Netsparker: Government and Financial Services Most Vulnerable Industries, Warn Developers

Press Release | Developers think governments & finance industry are the most vulnerable to cyber attacks & IoT devices will be targeted more often

Sixty-one percent of developers think government is vulnerable to hacking, and more than half think smart home technologies are a cybersecurity risk.

London — August 3, 2017 — In a new survey by Netsparker Ltd., a leading player in the web applications security industry, developers agreed that the government and financial services are the two sectors most vulnerable to hacking and that smart home IoT is the most vulnerable technology.

Propeller Insights conducted the recent survey of U.S.-based software developers for Netsparker from July 5-7, 2017.

Government most vulnerable to hacking

Developers are sounding the alarm: almost two-thirds (61 percent) feel that the government is vulnerable to hacking; another half (50 percent) say the financial services industry is the most vulnerable. This is followed by:

  • Media – 44 percent
  • Communications – 32 percent
  • Healthcare – 31 percent
  • Gaming – 29 percent
  • Energy – 25 percent

In terms of vulnerable technologies, more than half (52 percent) of developers think IoT and smart home technologies are currently at the greatest risk, followed by:

  • Smart TVs – 42 percent
  • Web apps and online services – 41 percent
  • Connected cars – 35 percent
  • ATMs – 34 percent

Safeguarding future elections

The past two years have provided many “teachable” moments in the world of cybersecurity. When asked which recent hacks were the most “innovative,” developers agreed that the Russian hacking of the Democratic National Committee (DNC) topped the list (47 percent), followed by WannaCry (32 percent), the CIA security breach (30 percent), Chipotle (25 percent) and OneLogin (23 percent).

When it comes to election hacking, developers are united in feeling that democratic governments are vulnerable to it because political parties lack IT/security expertise (57 percent) and because of outdated and potentially insecure polling equipment (54 percent).

According to survey respondents, the ways to most effectively combat the risk include:

  • Increasing background checks on volunteers and staffers – 52 percent
  • Hiring specialists – 47 percent
  • Federal governments allocating money to the problem – 45 percent

Another 40 percent believe that governments should provide secure systems to political parties; however, only 10 percent felt that politicians communicating over email was a concern.

Cybersecurity in the boardroom

Of the reasons corporations don’t take cybersecurity seriously, developers believe the two biggest culprits are lack of IT understanding and budget (57 percent each), followed by an absence of concern (39 percent) and the fact that cybersecurity is complicated to understand (30 percent).

When data breaches do strike, developers think companies should turn to the police and IT forensics specialists:

  • Contact law enforcement – 55 percent
  • Assess the type of threat – 52 percent
  • Hire IT forensics specialists – 52 percent
  • Isolate parts of the network – 38 percent
  • Limit insider access to the investigation – 33 percent

“Because of recent election-related events, it’s not surprising that developers and IT professionals have so little confidence in the ability of governments to prevent hacking. But the reality is that all organizations and enterprises should take precautions to prevent data breaches,” said Netsparker CEO Ferruh Mavituna.

For more information visit the web developers’ survey results and for recommendations on how best to secure web applications, visit

About Netsparker Ltd.

Netsparker was founded in 2009 and develops a web application security scanner. The scanner’s accurate scanning technology led to early success, and Netsparker is now a recognized leader in the web application security industry. Netsparker can identify vulnerabilities in any type of modern and custom web applications, regardless of the architecture or platform they are built with. Upon identifying a vulnerability, the Netsparker scanner uniquely generates a proof of exploit to identify a false positive. Netsparker is available as desktop software and as a cloud service. It is trusted and used by world-renowned organizations from all industry verticals, including Samsung, NASA, Microsoft, ING Bank and Ernst & Young.

Media Contact

Laura Ruark