HP Identifies Top Enterprise Security reats
03/02/2014
PALO ALTO, Calif. - HP today published the Cyber Risk Report 2013, identifying top enterprise security vulnerabilities and providing analysis of the expanding threat landscape.
Developed by HP Security Research, the annual report provides in-depth data and analysis around the most pressing security issues plaguing enterprises. This year's report details factors that contributed most to the growing attack surface in 2013-increased reliance on mobile devices, proliferation of insecure software and the growing use of Java-and outlines recommendations for organizations to minimize security risk and the overall impact of attacks.
Adversaries today are more adept than ever and are collaborating more effectively to take advantage of vulnerabilities across an ever-expanding attack surface, said Jacob West, chief technology officer, Enterprise Security Products, HP. The industry must band together to proactively share security intelligence and tactics in order to disrupt malicious activities driven by the growing underground marketplace.
Highlights and key findings from the report
While vulnerability research continued to gain attention, the total number of publicly disclosed vulnerabilities decreased by 6 percent year over year,(1) and the number of high-severity vulnerabilities declined for the fourth consecutive year, decreasing by 9 percent.(1) Although unquantifiable, the decline may be an indication as to a surge in vulnerabilities that are not publicly disclosed but rather delivered to the black market for private and/or nefarious consumption.
Nearly 80 percent(2) of applications reviewed contained vulnerabilities rooted outside their source code. Even expertly coded software can be dangerously vulnerable if misconfigured.
Inconsistent and varying definitions of malware complicate risk analysis. In an examination of more than 500,000 mobile applications for Android, HP found major discrepancies between how antivirus engines and mobile platform vendors classify malware.(3)
Forty-six percent(2) of mobile applications studied use encryption improperly. HP research shows that mobile developers often fail to use encryption when storing sensitive data on mobile devices, rely on weak algorithms to do so, or misuse stronger encryption capabilities, rendering them ineffective.
Internet Explorer was the software most targeted by HP Zero Day Initiative (ZDI) vulnerability researchers in 2013, and accounted for more than 50 percent(4) of vulnerabilities acquired by the program. This attention results from market forces focusing researchers on Microsoft vulnerabilities and does not reflect on the overall security of Internet Explorer.
Sandbox bypass vulnerabilities were the most prevalent and damaging for Java users.(2) Adversaries significantly escalated their exploitation of Java by simultaneously targeting multiple known (and zero day) vulnerabilities in combined attacks to compromise specific targets of interest.
Key recommendations
In today's world of rising cyberattacks and growing demands for secure software, it is imperative to eliminate opportunities for unintentionally revealing information that may be beneficial to attackers.
Organizations and developers alike must stay cognizant of security pitfalls in frameworks and other third-party code, particularly for hybrid mobile development platforms. Robust security guidelines must be enacted to protect the integrity of applications and the privacy of users.
While it is impossible to eliminate the attack surface without sacrificing functionality, a combination of the right people, processes and technology does allow organizations to effectively minimize the vulnerabilities surrounding it and dramatically reduce overall risk.
Collaboration and threat intelligence sharing among the security industry helps gain insight into adversary tactics, allowing for more proactive defense, strengthened protections offered in security solutions, and an overall safer environment.
Methodology
HP has published its Cyber Risk Report annually since 2009. HP Security Research leverages a number of internal and external sources to develop the report, including the HP Zero Day Initiative, HP Fortify on Demand security assessments, HP Fortify Software Security Research, ReversingLabs and the National Vulnerability Database. The full methodology is detailed in the report.
Additional information about HP Enterprise Security Products is available at www.hpenterprisesecurity.com.
HP will be addressing the latest trends in enterprise security at the RSA Conference 2014, taking place February 24-28 in San Francisco. Additional information about HP at this year's conference is available here.
HPs premier Americas client event, HP Discover, takes place June 10-12 in Las Vegas.
(1) Cyber Risk Report 2013, HP Security Research, February 2014, p.20-21.
(2) Cyber Risk Report 2013, p. 4-5.
(3) HP Fortify on Demand findings included in the Cyber Risk Report 2013, p. 24.
(4) ZDI data included in the Cyber Risk Report 2013, p. 6.
Java is a registered trademark of Oracle and/or its affiliates. Microsoft is a U.S. registered trademark of the Microsoft group of companies.
This news release contains forward-looking statements that involve risks, uncertainties and assumptions. If such risks or uncertainties materialize or such assumptions prove incorrect, the results of HP and its consolidated subsidiaries could differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements, including but not limited to statements of the plans
Most recent headlines
04/08/2024
Dalet Appoints Santiago Solanas as CEO to Lead Next Era of Growth and Innovation
Dalet, a leading technology and service provider for media-rich organizations, is excited to announce Santiago Solanas as its new Chief Executive Officer (CEO)....
03/06/2024
Dalet and Veritone Reach Agreement to Distribute, Transact and Monetize Media Archives
Dalet, a leading technology and service provider for media-rich organizations, a...
08/05/2024
Post production houses adopt Cleanfeed Cinema solution
The solutions in-browser stream focuses on low latency, making it suited to low bandwidth scenarios By Matthew Corrigan Published: May 8, 2024 The solutio...
08/05/2024
TAG unveils subtitling language detection feature
Driven by algorithms, the solution performs a quality analysis informed by language-specific dictionaries By Matthew Corrigan Published: May 8, 2024 Drive...
08/05/2024
Mobilelinks acquires 2 SAT Europe to increase SNG truck fleet
The increase in fleet size will reduce travel distances, aligning with sustainability goals, said Mobilelinks By Matthew Corrigan Published: May 8, 2024 T...
08/05/2024
Arqiva adds Caroline Cardozo and James Lelyveld to technology team
The company said the new arrivals would drive collaboration and technological transformation across key business units By Matthew Corrigan Published: May 8, ...
08/05/2024
Actus Digital Set to Shine at CABSAT and Broadcast Asia
Following a successful NAB Las Vegas 2024 and winning a Best of Show Award, Actus Digital, a leading provider of Intelligent Monitoring Platforms, will bring it...
08/05/2024
TAG Revolutionizes Closed Captions and Subtitles Quality...
TAG Video Systems, a leading force in video monitoring solutions, has developed a new Language Detection feature set to transform how operators ensure quality a...
08/05/2024
Pliant Technologies Unveils New SmartBoom LITE Headset at...
Pliant Technologies, a leading provider of professional wireless intercom solutions,presents its new SmartBoom LITE Headset at InfoComm 2024 (Booth C5116). The ...
08/05/2024
Prism Sound Showcases High-Quality Audio Conversion at MP...
At the Media Production & Technology Show 2024, Prism Sound will showcase high-quality audio conversion products designed to suit the demands of professional us...
08/05/2024
Julian Day Joins FooEngine
Soho stalwart Julian Day has joined FooEngine as Business Development Director after 13 years at ZOO Digital. Julian has been at the heart of the London post pr...
08/05/2024
Cleanfeed Cinema Redefines Audio Post Production Workflow...
Following its successful launch at NAB 2024, Cleanfeed Cinema - the latest remote recording innovation from Emmy Award-winning Cleanfeed - is already helping au...
08/05/2024
DHD to Showcase New Product Line-up at MPTS 2024
DHD's range of digital broadcast equipment, systems and related software will be promoted on stand D22 at the Media Production & Technology Show by UK-regio...
08/05/2024
MSP CloudReso selects Cubbit hyper-resilient DS3 distribu...
Cubbit, the innovator behind Europe's first distributed cloud storage enabler, today announced that CloudReso, a France-based distributor of MSP security so...
08/05/2024
MwareTV boosts Americas presence with Daniel Conde Coto
MwareTV, a prominent cloud-based multi-tenant platform provider, has attracted Daniel Conde Coto to join the company as director, sales operations. This is a si...
08/05/2024
LiveU Demonstrates its Efficient IP-Video Workflows for L...
In a year set to see record-breaking IP-video adoption, with over 70 elections and global sports events, LiveU heads to Broadcast Asia 2024 with a focus on its ...
08/05/2024
nxtedition Showcases a Fully Automated AR Studio Gallery...
Pioneers in microservices-based production environments, nxtedition, will demonstrate the latest advances in storytelling technology at the Media Production & T...
08/05/2024
MPTS 2024 - Leader and PHABRIX to showcase multiple new T...
Test & measurement innovator, Leader Electronics of Europe, has announced that it will again exhibit at The Media Production & Technology Show (MPTS), which tak...
08/05/2024
Livepeer Studio cuts the cost of live streaming and trans...
Livepeer Studio unveils a revolutionary video streaming platform offering an unprecedented combination of quality and cost-efficiency to content creators, media...
08/05/2024
Ikegami to Demonstrate Complete Broadcast Media Productio...
Ikegami Electronics (Europe) will demonstrate a complete broadcast media production system on stand S1-A15 at CABSAT 2024 in Dubai, Tuesday May 21 through Thurs...
08/05/2024
Experience Commerce Bags Digital Agency Mandate for SAVSO...
Experience Commerce (EC), a leading digital agency within the Cheil Network, is pleased to announce that it has won the digital mandate for SAVSOL, the flagship...
08/05/2024
Global Telecom & Pay TV Services Market to Slowdown in 2024
NEEDHAM, Mass. The International Data Corporation is predicting that worldwide spending on telecom services and pay TV services will increase by 1.4% in 2024 to...
08/05/2024
Apple Unveils New iPad Live Multicam Production Studio
CUPERTINO, Calif. In a notable development for news and live video production, Apple has unveiled a number of significant upgrades to its Final Cut Pro software...
08/05/2024
Pliant Technologies to Showcase New Smartboom Lite Headset at InfoComm 2024
Pliant Technologies has announced that it will be presenting its new SmartBoom LITE Headset at InfoComm 2024 (Booth C5116). The latest updates include enhanceme...
08/05/2024
Tubi Launches 'Stubios' to Encourage Aspiring Filmmakers
SAN FRANCISCO Fox's ad-supported streaming service Tubi has launched Stubios, a fan-fueled studio for aspiring filmmakers and their fans that the company sa...
08/05/2024
Five More Stations Launch NextGen TV In San Antonio
SAN ANTONIO, Texas Five more stations have launched NextGen TV service, bringing to nine the number of local TV services on-air with ATSC 3.0....
08/05/2024
Tegna Names Greg Retsinas President & GM of KGW in Portland
TYSONS, Va. Tegna Inc. has announced that Greg Retsinas has been named president and general manager at KGW, Tegna's NBC affiliate serving the Portland area...
08/05/2024
Olivia Colman and John Lithgow Star in Sophie Hyde's New Project JIMPA
08 05 2024 - Media release Olivia Colman and John Lithgow Star in Sophie Hyde's New Project JIMPA Olivia Coleman and John Lithgow in JIMPA. Photo credit: ...
08/05/2024
OpenDrives Joins AWS Partner Network
OpenDrives Joins AWS Partner Network Brie Clayton May 7, 2024 0 Comments Atlas software-defined platform now available via AWS trusted partner network...
08/05/2024
Animate AI Matte Paintings in After Effects
Animate AI Matte Paintings in After Effects Graham Quince May 7, 2024 0 Comments Arguably the best video use for AI generated images is Matte Painting...
08/05/2024
Throw Expression in Adobe After Effects
Throw Expression in Adobe After Effects Andy Ford May 7, 2024 0 Comments The Throw expression is a time-saver in After Effects. It allows you to mov...
08/05/2024
Join FilmLight in Toronto: Baselight 6.1, Nara and more
Join FilmLight in Toronto: Baselight 6.1, Nara and more Brie Clayton May 7, 2024 0 Comments Thursday 30th May, from 2:30PM, Hosted by Alter Ego 488 ...
08/05/2024
Gray TV Reports $75 Million in Net Income for Second Quarter
Gray Television reported a first-quarter profit as advertising revenues rebounded to above pre-COVID-19 levels....
08/05/2024
Meghan Trainor, Bleachers, Chance the Rapper Lined Up for Today' Summer Concert Series
The Today show shared the performers on its summer concert series, which feature...
08/05/2024
Lewis Dodley, Spectrum News NY1 Anchor Since Its Launch, Sets Retirement
Lewis Dodley, longtime anchor for Spectrum News NY1, will retire at the end of May. He's been on the air at the Charter Communications-owned local news chan...
08/05/2024
Scripps Sets Studio Shows for Ion's WNBA Friday Nights
Scripps Sports said it plans to air a new studio show when a new season of WNBA Friday Night Spotlight starts May 24....
08/05/2024
NBCUniversal Will Pitch a Combination of Content, Tech in Upfront
Advertisers are looking to reach the right audiences and tell their stories inside compelling content, Karen Kovacs, president of client partnerships at NBCUniv...
08/05/2024
Doireann Garrihy to leave RT 2FM
RT has today announced that Doireann Garrihy has decided to leave RT 2FM after five years. Doireann will present her final 2FM Breakfast with Doireann, Donncha...
08/05/2024
NVIDIA CEO Jensen Huang to Deliver Keynote Ahead of COMPUTEX 2024
Amid an AI revolution sweeping through trillion-dollar industries worldwide, NVIDIA founder and CEO Jensen Huang will deliver a keynote address ahead of COMPUTE...
08/05/2024
AI Decoded: New DaVinci Resolve Tools Bring RTX-Accelerated Renaissance to Editors
AI tools accelerated by NVIDIA RTX have made it easier than ever to edit and wor...
08/05/2024
May 07, 2024
Professor emeritus John (Jack) Johnson elected to the National Academy of Sciences Johnson's multi-disciplinary research has been instrumental in shaping ou...
08/05/2024
zweiB updates to latest version of R&SCLIPSTER
zweiB updates to latest version of R&S CLIPSTER Specialist in deliverables for cinema, events and trade shows Rohde & Schwarz, a global leader in broadcast...
07/05/2024
NAB Show 2024
NAB Show 2024 Utah Scientific rocked the 2024 NAB Show in Las Vegas, unveiling two new game-changers in video signal management. Our primary focus this yea...
07/05/2024
Paul Whitehouse takes viewers through The Sketch Show Years in new 4-part series on Gold
7th May 2024 The nations favourite comedy channel Gold has teamed up with the ma...
07/05/2024
Your Guide to Having a Jam-Packed Sundance Institute Summer
There's something special about summer. We're not sure whether it's the warmer weather, the longer days, or something else a bit more magical, but s...
07/05/2024
NITV appoints Michael Rennie as Presenter and Senior Producer for NITV News
NITV appoints Michael Rennie as Presenter and Senior Producer for NITV News Media releases NITV has announced the appointment of Michael Rennie as Presenter...
07/05/2024
Network flexibility: A Vital Consideration for SATCOM Resiliency
The ability for line-of-site tactical voice and data networks to seamlessly traverse over Satellite Communications is an emerging requirement to assure warfight...
07/05/2024
L3Harris Avionics Repair Station Becomes the First in U.S. to Be Awarded European Military Airworthiness Certification
On April 5, 2024, the L3Harris Avionics Products Repair Station (NN2R037L) in Gr...
07/05/2024
Clear-Com Celebrates Theatre Triumphs in Light of 2024 Tony Award Nominations
eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({ content_source:......