Malware Threats from Unlicensed Software: Real or Imagined?

posted by in Compliance and Enforcement, Cybersecurity February 18, 2015
Feb 18

It has long been assumed that there is a connection between unlicensed software and cyber security threats. In fact, BSA’s most recent Global Software Survey found that computer users cite exposure to cybersecurity threats from malware as the chief reason not to use unlicensed software.

Malware_ThreatsTo test whether this relationship is indeed real or imagined, BSA commissioned a new analysis from global research firm IDC comparing rates of unlicensed software installed on PCs with a measure of malware incidents on PCs across 81 countries. The results show there is a strong positive correlation between unlicensed software and malware encounters – the higher the unlicensed software rate in a country, the more malware generally encountered on PCs in that country, and vice versa. In statistical terms, the correlation between unlicensed software and malware (r=0.79) is on par with that of a low carb diet and weight loss (r=0.79); and even higher than the correlation between smoking and lung cancer (r=0.72) and education and income (r=0.75).

There is good reason for organizations to put protection from malware at the top of their risk agenda.  The problem is pervasive and costly.  Every three minutes the average organization experiences a malware event and much of that malware can cause serious issues.  Indeed, 43 percent of companies experienced a data breach during the past year.  And the costs associated with such breaches can be astronomical. IDC estimates that enterprises will have spent $491 billion in 2014 as a result of malware associated with counterfeit and unlicensed software.

It is clear why business leaders are looking to manage these organizational risks and mitigate their exposure.

Given the clear link between cybersecurity threats and unlicensed software, one of the simplest ways for enterprises and governments to better safeguard their organizations is to ensure that the software they are running is genuine and fully licensed. Good software management is a threshold step, and it’s an absolutely critical one.

Internal compliance controls, such as software asset management, can reduce exposure to cyber threats by helping organizations understand what software they have on their networks, verify that it is genuine, and confirm that they are in compliance with their software license obligations.

The link between unlicensed software and malware is real. Ensuring the software installed on your systems is licensed and comes from a legitimate source is a good first line of defense. By practicing good software asset management, you are taking the first few, threshold steps toward securing and protecting your systems.

Leave a Reply