According to Bugcrowd, financial services businesses have seen an 185 percent spike in Priority One (P1) bug submissions in the last 12 months, which refers to the most significant vulnerabilities.
While companies had to move quickly to bring digital services online once the pandemic hit in 2020, Casey Ellis, founder and CEO of Bugcrowd, said financial services companies were under even more pressure to move quickly because of the sector's importance to businesses and consumers, as well as the fact that online transactions accounted for a larger portion of their revenue.
According to the research, financial services businesses boosted their participation with ethical hackers like Bugcrowd as a result of this significant investment in security. On the Bugcrowd site, for example, submissions, rewards, and P1s increased by 82 percent, 106 percent, and 185 percent, respectively, in 2021.
“Over the last two years, financial services has continued to seek the most aggressive digital transformation,” Ellis added. “The growth is due to a mix of increasing code output, increased use of Bugcrowd's solutions and accepting security input from the hacker community as a whole, as well as a strong focus on risk-based vulnerability pricing.” This bodes well for the sector's continued leadership in cybersecurity — particularly in terms of employing security to create and sustain customer trust — because a vulnerability discovered can be repaired and learned from.”
During the pandemic last year, Bugcrowd highlighted a spike in ransomware and supply chain reconfiguration, leading to more complicated attack surfaces in its 2022 Priority One report.
According to the research, ransomware surpassed personal data breaches as the most prominent cybersecurity threat in 2021. As a result of global lockdowns and remote work, a rush to put more assets online occurred, resulting in an increase in vulnerabilities. As a result, organizations collaborated more closely with ethical hackers to identify major dangers, resulting in P1 and P2 bugs accounting for 24% of all legitimate submissions in 2021.
Along with identifying patterns across vertical sectors, Bugcrowd's Priority One research outlined the main threats for 2021:
- The most common form of vulnerability was cross-site scripting.
- On the list of the top 10 most regularly discovered vulnerability types, sensitive data exposure has risen to third place from ninth place.
- Governments have reacted to the rise of ransomware.
- Supply chains have been a main target for hackers.
- Penetration testing has experienced a resurgence.
scmagazine.com
