Kali on My Mind
According to Opswat only 8% of organizations with web applications for uploading files have enough security. That’s less than one in ten. Almost all of these organizations cite security as a high priority, but almost all of them fall short.
With the increased demand for all things online this is deeply troubling. In this blog I have mentioned before how important it is for the private sector to do its part in maintaining national cyber security, and this just goes to show how far we still have to go. A small silver lining could be that at least there is an awareness of this issue. Organizations at least saying that they make it a priority is the first step to actually fixing it.
But now that organizations are aware of it, more than 8% need to implement best practices for protection. According to the same Opswat study 32% of organizations do not scan all file uploads for malicious content. That means nearly a third of these organizations don’t check what they're uploading before they do it. To put it bluntly: that’s nuts.
This is the lack of security that leads to gas pipelines going down, or hospitals being held up by ransomware. We have to do better. We have to at least make someone put in some effort if they want access to our networks and machines. Right now we might as well be advertising how little we’re doing to protect ourselves, and that has to change.