Security News > 2022 > March > Most Orgs Would Take Security Bugs Over Ethical Hacking Help

Enterprises are putting greater stock in cybersecurity, but outdated "Security by obscurity" is still prevailing as companies wrestle with security awareness and shy away from bug-bounty programs.

That's according to new survey data from HackerOne, which found that a full 65 percent of organizations surveyed claimed that they "Want to be seen as infallible." However, just as many - 64 percent - said they practice a culture of security through obscurity, where secrecy is used as the primary method of protecting sensitive systems and assets.

When it comes to what's actually happening on the ground inside organizations, 57 percent of respondents in the report - "The Corporate Security Trap: Shifting Security Culture from Secrecy to Transparency" - said that they struggle to create a culture of cybersecurity, and only 26 percent are "Very confident" that staff are following security practices.

That's translating to trouble: About 63 percent said they've had a security breach as a result of staff sidestepping security measures.

The stakes are high: About 53 percent of survey respondents admitted that "They have lost customers as a result of a security breach." Bottom line? The sooner organizations evolve to be more open and collaborative about security, the better off they - and the rest of us, by extension - will be.

Moving to the cloud? Discover emerging cloud-security threats along with solid advice for how to defend your assets with our FREE downloadable eBook, "Cloud Security: The Forecast for 2022." We explore organizations' top risks and challenges, best practices for defense, and advice for security success in such a dynamic computing environment, including handy checklists.

News URL

https://threatpost.com/orgs-security-bugs-ethical-hacking-help/178862/