By Mikkel Winther
Secunia participated in a nation-wide campaign focused on updating software on private users PC's in October 2008, in collaboration with The National IT and Telecom Agency, The Danish Bankers Association, Nordea, Danske Bank, TDC and others. (blog post)
The Danish Bankers Association is a trade organisation for the Danish financial institutions. The sector accounts for approx. 40,000 employees. TDC is the former Tele Denmark, the national Telco. Today, TDC are the danes' leading Telco and has more than 15.5 million customers in Denmark and abroad. Nordea is the leading financial services group in the Nordic and Baltic Sea area. With more 10 million personal customers and 1 million corporate customers, Nordea is the largest bank in the Nordic Region, and is a Fortune 500 company. The Danske Bank Group is, measured by total assets, the largest financial enterprise in Denmark and one of the largest in the Nordic region. Danske Bank has more than 5 million customers and is a Fortune 500 company.
During the week from 6th to 12th of October, when the campaign was running, almost one out of six visitors to the campaign site performed a scan with the Secunia Online Software Inspector.
In total, they scanned 115.299 applications out of which 36.164 were insecure and, thus, not properly patched. This means that 31.36% of the applications were insecure. This should be compared to the average level of insecure applications scanned by the Online Software Inspector, which is around 20%.
Awareness campaigns like this one, are important in communicating the messages about patching and security updating. A model like the one used in Denmark, where governmental institutions and private companies work closely together, proved useful. Numbers showed a significantly higher level of insecurity amongst users from the campaign compared to average users of the Secunia scanner. This proves the relevance and importance of such a campaign and encourages more action.
Focusing on user security, patching, and security updating, Secunia is pleased to note the increased focus on these issues in a broader forum. Recently we have seen companies like Microsoft and Kaspersky promoting patching. Kaspersky writes in their company blog "Last, but not least, any security solution and process is as strong as the weakest link: in this case, it's the customer. Will s/he click on a link or an attachment? Is his/ her system up-to-date, with all patches applied?".
Secunia will pursue opportunities like this nation-wide campaign in the future and work dedicatedly to raise awareness about IT security and the importance of keeping computers security updated and patched.
Secunia has issued a report on the 2008 "Netsafe now!" and "Update your PC" campaign, please request this by contacting Mikkel Winther as described below.
Please do not hesitate to contact us, if you plan or are involved in initiatives like this one. For further information please contact:
PSI Partner Manager,
firstname.lastname@example.org - +45 7020 5144