"Enterprise Web sites typically have relatively tight control over their own software development lifecycle (SDLC) and security practices," the report says. "However, they very often rely on third-party partners to provide content, advertisements, or software applications that power the enterprise’s Web sites."
These partners often lack enterprise-level controls, Dasient's report observes, which makes their systems and software are more susceptible to attack and infection.
Such content presents higher risk than is necessary.
The problem, Dasient argues, is that these vulnerabilities are often structural, and are thus not easily remedied. A news Web site, for example, can't simply decide to forego advertising because some ads carry malware.
Certainly, Web page infections are a problem. A new Web page gets infected every 1.3 seconds, according to Dasient, which says that the number of malware-infected Web pages has grown by a factor of 12 in four years.
Related research from Websense last year indicates that 77% of Web sites with malicious code are legitimate sites that have been compromised.
Dasient's answer is its Malware Monitoring system. But more than products or services, companies need to demand security from their partners, if they want to protect their reputation and their brand.
Black Hat and InformationWeek are both properties of TechWeb.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
2017 State of IT ReportIn today's technology-driven world, "innovation" has become a basic expectation. IT leaders are tasked with making technical magic, improving customer experience, and boosting the bottom line -- yet often without any increase to the IT budget. How are organizations striking the balance between new initiatives and cost control? Download our report to learn about the biggest challenges and how savvy IT executives are overcoming them.