OPSWAT study found about three-fourths of organizations pushing their security budgets over evolving applications with unsecured infrastructure. Credit: Getty Images Complex web applications have raised security concerns with only two percent of organizations confident with their current cybersecurity strategies and over three quarters pushing their security budgets in the last year, according to a study by critical infrastructure cybersecurity provider OPSWAT. The study surveyed over 400 executive leaders, managers, and senior contributors from 69 countries to understand the state of web applications and cloud infrastructure. “The use of applications utilizing services has also increased with these infrastructure upgrades, elevating concerns around file-based malware,” the report said. Organizations have embraced public cloud hosting for their web applications, with almost all of them either already employing or planning to implement containerization. Infrastructure for web applications is evolving At least 75% of organizations have upgraded their infrastructure in the past year. One of the significant observations of the study was that “hosting for applications that accept file uploads is shifting toward the cloud.” Ninety-seven percent of the respondents said their organizations use or plan to use containers with another 94% saying their web applications currently connect to other storage services too. In public cloud hosting, Microsoft Azure was being used by 65% of the respondents, closely followed by AWS at 64%, and a modest suit by google cloud platform (GCP) at 33%. Among the organizations using containers, Azure and AWS Kubernetes were the most popular choices (both at 55%), followed by docker (47%), RedHat OpenShift (26%), and VMWare Tanzu (23%). Unsecured file upload is a big concern The rise of containers has inevitably led to the rise in applications using storage services, with 94% of respondents reporting their web applications connect file uploads to other services. Seventy-five percent of the organizations use part of these other storage services like cloud storage, with another 54% using enterprise on-premises storage, and 37% storage made through managed file transfers. “File-based malware can slip past other defenses, it’s critical to catch and stop these attacks before they enter your networks and cause harm,” said the study report. Data breaches were found to be the number one (73%) concern from unsecured file upload, with reputational damage (67%), loss in business or revenue (58%), and denial of service/infrastructure (54%) following close behind. “Seventy-eight percent of respondents are concerned about malware attacks from file uploads”, the report added. Related content how-to Download the SASE and SSE enterprise buyer’s guide From the editors of our sister publication Network World, this enterprise buyer’s guide helps network and security IT staff understand what SASE (Secure Access Service Edge) and SSE (Secure Service Edge) can do for their organizations and how t By Neal Weinberg May 13, 2024 1 min Remote Access Security Network Security Enterprise Buyer’s Guides news IntelBroker steals classified data from the Europol website The agency said core operations remain unaffected even as IntelBroker claimed to possess classified, law enforcement data. By Shweta Sharma May 13, 2024 3 mins Data Breach Hacker Groups feature Ridding your network of NTLM The path to eradicating this ancient protocol and security sinkhole won’t be easy, but the time has come for its complete eradication. By David Strom May 13, 2024 8 mins Authentication Windows Security Network Security news CISA inks 68 tech vendors to secure-by-design pledge — but will it matter? CISA’s pledge drew some big names, but the impact on software security could be limited. Meanwhile the org has extended its comment period on the CIRCIA cyberattack reporting law. By Jon Gold May 10, 2024 4 mins Regulation Technology Industry Security Practices PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe