According to Rapid7, the UK’s largest listed companies have reduced their exposure to risky ports and strengthened their email security over the past two years, but some still pose undue cyber risks.
To provide a snapshot of the UK attack surface as of March 2023, security vendors evaluated FTSE 350 in three areas in the new report.
The resulting findings are: FTSE 350 cyber attack surface The report shows a significant improvement from Rapid7. 2021 Industry Cyber Exposure Report – Put UK companies on par with their global peers traded on the ASX 200 and Fortune 500.
For example, a relatively small number of UK companies expose their organizations over risky ports such as FTP, SSH, Telnet, RDP and SMB.
Nearly two-thirds (37%) expose at most one risky port, and more than one-fifth (21%) expose none at all. However, the financial services sector is an outlier, with an average of nearly 12 risky ports per firm exposed.
“RDP and SSH are frequently exposed to the internet for remote administration, but the level of exposure for the average enterprise here should encourage financial services organizations to assess their external attack surface. ‘, the report notes.
“However, compared to 2021, the FTSE 350 attack surface has improved significantly. Trends in materials, utilities, and healthcare are particularly encouraging, with only a handful of SSH and RDP in each of these industries. has been published.”
Read more about UK security risks: MI6 Boss: Digital Attack Surface Growing “Expononly”
Rapid7 also saw improvements with the introduction of DMARC to mitigate email spoofing attacks. The number of FTSE 350 companies with active policies has increased from 191 in 2021 to 247 today, with the majority supporting quarantine or denial policies.
However, it warns that the DNS Security Extensions (DNSSEC) implementation, while consistent with global peers, is still inadequate. Only 4% of FTSE 350 companies use this method to help reduce their exposure to DNS attacks.
Finally, the report found that the majority of IIS (80%) and Apache (89%) web servers were running supported versions, while the less popular Nginx server has decreased to 30%.
While the results provide a positive view of UK PLC’s attack surface, caution remains warranted, Rapid7 said.
“Remember, security is an ever-changing target. Many of these companies are managing risk today, but tomorrow a new threat emerges or a new information technology strategy is launched. It could completely change the landscape for businesses,” concludes the report.
“These things need to be tracked on an ongoing basis.”
