- The 2021 Synack Trust Report relies on data from thousands of security tests 
to reveal new insights into how organizations are prepared to fight ransomware 
and other digital threats.

Government and Healthcare sectors are the most secure against the punishing 
barrage of cyberattacks such as ransomware and supply chain compromises that a 
growing number of organizations suffered over the past year, according to the 
2021 Synack Trust Report [ 
https://c212.net/c/link/?t=0&l=en&o=3196020-1&h=3639690903&u=https%3A%2F%2Fwww.synack.com%2Ftrust-report%2F&a=2021+Synack+Trust+Report 
]. 

Photo - https://mma.prnewswire.com/media/1532944/Synack_New_Trust_Report.jpg
Photo - https://mma.prnewswire.com/media/1532945/social_Trust2021_ARSRatings.jpg
Logo - https://mma.prnewswire.com/media/838158/Synack_Logo.jpg 

In its fourth year, this global report has become a critical benchmark for 
CISOs and security leaders across all sectors. Based on thousands of security 
tests carried out by the world's most skilled ethical hackers from July 2020 
through April 2021, it measures security preparedness and the depth of 
cybersecurity defenses across organizations.

Synack's Attacker Resistance Score (ARS)™ Rating, which draws information from 
tests conducted on Synack's Premier Crowdsourced Platform for On-Demand 
Security Expertise, provides the foundation for the annual Trust Report [ 
https://c212.net/c/link/?t=0&l=en&o=3196020-1&h=502965669&u=https%3A%2F%2Fwww.synack.com%2Ftrust-report%2F&a=Trust+Report 
]. The higher the ARS, the more hardened assets are against attacks.

"Building trust across our customers, employees, and our team is core to my 
role as GDIT CISO," said Michael Baker, Chief Information Security Officer for 
General Dynamics Information Technology. "Measuring risk and carefully choosing 
the right capabilities with the right business partners who understand today's 
threat landscape helps me achieve those three key objectives that define 
success for myself as the GDIT CISO."

Some sectors that cyber criminals target such as Manufacturing and Critical 
Infrastructure have shown improvements and recovered from an ARS drop in 2020, 
gaining 5 points in 2021. But with an overall rating of 50, some organizations 
in this sector may continue to face challenges, especially as U.S. officials 
have characterized today's cybersecurity risks as a "national security threat."

"We're facing a global cybersecurity crisis. Some organizations are doing the 
right thing, creating effective defensive strategies and being proactive. 
Others are simply checking boxes. Today's threat requires an aggressive and 
assertive approach," said Jay Kaplan, CEO and Co-Founder of Synack. "The Trust 
Report and the ARS are vital tools for understanding the gaps in any 
organization's security plan."

Over the past year, 16% of vulnerabilities found by the Synack Red Team (SRT), 
Synack's global community of highly skilled and vetted security researchers, 
were considered critical. Beyond that, the SRT saw a 14% increase over the past 
two years in authorization and permission vulnerabilities, which can give 
attackers access to sensitive networks.

In light of the cyber threat for Critical Infrastructure, and the need for the 
sector to take swift action to harden its defences, some organizations are 
setting the standard for others to follow. Organizations such as energy giant 
bp (LSE:BP) have become industry leaders when it comes to security innovation.

"Testing—when it comes to security, safety, and resilience—makes all the 
difference in the world," wrote Ritesh Patel, Security Principal at bp, in the 
foreword to the 2021 Synack Trust Report [ 
https://c212.net/c/link/?t=0&l=en&o=3196020-1&h=3639690903&u=https%3A%2F%2Fwww.synack.com%2Ftrust-report%2F&a=2021+Synack+Trust+Report 
]. "Measurements such as the Attacker Resistance Score (ARS) keep us honest and 
informed. The ARS lets us constantly assess our performance and compare how 
we're doing across sectors. It's a strong indicator that bp is performing above 
industry average, which sends a clear and powerful message within the 
organization that security—and trust—are essential in everything we do at bp."

Other Key 2021 Trust Report findings:

Most industries improved their ARS in 2021

Across all industries, scores recovered from previous declines, and in 2021, 
all but two sectors improved their average ARS.

Attackers need less Time to find vulnerabilities

On average, pentesters needed only 18 hours to find a vulnerability in targeted 
applications, down from 21 hours in 2020.

Financial Services remains under assault

The Financial Services sector historically has been a top target of 
cybercriminals. At the beginning of the pandemic, the sector suffered a drop of 
6 points, from an ARS of 62 in early 2020, but began to recover by 2021.

Visit https://www.synack.com/trustreport to download the report for free and 
learn how the most trusted brands in the world measure their risk.

About Synack:

Synack is the premier crowdsourced platform for on-demand security expertise. 
The Synack platform delivers 24/7 penetration testing, vulnerability 
management, and vulnerability assessment from a global network of trusted 
researchers, enabled by smart technology, to accelerate global organizations' 
critical cybersecurity missions. Headquartered in Silicon Valley with regional 
teams around the world, Synack protects leading global banks, federal agencies, 
DoD classified assets, and more than $6 trillion in Fortune 500 and Global 2000 
revenue. A 4-time CNBC Disruptor 50 company, Synack was founded in 2013 by 
former NSA security experts Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO.

For more information, please visit https://www.synack.com. 

SOURCE  Synack

CONTACT: Mike Farrell, mfarrell@synack.com