About Us | Contact Us
View Cart

Organizations Struggle to Recover Months After SQL Injection Attacks

By Vigilize | Wednesday, April 23, 2014 - Leave a Comment

Organizations are becoming more aware of SQL injection threats and the long process of detection and recovery.

Even if you outsource the “high risk assets” related to your web presence (such as on-line banking), you shouldn’t overlook this attack vector. If you have interactive forms on your website, you may be vulnerable to a SQL injection attack. A report published last week by the Ponemon Institute reveals some interesting statistics on the prevalence of SQL injection attacks and the amount of time required to detect and recover from them.

Of the organizations surveyed, 65% of them had suffered from a known SQL injection attack in the last 12 months. On average, it took these organizations about 140 days to discover the attack and 68 days to recover from it. It was found that 40% say that it takes even longer to detect them; around six months.

On top of that, over half of the organizations surveyed had no testing or third-party validation software in place to detect SQL injection vulnerabilities. A majority are siting the emergence of mobile devices in the office as a deterrent to pinpointing the source of the injection.

The good news is more than half say they will be integrating behavioral analysis-based tools over the next 2 years in order to track activity in their databases. It appears the more and more organizations are becoming aware of the threats SQL injection attacks present and taking precautions to prevent substantial damage.


Original article by Kelly Jackson Higgins.
Read the full story here.

Latest News
      Alternatives From 2020 Conferences The 2020 Update Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Each year as we go to various conferences throughout the Midwest ranging in scope; from small banker conferences that Dan himself moderates, to hacker conferences like Defcon.  We […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    The IBA Presents an infotex Workshop: Tech-Shop (A Virtual Workshop for Banks IT Geeks) Live Workshop Time for a workshop for the technical side of the community-bank. Time for a workshop full of command lines and configurations, acronyms we are forbidden to use around management, and even dark-web jokes. Time for a workshop where we […]
    An Analogy… …About Taking Better Notes Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . An interesting set of metaphors arose out of our efforts to improve our time management practices at infotex.  In the spirit of sound strategic planning, we as a team decided […]
    A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]