Expanding attack surfaces leave security teams stretched thin

30% of businesses globally have seen an increase in attacks on their IT systems as a result of the pandemic, HackerOne reveals.

expanding attack surfaces

This is according to C-Level IT and security execs at global businesses, 64% of which believe their organization is more likely to experience a data breach due to COVID-19.

Remote working and expanding attack surfaces

“The COVID-19 crisis has shifted life online,” says Marten Mickos, CEO of HackerOne.

“As companies rush to meet remote work requirements and customer demands for digital services, attack surfaces have dramatically expanded, leaving security teams stretched thin and not staffed to cope. It’s been a moment of reckoning: use the creativity and power of hackers to harden software and prevent malicious activities.”

Researchers have seen a 56 percent increase in hacker sign-ups on the platform since March compared to the same time last year. With budgets and teams cut for a quarter of respondents, it’s perhaps no surprise to see that 30 percent of CISOs say they would now be more open to receiving vulnerability reports from third party researchers than before the pandemic.

Digital initiatives had accelerated as a result of COVID-19

“Businesses realize they have been too slow with their digital transformation and cloud migration,” continues Marten.

“HackerOne research revealed digital initiatives had accelerated as a result of COVID-19 for 36 percent of security leaders. Nearly a third were forced to go through it before they were ready. The strain this puts on security teams is immense.

“Cost-cutting measures combined with an increase in attacks means data breaches present a significant threat to brand reputations that may have already taken a hit.

“Crowdsourcing security testing with hackers is the fastest and most cost-effective way to minimize the risk security vulnerabilities pose. This is a practice recommended by governments and major digital corporations and allows companies to tap into the best security researchers in the world.”

Don't miss