations were found to be running outdated operating systems in BitSight’s survey.The link between outdated software and adverse incidents aren’t just hypothetical. The recent WannaCry ransomware outbreak that affected hundreds of thousands of systems globally was found to disproportionately affect machines running older versions of Microsoft Windows. Almost 70% of WannaCry-infected systems were running the Windows 7 operating system, which was released almost eight years ago.
Read more on Digital Guardian’s blog: Behind Breaches: Lots of Outdated Software | Digital Guardian