Unauthorized software poses a hidden malware risk that businesses should take seriously
In the digital age, businesses are facing a growing threat from cybercrime. A new study commissioned by BSA The Software Alliance reveals a concerning connection between unlicensed software and cybersecurity threats.
According to Jodie Kelley, General Counsel and Senior Vice President of BSA, The Software Alliance, only 35% of companies have written policies requiring the use of properly licensed software. This alarming statistic indicates that many businesses are failing to take the basic and critical first step of verifying the genuineness and full licensing of their software.
The importance of implementing internal controls for legal use of technology, including software, has become so critical that the Committee of Sponsoring Organizations of the Treadway Commission (COSO) now recommends it in its revised Internal Control - Integrated Framework.
The correlation between the use of unlicensed software and malware is higher than the correlations between education and income, or that between smoking and lung cancer. In fact, the average organization experiences a malware event every three minutes, and in the past year, 43% of companies experienced a data breach. These events can result in astronomical costs. Enterprises spent $491 billion in 2014 as a result of malware associated with counterfeit and unlicensed software.
Microsoft commissioned IDC to study the connection between the use of unlicensed software and cybersecurity risks in 2014. The study confirmed the connection, highlighting the need for businesses to take action. A threshold step to mitigating risk is gaining an understanding of your own network and the authenticity of the software used.
Assessing what is in your network and eliminating unlicensed software could help reduce the risk of cybersecurity incidents. CEOs are encouraged to start implementing best practices to mitigate security risks and avoid becoming a news headline. The world class standard for Software Asset Management is ISO/IEC 19770-1:2012.
For more information on additional steps, visit BSA's website. It's crucial for businesses to take the threat of cybercrime seriously and take action to protect themselves and their customers.
