Story image

At-work collaboration apps most vulnerable to cyber attacks

27 Jul 2018

A study released by Israeli cybersecurity firm Perception Point this week has unearthed evidence that enterprise IT decision makers cast a wary eye over collaboration and social applications in the workplace.

According to a survey of 500 decision makers across several industries, 80% believe that cloud collaboration tools are very vulnerable to cyber attacks.

These tools include messaging and team platforms (e.g. Slack, Teams); enterprise social networks (e.g. Yammer, Jive); shared virtual workspace (e.g. IntraLinks, SharePoint); and file sharing apps (e.g.) Dropbox, Box, OneDrive).

Two thirds of respondents say their companies have been attacked via these channels at least once in the last year, and 78% say the attacks are increasing in sophistication.

But that’s not likely to stop the flood of tools in the workplace, as employees use more tools to maximise their efficiency and accessibility.

The survey found that 80% of respondents use between two and ten applications in their organization; while 75% say they will invest more in these apps in the near future.

Organisations are also directing IT budgets and resources to implement these platforms, but the security blind spots are still going unaddressed.

80% of respondents say employees in their organisations share files and URLs via shared drives and messaging platforms. This content isn’t being scanned by existing security tools.

“The findings of this survey underscore the urgent need that exists for EC&C security solutions,” comments Perception Point CEO Yoram Salinger.

“As more organisations adopt these essential applications, they are inadvertently expanding the number of channels that hackers can leverage to distribute malicious content. Perception Point has developed a security solution that allows CISOs and security experts to stay one step ahead of cyber criminals and take the appropriate precautions before it’s too late.”

The survey also shows that only 5% of companies have extended their in-house cybersecurity protection through the use of outside security vendors.

Perception Point says this underscored the limited adoption of third party enhancements.

Despite being the target of attacks via these channels, cybersecurity teams remain somewhat behind in fortifying their defenses, in large part due to limited category discussion of the issue.

Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.
Myth-busting assumptions about identity governance - SailPoint
The identity governance space has evolved and matured over the past 10 years, changing with the world around it.
Forrester names Crowdstrike leader in incident response
The report provides an in-depth evaluation of the top 15 IR service providers across 11 criteria.
Slack doubles down on enterprise key management
EKM adds an extra layer of protection so customers can share conversations, files, and data while still meeting their own risk mitigation requirements.
Security professionals want to return fire – Venafi
Seventy-two percent of professionals surveyed believe nation-states have the right to ‘hack back’ cybercriminals.
Alcatraz AI to replace corporate badges with AI security
The Palo Alto-based startup supposedly leverages facial recognition, 3D sensing, and machine learning to enable secure access control.
Ensign and IronNet partner to create cyber analytics capabilities
The Singapore-based joint venture will form a Cyber Analytics Center for Excellence focused on securing regional enterprises from sophisticated cyber threats.
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.