In 2020, attacks on the web accounted for one-third of all information security incidents. However, only 10% of Russian organizations believe that web applications are a priority element of the infrastructure for scanning for vulnerabilities.
Rostelecom-Solar surveyed April-June 2021 200 organizations of various sizes and profiles (public sector, finance, industry, IT, etc.) were interviewed. According to it, only 7% of organizations realize the importance of scanning an isolated segment of the IT infrastructure. For example, these are industrial networks or closed state data exchange systems. 29% of respondents consider it important to scan the external perimeter. Meanwhile, 45% of respondents named the organization’s local network as the key element for analyzing vulnerabilities. And only one-tenth of respondents consider it important to scan all elements of the infrastructure.
In general, according to the survey, 70% of organizations have vulnerability control. However, most of them do not scan regularly: more than 60% of companies scan the infrastructure once a quarter or less.
Experts note that almost all organizations either conduct scanning automatically (41% of respondents answered this way) or by means of a single dedicated information security specialist (39%). This is not enough to quickly process the data obtained from the scanner and formulate up-to-date recommendations for closing the vulnerabilities found.
According to experts, if the company does not have a vulnerability management process and there are no resources for processing the received data, so-called shadow IT appears in the infrastructure. These are unrecorded and therefore unprotected areas of the IT landscape that can be exploited by hackers to carry out an attack.