Contact us
Request demo →
Contact us

Attack surface in numbers: Which market faces the highest risks?

by Cybersprint Blog 12 May 2021

The need for cybersecurity is shared by organisations in all markets. Every business has valuable data to protect and operations to maintain. Yet, no organisation is completely risk-free - that is impossible to achieve anyway. Luckily, they don’t have to be. Not all risks have the same potential impact. Some are accepted and need no further action, while others need to be prioritised. It’s these high-risk assets that need attention.

Additionally, the type of risk organisations face most can differ greatly depending on the market they are in. Brand abuse and product imitation is of bigger concern to retail and ecommerce than it is to a governmental organisation, for example.

With both differences and similarities in terms of cybersecurity challenges, we wondered:

What is the difference between organisations in various markets and the cybersecurity challenges they face?

Do organisations in a specific field
face more impactful risk than others do?

And is the most recurring type of risk different for the markets?

Market research

We compared data on organisations from six different markets to find out how digital risk varies between them. Using our Attack Surface Management platform, we mapped the attack surface of multiple small, medium, and large organisations over six different markets throughout the US and Europe. The graph below shows the percentage of high risks identified in the attack surfaces of organisations per market vertical.

infographic restuls blog graph

It’s important to note we determined the level of risk with the automated assessments of our Attack Surface Management platform. It assigns risk scores to individual assets based on likelihood of abuse, technical details, potential impact, links to other systems, and more. Risk scores range from A (all is well, no action needed) to F (high risk, immediate action required).

For this research, the high-risk assets are those with a risk score of E and F. These are assets showing issues such as known vulnerabilities, serious software misconfigurations, expired certificates, etc.

Financials as front-runners

Over all markets, at least 10 percent of all attack surfaces contain critical risks. For manufacturing and pharmaceutical organisations, high-risk assets were found in over a quarter of their total attack surfaces. That is almost three times as many critical risks compared to financials.

One explanation is that financials are often front-runners when it comes to cybersecurity. They are preferred targets for threat actors because of the high financial gain, which also means their IT teams must use innovative solutions to stay ahead of the threat. Furthermore, security regulations imposed on financials often find their way to other markets a few years later, making financials the front-runners.

Yet, even though financials score better than the other markets, they often also have a large the attack surface. In the end, whether you’re in the financial or pharmaceutical market, there could still be a great many high-risk assets residing in that 10 to 29 percent. That presents threat actors with more potential entry points and attack methods at their disposal.

What type of risk is most common?

As we investigated the percentage of high-impact risk for each market, certain risk types were more apparent for certain markets. We listed the most common type per market vertical below.


Most common risk type


Compliance errors






Domain security


Domain security




The study shows financial institutions are most frequently faced with compliance errors. These are issues such as misconfigurations in cookie and privacy settings, or unsecured login forms. Risks include GDPR violations (resulting in hefty fines) and data leaks.

Vulnerabilities are the most common risks for the chemical, governmental and pharmaceutical markets. This means software contains vulnerable software that isn’t patched after a CVE has been published, or software is generally not up to date. This could result in hacks, ransomware attacks, supply chain attacks, and more.

Finally, we see domain security as the most frequent security risk for the retail and manufacturing markets. Examples are expired domain certificates, insufficiently protected DNS records, or misconfigured SSL certificates. Abuse of such aspects can lead to DNS hijacks, subdomain takeovers, or decreasing customer trust and website visits.

Keeping an eye on risk

Though having effective cybersecurity processes will limit your risk exposure, you cannot completely avoid or protect from all sorts of digital risks. However, having the right tools will help identify, solve, and monitor the most pressing risks within your attack surface.

An automated solution which maps the attack surface for you does not only save time and resources, it also provides an outside-in perspective on the market-specific risks your organisation faces. It generates more holistic insights into the business risks, helping you to identify and prioritise the issues in your most important environments.

Are you interested to see how such a solution has helped an international organisation to map and reduce the risks in their attack surface? Click below to read an interview with one of our clients, PostNL. 

Read the Use Case by postnl

Disinformation: a certainty in uncertain times

Since the beginning of the internet, we have seen a near, if not an exponential, surge of information sharing amongst users in cyberspace. Not long after, we saw how the emergence of social media ushered an access to public online platforms where other internet users worldwide could share, discuss, promote, and consume information, whether by deliberate choice or not.

read more

Threat Report: Remote vulnerability in Confluence, fixes available

On 2 June, 2022 a critical vulnerability was identified in Atlassian Confluence (CVE-2022-26134). The vulnerability in question relates to active exploitation of unauthenticated remote code execution in Confluence Data Center and Server; meaning that the vulnerability could lead to code being executed remotely.  

read more

Looking back on the 2021 vulnerability: Log4shell

In December 2021 a critical vulnerability surfaced named Log4shell within Log4j, a widely used logging tool for java applications. Log4j is used globally by computers running online services, which meant it impacted a multitude of people, organisations, and government organisations. Since then, multiple fixes have been implemented in the hope to avoid such an outbreak in the future.

read more

Do you have a question?

Our experts have the answers

Contact us