This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our PRIVACY POLICY for more information on the cookies we use and how to delete or block them.

Study of State of Cybersecurity Industry Exposure at Dark Web by Partner of BDO in Ukraine

10 September 2020

The Partnership Agreement between BDO in Ukraine and the Swiss-American company ImmuniWeb was signed in March this year. Joint projects in the Eastern Europe and Central Asia have already been implemented.

Recently ImmuniWeb presented the results of its preliminary study of the global cybersecurity industry; the findings were startling.

97% of the leading cybersecurity companies had their data exposed on the Dark Web in 2020. There were over 160,000 major or critical incidents that may jeopardize their clients.


ImmuniWeb research is aimed to help better understand emerging risks and modern threat landscape, in both qualitative and quantitative terms, and to help cybersecurity companies better prioritize and mitigate emerging cyber risks.


The key findings about the leading global cybersecurity companies are as follows:

97% of companies have data leaks and are exposed to security incidents on the Dark Web

  • 631,512 security incidents were identified whereof 160,529 are of a high or critical risk
  • 29% of stolen passwords are weak; employees from 161 company reuse their passwords
  • 63% of the cybersecurity companies’ websites do not comply with PCI DSS requirements
  • 48% of the cybersecurity companies’ websites do not comply with GDPR requirements
  • 91 companies have exploitable website security vulnerabilities; 26% of vulnerabilities are still unfixed


ImmuniWeb research

In total, 1,319 cybersecurity companies and organizations were collected. Then all entities that could not be classified as a cybersecurity company were removed (for example, organizations like NIST or global companies like Panasonic, which is insignificantly involved in the cybersecurity business). Also, all companies with an Alexa Rank above 500,000 were removed to ensure that only large enough companies remain in the research.

Finally, there were 398 cybersecurity companies headquartered in 26 countries. Most of them are the US and Europe’s companies.


For the purpose of this research, the concepts of Dark Web, Deep Web and Surface Web were unified and jointly referred as Dark Web. To search for and identify security incidents available on the Dark Web, specialists of ImmuniWeb leveraged the special test based on proprietary OSINT technology enhanced with Machine Learning, which was applied to 398 cybersecurity companies from the sorted list.

Here is a non-exhaustive list of various resources whereon data about the incidents were gathered:

  • Hacking Forums
  • Cryptomarkets
  • IRC and Telegram Channels
  • Public Repositories
  • WhatsApp Groups
  • Social Networks


The total number of discovered incidents in the Dark Web for the 398 cybersecurity companies is 1,658,907, of which 38% (631,512) are verified incidents.

The total number of discovered incidents in the Dark Web for the 398 cybersecurity companies is 1,658,907, of which 38% (631,512) are verified incidents.

The diagram below illustrates the allocation of incidents by the estimated risk level. Among the verified incidents, almost 17% (109,019) are estimated as critical risk, 8% - high risk (51,510), 49% are estimated as medium risk (311,521) and 25% are low risk incidents (159,462).


Startling statistics of the research

  • 631,512 records contain sensitive information such as plaintext credentials or PII, including financial or similar data. As such, on average, there are 1,586 stolen credentials and other sensitive data exposed per each cybersecurity company.
  • For the incident types described above, the strength of leaked passwords was analyzed. 29% of the passwords were weak (i.e. containing less than 8 characters, no uppercase, no numbers and no special characters):
  • In 162 out of 398 companies, their employees reused identical passwords on different breached systems. This increases the risk of password reuse attacks by cybercriminals.


Ilia N. Kolochenko, ImmuniWeb Chief Architect and Founder, notes: “The modern threat landscape has become a highly sophisticated, multidimensional and convoluted challenge for all industries. Human risk, IT outsourcing and reliance on third parties for data processing - gradually exacerbate the situation and complicate continuous security monitoring”.

See complete and detailed information on ImmuniWeb research results here.

If you are looking for a reliable data protection partner, BDO specialists are always ready to help you. Find more information in the section Cybersecurity on our website.