Organizations may reduce the risk of cybersecurity incidents by eliminating unlicensed software on their networks

WASHINGTON, DC — FEBRUARY 18, 2015 —

A new report commissioned by BSA | The Software Alliance confirms the link between unlicensed software and malware on PCs. The analysis, conducted by global research firm IDC, finds that the higher the unlicensed PC software rate in a country, the more malware generally encountered on PCs in that country. The implication for governments, enterprises and end users is clear: eliminating unlicensed software on their networks could help reduce the risk of cybersecurity incidents.

“Malware infections can cause significant harm, and organizations are struggling with how best to protect themselves,” said Jodie Kelley, Senior Vice President and General Counsel at BSA. “This analysis shows that the link between unlicensed software use and malware is real, meaning good software management is a critical first step to reducing cybersecurity risks.”

The statistical analysis compared rates of unlicensed software installed on PCs in 81 countries[1], with a measure of malware encounters on PCs tracked by BSA member company, Microsoft[2]. It finds there is a strong positive correlation (r=0.79) between rates of unlicensed software and malware incidents. Further analysis indicates that the rate of unlicensed software in a country is a strong predictor of malware encounters in that country. 

The report builds on BSA’s flagship study examining global rates of unlicensed software use around the world. In 2014, the BSA Global Software Survey reported that 43 percent of the software installed on PCs around the world was unlicensed. It also found that the chief reason computer users around the world cite for not using unlicensed software is avoiding security threats from malware. Among the risks associated with unlicensed software, 64 percent of users globally cited unauthorized access by hackers as a top concern and 59 percent cited loss of data.

BSA encourages organizations to implement internal controls, such as ISO-aligned software asset management (SAM) practices, in order to reduce their exposure to cyber threats by ensuring all software installed on their systems is fully licensed. 

A full copy of the report, Unlicensed Software and Cybersecurity Threats, can be downloaded from BSA’s website at bsa.org/malware.

[1] BSA Global Software Survey, June 2014[2] Microsoft Security Intelligence Report, May 2014