We have been working with marine and financial services businesses to help them manage their risks for several years.
As part of this work, we have a reviewed many corporate public-facing websites.
Collectively the picture is not reassuring. While we would expect there to be some basic and relatively harmless errors on websites, we did not expect to find that 1 in 3 of websites had at least one critical vulnerability and 2 in 3 had at least one known moderate vulnerability.
While many companies outsource the hosting and operations of their websites to third parties, this is not a guarantee that your website is well protected or well managed – often these are not included in standard service level agreements.
If you operate your own website, you need to be sure that it is kept well segregated from internal servers so that bad actors cannot use it as an ingress for malware into your business.
You need to be confident that your external facing websites are secure, well configured and competently managed, and the tools they use kept up to date.
Whoever does your website for you, Companies need assurance that their public web presence is not a vector to attack them, or innocent browsers on their sites.
Why this is important:
We know that websites are not as secure as they should be: too many websites are deployed with serious vulnerabilities, making them susceptible to attack; others are using outdated and therefore vulnerable tools; and some lacking basic security features.
So, in reviewing your website, ask yourselves:
We can help you understand the state of your website and reduce the risk that your main external window becomes a trap for the unwary.