Story image

At-work collaboration apps most vulnerable to cyber attacks

27 Jul 18

A study released by Israeli cybersecurity firm Perception Point this week has unearthed evidence that enterprise IT decision makers cast a wary eye over collaboration and social applications in the workplace.

According to a survey of 500 decision makers across several industries, 80% believe that cloud collaboration tools are very vulnerable to cyber attacks.

These tools include messaging and team platforms (e.g. Slack, Teams); enterprise social networks (e.g. Yammer, Jive); shared virtual workspace (e.g. IntraLinks, SharePoint); and file sharing apps (e.g.) Dropbox, Box, OneDrive).

Two thirds of respondents say their companies have been attacked via these channels at least once in the last year, and 78% say the attacks are increasing in sophistication.

But that’s not likely to stop the flood of tools in the workplace, as employees use more tools to maximise their efficiency and accessibility.

The survey found that 80% of respondents use between two and ten applications in their organization; while 75% say they will invest more in these apps in the near future.

Organisations are also directing IT budgets and resources to implement these platforms, but the security blind spots are still going unaddressed.

80% of respondents say employees in their organisations share files and URLs via shared drives and messaging platforms. This content isn’t being scanned by existing security tools.

“The findings of this survey underscore the urgent need that exists for EC&C security solutions,” comments Perception Point CEO Yoram Salinger.

“As more organisations adopt these essential applications, they are inadvertently expanding the number of channels that hackers can leverage to distribute malicious content. Perception Point has developed a security solution that allows CISOs and security experts to stay one step ahead of cyber criminals and take the appropriate precautions before it’s too late.”

The survey also shows that only 5% of companies have extended their in-house cybersecurity protection through the use of outside security vendors.

Perception Point says this underscored the limited adoption of third party enhancements.

Despite being the target of attacks via these channels, cybersecurity teams remain somewhat behind in fortifying their defenses, in large part due to limited category discussion of the issue.

DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.