Contact Us


Security Strategies: Just 2% Of Organizations Report Confidence

Continuity Insights

Updated on:

A recent report from OPSWAT highlights a disconnect between confidence levels and infrastructure upgrades, spending, and security improvements.

While 75% of organizations have significantly upgraded their infrastructure in the past year — including the adoption of public cloud hosting and containerization — and 78% have increased their security budgets, only 2% of industry experts are confident in their security strategies, according to a new report. Based on an online survey of over 400 executive leaders, managers, and senior contributors, the 2023 State of Web Application Security report from OPSWAT explores the evolving state of web applications and cloud infrastructure.

In a rapidly evolving landscape of web application security, organizations are constantly striving to adapt and fortify their infrastructure, particularly with the rise of hybrid work environments. Recognizing the need for enhanced productivity and scalable solutions, most organizations have embraced public cloud hosting for their web applications, with an overwhelming 97% already employing or planning to implement containerization.

The use of applications utilizing storage services has also increased with these infrastructure upgrades, elevating concerns around file-based malware.    

OPSWAT’s survey revealed that:

62% of organizations use five or less antivirus (AV) engines to detect malicious file uploads

  • This indicates a potential vulnerability, as deploying more engines can significantly strengthen an organization’s defense against advanced malware.  

Large organizations are more likely to use Content Disarm and Reconstruction (CDR)

  • This trend can be attributed to the higher volume of files handled by these organizations, making them more susceptible to cyberattacks. However, small and medium-sized organizations can also greatly benefit from adopting CDR as a proactive measure against evolving cyber threats.
Security Strategies
Yiyi Miao, Chief Product Officer, OPSWAT

98% of organizations would benefit from additional prevention-based approaches

  • These include periodic analysis of all file repositories in their web applications for malware, detection of vulnerabilities in running virtual machine containers, and prevention of data exfiltration by redacting or blocking sensitive data. 

“Irrespective of the size or industry, organizations must recognize that infrastructure upgrades alone are not sufficient to guarantee robust security,” said Yiyi Miao, Chief Product Officer at OPSWAT. “It is imperative to establish a proactive defense strategy that goes beyond traditional measures. By adopting and combining advanced threat prevention technologies like multi-AV scanning, CDR, DLP and dynamic threat analysis, organizations can effectively establish multiple lines of defense against known and unknown emerging threats and safeguard their critical infrastructure.”

Click here for more cyber news from Continuity Insights

Continuity Insights

Similar Articles

Personal Security: See If Your Data Has Been Stolen

As the number of data breaches escalate, there’s a very good probability your data has been exposed to potential bad actors. Just think of a few of major “accidents” in …

ICYMI: Access Appropriate to Role Hits Home

By Mark Carroll, Income Research + Management: Access Appropriate to Role (AAtR) and Role-based Access Control (RBAC) restrict network access based on a person’s role within an organization and has …

2022 Continuity Insights Management Conference Program Guide Available; Early Bird Registration Open

The conference program featuring information on more than 60 sessions is now available via download for the 2022 Continuity Insights Management Conference, taking place April 25-27, at the Omni Hotel, …

Leave a Comment

Share to...