Synack Trust Report – an Essential Guide for CISO, CIOs, and Cybersecurity Professionals
The Synack 2021 Trust Report
Well underway into 2021, we have already seen how cyber attackers have rocked consumers’ trust over the past few months and caused panic at the pump. Not only at the pump, but to our transportation systems, at our schools and to our daily necessities derailing our everyday life.
All this comes after a year of business turmoil, and continued transformation. The pandemic accelerated initiatives to digitally transform operations, and drove efforts to implement Zero Trust security for remote workforces. Reinforcing cyber resilience continues to be top of mind in our organizations, firms, and societies, and goes hand in hand with trust.
The Biden Administration has made cybersecurity a priority and recently issued a memo to business leaders urging them to take significant steps to prevent ransomware and other cyberattacks, including the use of third-party pen testing services to test systems and businesses’ “ability to defend against a sophisticated attack.” Executives that are actively focused on stakeholder trust and companies that put a premium on security testing, and take proactive steps to analyze new assets and digital applications will, in the long run, have stronger defenses and fewer breaches.
2021 Synack Trust Report
Trust continues to be more valuable than ever. Trust is not only crucial to our business relationships and customers, but in our everyday lives.
The 2021 Trust Report is Synack’s essential guide for CISOs, CIOs, security practitioners, C-suite and board executives to understand how to measure security, determine risks and build trust with data and insights on the state of different industries and sectors of the economy.
In its fourth volume, the authoritative global report shares data from the most trusted brands based on thousands of security tests conducted by the world’s most skilled ethical hackers, The Synack Red Team (SRT). The report spotlights the different industries and sectors of the economy and reveals new insights into how critical organizations are prepared to fight ransomware and other digital threats and stay resilient.
Average Industry ARS rating by years
(As published in previous Trust Reports)
|Consulting/Business & IT Services||53||48||52|
ARS rating based on data from the Trust Report: 2019. Data through January 2019
ARS rating based on data from the Trust Report: 2020. Data through July 2020
ARS rating based on data from the Trust Report: 2021. Data through April 2021.
The report data is based on Synack’s patented Attacker Resistance Score (ARS)™ Rating and includes a macro industry comparison that demonstrates how the most trusted organizations use the ARS rating and how to use the rating to benchmark attacker resistance against other industries.
All too often, vulnerabilities leave organizations dangerously exposed. Last year, the US-CERT Vulnerability Database recorded nearly 17,500 vulnerabilities—a record number for the fourth year in a row. More than a third— 16%—of vulnerabilities found in 2020-April 2021 by the Synack Red Team (SRT), our global network of highly skilled and vetted security researchers were considered critical. Beyond that, the SRT saw a 14% increase over the past two years in authorization and permission vulnerabilities, which can give attackers access to the most sensitive networks and systems.
According to Synack’s CEO, Jay Kaplan “We’re facing a global cybersecurity crisis. Some organizations are doing the right thing, creating effective defense strategies and being proactive. Others are simply checking boxes. But the nature of today’s threat requires an aggressive and assertive approach,” said Jay Kaplan, CEO and Co-Founder of Synack. “The Trust Report and the ARS are vital tools for understanding the gaps in any organization’s security plan, and can be used as a tool for CISOs and other security leaders to prioritize security efforts and focus on the most pressing threats and vulnerabilities first.”
The increased sophistication of today’s threats makes the CISO even more vital. On top of digital transformations, organizations faced punishing nation-state hacks with cyber attacks continuing to rise in 2021. Going forward, the role of the CISO and security teams will continue to evolve and expand. In fact, 55% of enterprise executives plan to increase their cybersecurity budgets in 2021 and 51% are adding full-time cyber staff in 2021.
“Testing—when it comes to security, safety, and resilience—makes all the difference in the world,” wrote Ritesh Patel, Security Principal at bp, in the foreword to the 2021 Synack Trust Report. “Measurements such as the Attacker Resistance Score (ARS) keep us honest and informed. The ARS lets us constantly assess our performance and compare how we’re doing across sectors. It’s a strong indicator that bp is performing above industry average, which sends a clear and powerful message within the organization that security—and trust—are essential in everything we do at bp.”
Read on to learn how the most trusted brands in the world measure security and build trust while diving into the different industries and sectors of the economy.
Synack leads the industry in finding the most critical and dangerous vulnerabilities in customers’ digital assets and apps, giving them the insight necessary to prevent attacks as found in our report’s key findings.
The Synack 2021 Trust Report is your guide for measuring the value of security and cyber resilience.