BitSight Technologies released a report on Friday that examined the security ratings of a random sample of 250 companies per country from the United States, the United Kingdom, Singapore, Germany, China and Brazil.
The report, “BitSight Insights Global View: Revealing Security Performance Metrics Across Major World Economies,” intends to inform risk managers of the potential for cyber risks when sharing data within certain countries or with certain vendors.
“Along with operational, financial and legal risk, cyber risk should be a key consideration when extending operations globally,” Stephen Boyer, co-founder and chief technology officer of BitSight, said. “This includes understanding the risk associated with sharing sensitive data with global partners and vendors. Just as business practices and laws differ across countries, so do cybersecurity practices. When expanding globally, it is imperative to communicate best practices and establish a standard of security performance that can be implemented across the entire supply chain.”
The report found that companies in Brazil have the lowest aggregate security rating while companies in the United States, Germany and the United Kingdom have the highest security ratings. Brazil and the U.S. were found to have the poorest performance when it comes to preventing machine compromise stemming from botnet infections, while all countries have major vulnerabilities in communication protocols such as Heartbleed, POODLE and FREAK.
The report also found that peer-to-peer file sharing is common across all countries included in the study, expect Germany, and that China, Brazil and Germany have a higher percentage of poorly configured email security protocols, such as SPF and DKIM.