Nearly half of all on-premises databases have unpatched vulnerabilities

Simply transitioning to the cloud may not be the answer

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Almost half of all on-premdatabasearound the world contain some form of known, addressable security vulnerabilities, over half of which were ranked as high or critical severity. according to a new survey.

Conducted over five years bycybersecurityvendorImperva, the survey scanned around 27,000 databases, finding 46% contained vulnerabilities at an average of 26 vulnerabilities per database.

“Too often, organizations overlook database security because they’re relying on native security offerings or outdated processes. Although we continue to see a major shift tocloud databases, the concerning reality is that most organizations rely on on-premises databases to store their most sensitive data,” observed Elad Erez, Imperva’s Chief Innovation Officer.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

Erez adds that owing to the large number of vulnerable on-prem databases, it shouldn’t be a surprise if there’s an increase in the number of reported breaches.

Lack of security awareness

Regional analysis reveals that France tops the list with 84% of the databases being vulnerable with an average of 72 vulnerabilities per database. The UK clocks in at the fourth position with 61% of vulnerable databases at an average of 37 vulnerabilities per database.

Imperva argues that since a majority of the scanned databases handle some of the most sensitive data, including that related with financial transactions, keeping them vulnerable to cyberattacks is a risky proposition not just for the organization, but for their customers as well.

“Whether it’s down to the perceived difficulty of fixing these vulnerabilities, or not even knowing how exposed databases are, organizations are quite simply making it far too easy for attackers,” Imperva believes.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

And since the real issue is a lack of security awareness, the company suggests that there’s no guarantee that moving to thecloudwill improve matters, since it might just mean that businesses are simply swapping “one set of mistakes for another.”

Instead, Erez suggests that businesses must respond by devising a comprehensive security strategy that’s built around the protection of data irrespective of where it exists.

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Key Strategies for financial institutions to combat fraud

This dangerous new malware is hitting Windows devices by hiding in games

Steps to take when your phone number is publicly listed online