Health Care, Retailers Are ‘Sitting Ducks’

Health Care, Retailers Are ‘Sitting Ducks’

Financial Services, E-commerce: e-tailers and retailers, Other: logistics, airlines, travel, social media, health care

Across all measures of the study, health care proved the most susceptible to e-mail attacks and cyber fraud. Consumers are five times more likely to get malicious e-mail from their health-care provider than any other sector.

The retail sector’s ThreatScore jumped by a factor of eight in Q4 compared to the previous quarter, causing the report to characterize 93% of retailers as “sitting ducks.”

Retailers with both brick-and-mortar and e-commerce businesses lag behind e-tailers when it comes to security. Amazon, Netflix, and Newegg have “perfect or near-perfect” TrustScores.

Agari found that social media had a TrustScore of 60 out of 100, 8% higher than the previous quarter.

Credit card and payment companies have the third highest TrustScore, at 50, and the fourth lowest ThreatScore.

Banks with $5 billion in annual revenue are 20% more trustworthy through e-mail than banks with $2 billion, according to the report’s data. Mega banks and large banks had TrustScores of 40 and 32, respectively, and ThreatScores of “low” and “moderate,” respectively.

The ThreatScore for the travel sector climbed 600%, an indication that cybercriminals recognize the sector’s security is easier to penetrate than others.

Because shipping companies rely on e-mail to deliver shipping and tracking notifications and consumers’ eagerness to track packages, this sector is vulnerable. Its Q4 TrustScore declined 12% from Q3. Over one-third of shipping companies have not deployed any authentication standard, which the report termed “alarming.”

Of the 131 companies analyzed, high-tech startups fared the best in terms of cybersecurity. The report attributes this to “nimble workforces that have a pulse on security opportunities” that hackers often take advantage of, whereas vulnerable companies tend to be “large, established enterprises with multiple stakeholders [and] complex IT systems.”