ITBusiness.ca

Many Canadian, U.S. SMB websites vulnerable to spoofing, clickjacking and sniffing, says vendor

Websites of Canadian and American small and medium businesses continue to be vulnerable to spoofing, clickjacking and sniffing, according to a report from a new cybersecurity company offering cloud-based protection for SMBs.

The report from CyberCatch, headquartered in San Diego with an office in Vancouver, B.C., is aimed at trumpeting the capabilities of its CyberXRay tool. It scanned 20,000 randomly selected SMB websites in the U.S. and 1,850 in Canada.

Among Canadian sites it found

Among U.S. sites it found

The report also breaks down vulnerable sites by industry.

“SMBs across U.S. and Canada should scan their websites, software and web applications facing the Internet to make sure there are no vulnerabilities,” the report says. IT security managers should also implement a cybersecurity control to regularly scan all IT assets
for hardware and software vulnerabilities and set a policy to fix the weaknesses within a reasonable time.

“SMBs have limited resources, lack cybersecurity knowledge and the how-to. They rely on their IT provider, but IT is not cybersecurity,” said company founder and CEO Sai Huda. The report “reveals how vulnerable SMBs are to cyberattacks today and this is the reason why CyberCatch was founded. Our mission is to protect SMBs by focusing on the root cause for data breaches and ransomware: security holes.”

The company, whose advisory board includes former RCMP assistant commissioner Kevin Hackett and former U.S. Secretary of Homeland Security Tom Ridge, offers a software-as-a service network monitoring and cybersecurity controls testing service that starts at US$250 a month for firms with up to 50 employees, rising to US$1,000 a month for up to 499 employees. There are discounts for paying annually. There’s also a similarly-priced continuous compliance assessment service that gives instant benchmarking, a cyber hygiene score, a system security plan, a security awareness module for employees and a virtual CISO to offer advice.

It also offers a separately-priced cyber incident simulator for table-top exercises for US$95 a year.

Exit mobile version