Rapid7: UK financial services sector leads for risky cyber exposure

Cybersecurity firm Rapid7 released a report examining cyber exposure of FTSE 350 companies. Findings show that the financial services sector of the UK’s economy leads all other industries in exposure of risky services to the internet.

From an attack surface perspective, the key metric researchers looked at is which ports are exposed to the internet. They consider two metrics: the total number of exposed ports, and the number of exposed high-risk ports. They define “high risk” as the ports commonly associated with FTP, SSH, Telnet, SMB, and RDP.

Drilling down to the high-risk ports, Rapid7 found that although technology companies dominate the overall port exposure, they fall in the middle of the pack for high-risk exposed ports and services. On the other hand, financial services companies are still exposing a number of concerning ports.

Source: Rapid7

In particular, the average financial services company is exposing two telnet ports – telnet is a notoriously insecure protocol that has been discouraged for decades. RDP and SSH are frequently exposed to the internet for remote management, but the level of exposure for an average company here should encourage financial services organizations to evaluate their external attack surface.

However, the report also noted that, compared to 2021, the attack surface of the FTSE 350 is greatly improved.

Read the full report

Related Posts

Previous Post
FISL preview: legal experts flag how banking stress could add to pile of regulations impacting secfinance
Next Post
ICMA publishes 2023 legal opinion updates for GMRA

Fill out this field
Fill out this field
Please enter a valid email address.

X

Reset password

Create an account