Would You Like Some Swiss Cheese with That Application?  

The old expression, “It has more holes than Swiss cheese,” seems more and more applicable to IT infrastructure and modern applications. The State of Software Security (SoSS) report concluded that 72% of applications contain vulnerabilities and as many as 12% percent are of ‘high severity.’ These findings were drawn from an analysis of 20 million scans across half a million applications in multiple vertical markets. 

The software security study also found that it is taking far too much time to remediate known vulnerabilities. Sectors such as manufacturing, healthcare, and IT scored the worst in terms of the number of unfixed flaws, as well as the time it takes to fix flaws once they’re discovered. Based on static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) 55% of flaws in manufacturing software remained unfixed after an entire year. Shockingly, the manufacturing sector consistently lags the overall average by four months, yet it has by far the lowest number of overall software security flaws. Clearly, manufacturing will need to up its game considerably if it wants to avoid being the subject of headlines such as those generated by the Colonial Pipeline breach.  

In addition, the report pointed out that flaws in third-party libraries found through SCA are the ones that stick around the longest. 30% percent of such flaws were found to still be unresolved after two years. That percentage is the average across all industries. For manufacturing, it is even higher at over 40% and takes 2.5 years to resolve these flaws.  

Part of the problem might be the fact that manufacturing tends to use highly specialized applications that are harder to fix.  

Sharp Rise in Data Breaches 

It is bad enough to have applications with more holes than Swiss cheese. But the situation is made much worse by the fact that there are now far more data breaches occurring than ever before. According to Surfshark’s data breach monitoring tool, data breaches have risen globally by as much as 70% during the July through September 2022 quarter. Some of the statistics highlighted include: 

  • In Q3 of 2022, 26 out of every 1,000 American internet users were breached, growing 4 times just in three months – that’s 8.5 million affected accounts. 
  • The United States remained the single most breached country of this decade up until Ukraine’s invasion at the end of February.  
  • The U.S. has seen 263.4% growth in breaches.    
  • Russia has been topping the charts this year, and now has as much as 22.3 million affected users. 
  • Belarus appeared in 19th position with more than 3x growth from the previous quarter.  
  • Ukraine experienced a 14% drop in breached users quarter-over-quarter, which took them to the 17th position globally. 
  • Europe also recorded 52 million individual breaches in Q3 alone – the highest of any other continent.  
  • 40% of them came from Russia and 27% from France. 
  • In Indonesia, breached user count has grown by 1370% in the last quarter, amounting to 13.3 million victim accounts after several large-scale cyberattacks. Related incidents have pushed Indonesia’s parliament to ratify the first Personal Data Protection Act. 
  • The ten most breached countries of Q3 2022 in descending order are: Russia, France, Indonesia, U.S., Spain, China, Brazil, Taiwan, Portugal, and India.  
  • The highest growth in user victims was spotted in Zambia (3886%), Bolivia (1913%), Chile (1852%), France (1710%), and Nigeria (1616%). 

Syxsense Enterprise with the Syxsense Zero Trust module is the best way to detect and remediate vulnerabilities in any applications and prevent data breaches. Its intuitive endpoint security and management technology combines the power of artificial intelligence with industry expertise to help users predict and remove security threats across all devices including mobile. Syxsense Enterprise is the first unified security and endpoint management platform that centralizes the three key elements of endpoint security management (vulnerabilities, patch and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex. This is achieved through a single cloud-based platform that enables greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. 

For more information visit www.Syxsense.com