Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Survey Highlights Alarming Trends in Insecure Network Configurations

Security vendor nCircle used brief surveys conducted during webinars to highlight the state of network configurations that utilize insecure protocols and settings. Based on the data, the saying “easier said than done” has certainly become a reality.

Security vendor nCircle used brief surveys conducted during webinars to highlight the state of network configurations that utilize insecure protocols and settings. Based on the data, the saying “easier said than done” has certainly become a reality.

Accordingly, 38 percent of the respondents to nCircle’s questioning said that they were required to run Telnet. This is just one example of poor communication implementation, which thanks to legacy systems within enterprises and SMBs, brings significant risks that are nearly impossible to get rid of.

In addition, the study revealed that 58 percent of respondents were either unaware if their organization used SSHv1 (a less secure version of SSH) or if they were required to use it. This is in addition to those who said they didn’t know if SNMP default community strings were being used, or if they were required to use them. Also, 67 percent said the same thing about TLS ciphers.

“The only plausible reason to run Telnet is because a business partner requires it,” said Andrew Storms, director of IT and security operations for nCircle. “In that case, IT professionals need to push aggressively to find another partner. There’s just no way to make Telnet secure.” 

“It’s also discouraging to see so many small businesses that aren’t sure if they have insecure settings on their networks, since we know hackers are targeting these businesses aggressively,” Storms added.

Snapshots from the survey are available here.  

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

Omkhar Arasaratnam, former GM at OpenSSF, is LinkedIn's first Distinguised Security Engineer

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.