How Vulnerable Is Your Sector? Find Out From The World's Best Hackers


2021/6/16 17:09



REDWOOD CITY, Calif., June 15, 2021 /PRNewswire=KYODO JBN/ --


- The 2021 Synack Trust Report relies on data from thousands of security tests

to reveal new insights into how organizations are prepared to fight ransomware

and other digital threats.


Government and Healthcare sectors are the most secure against the punishing

barrage of cyberattacks such as ransomware and supply chain compromises that a

growing number of organizations suffered over the past year, according to the

2021 Synack Trust Report [



Photo -

Photo -

Logo -


In its fourth year, this global report has become a critical benchmark for

CISOs and security leaders across all sectors. Based on thousands of security

tests carried out by the world's most skilled ethical hackers from July 2020

through April 2021, it measures security preparedness and the depth of

cybersecurity defenses across organizations.


Synack's Attacker Resistance Score (ARS)™ Rating, which draws information from

tests conducted on Synack's Premier Crowdsourced Platform for On-Demand

Security Expertise, provides the foundation for the annual Trust Report [

]. The higher the ARS, the more hardened assets are against attacks.


"Building trust across our customers, employees, and our team is core to my

role as GDIT CISO," said Michael Baker, Chief Information Security Officer for

General Dynamics Information Technology. "Measuring risk and carefully choosing

the right capabilities with the right business partners who understand today's

threat landscape helps me achieve those three key objectives that define

success for myself as the GDIT CISO."


Some sectors that cyber criminals target such as Manufacturing and Critical

Infrastructure have shown improvements and recovered from an ARS drop in 2020,

gaining 5 points in 2021. But with an overall rating of 50, some organizations

in this sector may continue to face challenges, especially as U.S. officials

have characterized today's cybersecurity risks as a "national security threat."


"We're facing a global cybersecurity crisis. Some organizations are doing the

right thing, creating effective defensive strategies and being proactive.

Others are simply checking boxes. Today's threat requires an aggressive and

assertive approach," said Jay Kaplan, CEO and Co-Founder of Synack. "The Trust

Report and the ARS are vital tools for understanding the gaps in any

organization's security plan."


Over the past year, 16% of vulnerabilities found by the Synack Red Team (SRT),

Synack's global community of highly skilled and vetted security researchers,

were considered critical. Beyond that, the SRT saw a 14% increase over the past

two years in authorization and permission vulnerabilities, which can give

attackers access to sensitive networks.


In light of the cyber threat for Critical Infrastructure, and the need for the

sector to take swift action to harden its defences, some organizations are

setting the standard for others to follow. Organizations such as energy giant

bp (LSE:BP) have become industry leaders when it comes to security innovation.


"Testing—when it comes to security, safety, and resilience—makes all the

difference in the world," wrote Ritesh Patel, Security Principal at bp, in the

foreword to the 2021 Synack Trust Report [

]. "Measurements such as the Attacker Resistance Score (ARS) keep us honest and

informed. The ARS lets us constantly assess our performance and compare how

we're doing across sectors. It's a strong indicator that bp is performing above

industry average, which sends a clear and powerful message within the

organization that security—and trust—are essential in everything we do at bp."


Other Key 2021 Trust Report findings:


Most industries improved their ARS in 2021


Across all industries, scores recovered from previous declines, and in 2021,

all but two sectors improved their average ARS.


Attackers need less Time to find vulnerabilities


On average, pentesters needed only 18 hours to find a vulnerability in targeted

applications, down from 21 hours in 2020.


Financial Services remains under assault


The Financial Services sector historically has been a top target of

cybercriminals. At the beginning of the pandemic, the sector suffered a drop of

6 points, from an ARS of 62 in early 2020, but began to recover by 2021.


Visit to download the report for free and

learn how the most trusted brands in the world measure their risk.


About Synack:


Synack is the premier crowdsourced platform for on-demand security expertise.

The Synack platform delivers 24/7 penetration testing, vulnerability

management, and vulnerability assessment from a global network of trusted

researchers, enabled by smart technology, to accelerate global organizations'

critical cybersecurity missions. Headquartered in Silicon Valley with regional

teams around the world, Synack protects leading global banks, federal agencies,

DoD classified assets, and more than $6 trillion in Fortune 500 and Global 2000

revenue. A 4-time CNBC Disruptor 50 company, Synack was founded in 2013 by

former NSA security experts Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO.


For more information, please visit


SOURCE  Synack


CONTACT: Mike Farrell,