The Challenge of Preventing Browser-Borne Malware

Size: px
Start display at page:

Download "The Challenge of Preventing Browser-Borne Malware"

Transcription

1 The Challenge of Preventing Browser-Borne Malware Sponsored by Spikes Security Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report

2 Part 1. Introduction The Challenge of Preventing Browser-Borne Malware Ponemon Institute, February 2015 We are pleased to present the findings of The Challenge of Preventing Browser-Borne Malware study sponsored by Spikes Security. The purpose of this research is to focus on how organizations can improve their ability to defend against web-borne malware. In this study, we define web-borne malware as malware that attacks and infiltrates a user s insecure browser. The recent JPMorgan Chase data breach that affected 76 million households and 7 million small businesses is an example of hackers targeting an employee s web habits. We surveyed 645 IT and IT security practitioners who are familiar and involved in their company s efforts to detect and contain malware. Survey participants were from U.S. businesses with an average of more than 14,000 employees. All of the organizations represented in this research have built a multilayer defense-in-depth architecture in an effort to prevent these types of attacks. Despite having such technologies in place, over the past 12 months, these organizations experienced an average of 51 security breaches because of a failure in malware detection technology. The findings also reveal the average cost to respond to and remediate just one security breach because of a failure in malware detection technology is approximately $62,000. This means organizations could have spent an average of $3.2 million to remediate a security breach caused by web-borne malware. Following are the key takeaways from this research: The threat of web-borne malware is growing. Almost all respondents agree that their existing security tools are not capable of completely detecting web-borne malware and the insecure web browser is a primary attack vector. Further, the findings are evidence of the need for a more effective solution to stop web-borne malware. A barrier to the detection and containment of malware is a lack of resources. Seventyseven percent of respondents say it is certain or very likely their organizations have been infected by web-borne malware that was undetected. Users insecure web browsers cause the majority of total malware infections. The web browser is a common attack vector that can severely impact their organization s security posture. On average, a user s insecure web browser is the cause of 55 percent of the total malware infections. Sandboxes and content analysis engines help, but do not solve the problem. Some 38 percent of respondents say web-borne malware was still able to bypass this solution. What would organizations pay to stop malware? According to the findings, organizations would allocate an average of 33 percent of their total security budget to stop web-borne attacks by 50 percent. To stop all attacks (100 percent), they would allocate an average of 50 percent of the budget. Dependency on traditional detection methods deters organizations from adopting new solutions. Sixty-five percent of respondents say overcoming psychological dependency upon traditional detection methods would be a main barrier to adopting a browser isolation technique that rendered traditional web-borne malware detection and containment methods obsolete and unnecessary. Ponemon Institute Research Report Page 1

3 Part 2. Key findings In this section we provide an analysis of the key findings. We have organized the results of the research according to the following themes: The challenge with detection and containment of web-borne malware The cost of not detecting and containing web-borne malware The threat of web-borne malware is growing. Figure 1 reveals the challenges organizations face in dealing with web-borne malware. Almost all respondents agree that their existing security tools are not capable of completely detecting web-borne malware and the insecure web browser is a primary attack vector. Further, the findings are evidence of the need for a more effective solution to stop web-borne malware. Figure 1. Reasons why detection and containment of web-borne malware is a challenge Strongly agree and agree responses Even with my organization s security tools, webborne malware can be completely undetectable 81% The insecure web browser is a primary attack vector 81% Traditional detection-based technologies are becoming ineffective in stopping these attacks 74% Browser-borne malware is a more significant threat today than 12 months ago 69% Web-borne malware is more serious that other types of malware infections 63% Commercial browsers such as Chrome, Explorer, Firefox, Safari, and others contain effective security tools for blocking web-borne malware 31% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Ponemon Institute Research Report Page 2

4 A barrier to the detection and containment of malware is a lack of resources. As shown in Figure 2, 77 percent of respondents say it is certain or very likely their organizations have been infected by web-borne malware that was undetected. Figure 2. How likely is it that your organization is or has been infected by web-borne malware without being detected? 60% 53% 50% 40% 30% 24% 20% 10% 0% Figure 3 reveals the main reasons respondents self reported that they are not fully capable of detecting and containing web-borne malware. According to 51 percent of respondents, they are not receiving the resources or budget they need to effectively detect and contain this threat and 49 percent of respondents say defending against web-borne malware is not a security priority. As a result, the majority of respondents (52 percent) rate their ability to detect and contain web-borne malware as very weak or weak. Figure 3. Main reasons organizations can not fully detect and contain web-borne malware More than one response permitted 12% Certain Very likely Likely Not likely No chance 9% 2% Lack of resources or budget 51% Not considered a security-related priority 49% Do not have ample expert personnel 35% Lack of enabling technologies 33% Other 5% 0% 10% 20% 30% 40% 50% 60% Ponemon Institute Research Report Page 3

5 Users insecure web browsers cause the majority of total malware infections. The web browser is a common attack vector that can severely impact their organization s security posture. On average, a user s insecure web browser is the cause of 55 percent of the total malware infections, as shown in Figure 4. Figure 4. What percent of total malware did a user s insecure web browser cause in the past 12 months? Extrapolated value = 55 percent 30% 25% 26% 24% 20% 18% 15% 10% 12% 15% 5% 5% 0% Less than 10% 10 to 25% 26 to 50% 51 to 75% 76 to 100% Don t know Ponemon Institute Research Report Page 4

6 Sandboxes and content analysis engines help, but do not solve the problem. Some 38 percent of respondents say web-borne malware was still able to bypass this solution, shown in Figure 5. In contrast, 50 percent say the web-borne malware was able to bypass their organization s layered firewall defense. Forty-six percent say the organization s anti-virus solution was not a deterrent and 41 percent say web-borne malware was able to bypass intrusion detection systems. This suggests an effective solution is still required to ensure that no browser-borne malware is able to penetrate the network, breach desktop browsers or gain access to sensitive internal resources. Figure 5. How frequently did web-borne malware bypass organizations technologies? Yes, frequently and yes, not frequently responses combined Layered firewall defenses 50% Anti-virus (AV) solutions 46% Intrusion detection systems (IDS) 41% Sandbox/content analysis engine 38% 0% 10% 20% 30% 40% 50% 60% Ponemon Institute Research Report Page 5

7 The cost of not detecting and containing web-borne malware Web-borne malware is a multi-million dollar problem. Organizations in this study experienced an average of 51 security breaches because of a failure in their malware detection technology as shown in Figure 6. The findings reveal the average cost to respond to and remediate just one security breach because of a failure in malware detection technology is approximately $62,000. This means organizations could have spent $3.2 million on dealing with a security breach caused by web-borne malware. Figure 6. In the past 12 months, how many security breaches did your organization experience due to a failure in malware detection technology? Extrapolated value = 51 25% 23% 20% 15% 10% 15% 12% 10% 16% 9% 11% 5% 4% 0% None Less than 5 5 to to to to to to 500 Ponemon Institute Research Report Page 6

8 Respondents are aware that attacks involving the web browser can have a severe impact on their organization s security posture. Applications are considered the attack vector that has the greatest impact on the security posture, however web browsers are a close second (tied with mobile devices & platforms), as shown in Figure 7. In terms of budget, mobile devices & platforms are receiving the most funding, followed by applications and then the web browser. Figure 7. Seven attack vectors that can affect security posture and the budget allocated to each vector Sum of risk allocation = 100 points Applications Mobile devices & platforms Web browser Malicious insiders Operating systems Servers & routers Storage & backup Allocated security risk Allocated security budget What would organizations pay to stop malware? According to Figure 8, organizations would allocate an average of 33 percent of their total security budget to stop web-borne attacks by 50 percent. To stop all attacks (100 percent), they would allocate an average of 50 percent of the budget. The average annual IT security budget is approximately $7.8 million and 39 percent of the budget is spent on defense-and-depth security tools such as web gateways, IPS, and antivirus. Figure 8. What organizations would pay to stop malware? 80% 70% 60% 50% 40% 30% 20% 10% 0% 2% 8% 0% 0% 18% 15% 15% 3% 3% 5% 29% 21% 1 to 5% 6 to 10% 11 to 20% 21 to 30% 31 to 40% 41 to 50% More than 50% 13% 68% Stop web-borne malware infections by 50 percent Stop web-borne malware infections by 100 percent Ponemon Institute Research Report Page 7

9 Dependency on traditional detection methods deters organizations from adopting new solutions. According to Figure 9, 65 percent of respondents say overcoming psychological dependency upon traditional detection methods would be a main barrier to adopting a browser isolation technique that rendered traditional web-borne malware detection and containment methods obsolete and unnecessary. This is followed by concerns over diminished user productivity (50 percent), system performance issues (44 percent) or complexity and difficulty to operate (41 percent). Figure 9. Barriers to adopting a browser isolation technique that makes traditional webborne malware detection and containment methods obsolete and unnecessary More than one response permitted Overcoming psychological dependency upon traditional detection methods 65% Diminished user productivity 50% System performance issues Too complex and/or difficult to operate 41% 44% Too costly 33% Insufficient scalability 16% Other 2% 0% 10% 20% 30% 40% 50% 60% 70% Ponemon Institute Research Report Page 8

10 Part 3. Methods A sampling frame composed of 18,330 IT and IT security practitioners located in the United States and familiar and involved in their company s efforts to detect and contain malware were selected for participation in this survey. As shown in the Table 1, 701 respondents completed the survey. Screening removed 56 surveys. The final sample was 645 surveys (or a 3.5 percent response rate). Table 1. Sample response Freq Total sampling frame 18, % Total returns % Rejected and screened surveys % Final sample % Pie chart 1 reports the current position or organizational level of respondents. By design, 55 percent of respondents reported their current position is at or above the supervisory level. Pie Chart 1. Current position or organizational level 5% 2% 2% 1% 16% 38% 20% Senior Executive Vice President Director Manager Supervisor Technician Staff Contractor 16% According to Pie Chart 2, more than half of the respondents (56 percent) report to the chief information officer. Another 21 percent responded they report to the chief information security officer. Pie Chart 2. Primary Person respondent or IT security leader reports to 8% 3% 2% 1% Chief Information Officer (CIO) 9% Chief Information Security Officer (CISO) Chief Risk Officer (CRO) 56% Compliance Officer Chief Security Officer (CSO) 21% Chief Financial Officer (CFO) General Counsel Ponemon Institute Research Report Page 9

11 Pie Chart 3 reports that 30 percent of respondents described their current role in IT security is security operations, 18 percent indicated security architecture and another 15 percent identified forensics as their current role. Pie Chart 3. Current role in IT security 5% 4% 9% 11% 8% 15% 18% 30% Security operations Security architecture Forensics Audit & compliance Network engineering Senior leadership (CISO) Security analytics Other Pie Chart 4 reports the primary industry classification of respondents organizations. This chart identifies financial services (18 percent) as the largest segment, followed by public sector (11 percent) and health and pharmaceuticals (10 percent). Pie Chart 4. Primary industry concentration 6% 7% 7% 2% 2% 2% 4% 3% 3% 8% 8% 9% 18% 10% 11% Financial services Public sector Health & pharmaceutical Retail Industrial Services Consumer products Technology & Software Energy & utilities Communications Education & research Entertainment & media Hospitality Transportation Other Ponemon Institute Research Report Page 10

12 According to Pie Chart 5, 46 percent of the respondents are from organizations with a global headcount of over 1,000 employees. Pie Chart 5. Worldwide headcount of the organization Extrapolated value = 14,410 11% 7% 23% Less than 500 people 500 to 1,000 people 16% 1,001 to 5,000 people 5,001 to 25,000 people 21% 25,001 to 75,000 people More than 75,000 people 22% Part 4. Caveats There are inherent limitations to survey research that need to be carefully considered before drawing inferences from findings. The following items are specific limitations that are germane to most web-based surveys. Non-response bias: The current findings are based on a sample of survey returns. We sent surveys to a representative sample of individuals located in the United States, resulting in a large number of usable returned responses. Despite non-response tests, it is always possible that individuals who did not participate are substantially different in terms of underlying beliefs from those who completed the instrument. Sampling-frame bias: The accuracy is based on contact information and the degree to which the list is representative of individuals who are IT or IT security practitioners. We also acknowledge that the results may be biased by external events such as media coverage. We also acknowledge bias caused by compensating subjects to complete this research within a holdout period. Self-reported results: The quality of survey research is based on the integrity of confidential responses received from subjects. While certain checks and balances can be incorporated into the survey process, there is always the possibility that a subject did not provide accurate response. Ponemon Institute Research Report Page 11

13 Appendix: Detailed Survey Results The following tables provide the percentage frequency of responses to all survey questions on a consolidated (global) basis across four regional clusters. All survey responses were captured in December Survey response Freq Total sampling frame % Total returns % Rejected or screened surveys % Final sample % Part 1. Screening questions S1. What best describes your level of involvement with the detection and containment of your organization s malware? Significant involvement 46% Some involvement 54% Nominal or no involvement (stop) 0% S2. Are you responsible for selecting, purchasing and/or using tools designed to stop browser-borne malware? Yes, full responsibility 34% Yes, some responsibility 66% No, not responsible (stop) 0% S3. Has your organization built a multilayer defense-in-depth architecture (i.e., secure web gateway, intrusion prevention, anti-virus, etc.)? Yes 100% No (stop) 0% Part 2. Attributions Q1. The insecure web browser is a primary attack vector. Strongly agree 40% Agree 41% Unsure 16% Disagree 3% Strongly disagree 0% Q2. Browser-borne malware is a more significant threat today than 12 months ago. Strongly agree 33% Agree 36% Unsure 21% Disagree 8% Strongly disagree 2% Ponemon Institute Research Report Page 12

14 Q3. Traditional detection-based technologies are becoming ineffective in stopping these attacks. Strongly agree 35% Agree 39% Unsure 19% Disagree 6% Strongly disagree 1% Q4. Web-borne malware is more serious than other types of malware infections Strongly agree 27% Agree 36% Unsure 15% Disagree 17% Strongly disagree 5% Q5. Commercial browsers such as Chrome, Explorer, Firefox, Safari, and others contain effective security tools for blocking web-borne malware. Strongly agree 13% Agree 18% Unsure 17% Disagree 39% Strongly disagree 13% Q6. Even with my organization s security tools, web-borne malware can be completely undetectable. Strongly agree 39% Agree 42% Unsure 10% Disagree 6% Strongly disagree 3% Part 3. General questions Q7. How likely is it that your organization is or has been infected by webborne malware without being detected? Certain 53% Very likely 24% Likely 12% Not likely 9% No chance 2% Q8a. Please rate your organization s ability to detect and contain webborne malware? Please use the following 10-point scale. 1 or 2 (weak) 17% 3 or 4 35% 5 or 6 15% 7 or 8 18% 9 or 10 (strong) 9% Total 94% Extrapolated value 4.5 Ponemon Institute Research Report Page 13

15 Q8b. If your rating is below 5, what are the main reasons why your organization is not fully capable of detecting and containing web-borne malware? Lack of resources or budget 51% Lack of enabling technologies 33% Do not have ample expert personnel 35% Not considered a security-related priority 49% Other (please specify) 5% Total 173% Q9. Over the past 12 months, what percent of your organization s total malware infections did a user s insecure web browser cause? Less than 10% 5% 10 to 25% 12% 26 to 50% 15% 51 to 75% 18% 76 to 100% 26% Don t know 24% Extrapolated value 55% Q10. Over the past 12 months, what percent of your organization s IT security funding was spent on the detection and containment of all malware? Less than 10% 21% 10 to 25% 23% 26 to 50% 20% 51 to 75% 7% 76 to 100% 5% Don't know 24% Extrapolated value 29% Q11. The following table contains 7 common attack vectors that can severely impact your organization s security posture. Please allocate the security risk inherent in each one of the 7 attack vectors as experienced Points by your organization. Note that the sum of your risk allocation must equal 100 points. Web browser 21 Operating systems 8 Applications 28 Servers & routers 6 Storage & backup 4 Malicious insiders 12 Mobile devices & platforms 21 Total points 100 Ponemon Institute Research Report Page 14

16 Q12. Please allocate the security budget or spending level for each one of the 7 attack vectors as experienced by your organization. Note that Points the sum of your allocation must equal 100 points. Web browser 17 Operating systems 12 Applications 18 Servers & routers 10 Storage & backup 8 Malicious insiders 15 Mobile devices & platforms 20 Total points 100 Q13. Has web-borne malware been able to bypass your organization s anti-virus (AV) solutions? Yes, frequently 13% Yes, not frequently 33% Yes, rarely 28% No 21% Unsure 5% Q14. Has web-borne malware been able to bypass your organization s intrusion detection systems (IDS)? Yes, frequently 11% Yes, not frequently 30% Yes, rarely 31% No 23% Unsure 5% Q15. Has web-borne malware been able to bypass your organization s layered firewall defenses? Yes, frequently 20% Yes, not frequently 30% Yes, rarely 19% No 27% Unsure 4% Q16. Has web-borne malware been able to bypass your organization s sandbox/content analysis engine? Yes, frequently 9% Yes, not frequently 29% Yes, rarely 18% No 29% Unsure 15% Ponemon Institute Research Report Page 15

17 Q17. What dollar range best describes your organization s annual IT security budget? Less than $100,000 2% $100,000 to $500,000 5% $500,001 to $1,000,000 10% $1,000,001 to 2,500,000 19% $2,500,001 to $5,000,000 24% $5,000,001 to $10,000,000 19% $10,001,000 to $25,000,000 15% $25,000,001 to $50,000,000 5% Greater than $50,000,000 1% Extrapolated value 7,799,300 Q18. What percentage of your organization s annual IT security budget is dedicated to defense-and-depth security tools (such as web gateways, IPS, AV, etc.)? Less than 1% 0% 1 to 5% 0% 6 to 10% 4% 11 to 20% 5% 21 to 30% 8% 31 to 40% 33% 41 to 50% 35% More than 50% 15% Extrapolated value 39% Q19. What percentage of your organization s annual IT security budget is dedicated to incident response security tools (i.e., tools that identify and resolve security breaches)? Less than 1% 0% 1 to 5% 0% 6 to 10% 25% 11 to 20% 31% 21 to 30% 32% 31 to 40% 8% 41 to 50% 4% More than 50% 0% Extrapolated value 19% Part 4. Concept questions Q20. As a percentage of your organization s total security budget, how much would your company pay to stop web-borne malware infections by 50 percent? Less than 1% 0% 1 to 5% 2% 6 to 10% 8% 11 to 20% 18% 21 to 30% 15% 31 to 40% 15% 41 to 50% 29% More than 50% 13% Extrapolated value 33% Ponemon Institute Research Report Page 16

18 Q21. As a percentage of your organization s total security budget, how much would your company pay to stop web-borne malware infections by 100 percent? Less than 1% 0% 1 to 5% 0% 6 to 10% 0% 11 to 20% 3% 21 to 30% 3% 31 to 40% 5% 41 to 50% 21% More than 50% 68% Extrapolated value 50% Q22. Are you aware of any security product that ensures browser-borne malware is no longer able to penetrate your network, breach desktop browsers or gain access to sensitive internal resources? Yes 21% No, but I m interested in learning more about this solution 56% No 23% Q23. Are you aware of any security product that ensures malware associated with original web content stays isolated outside the network, without affecting users normal browsing experiences including access to audio, video, text, and graphics? Yes 20% No, but I m interested in learning more about this solution 55% No 25% Q24. If yes to Q18 and/or Q19, please provide the name(s) of the vendor(s) that provides this solution. [Contextual response requested] Q25. Assuming your organization was able to validate a browser isolation technique that rendered traditional Web-borne malware detection and containment methods obsolete and unnecessary. What would be the main barriers to product adoption? Please select all that apply. Too costly 33% Too complex and/or difficult to operate 41% Overcoming psychological dependency upon traditional detection methods 65% Insufficient scalability 16% Diminished user productivity 50% System performance issues 44% Other (please specify) 2% Total 251% Ponemon Institute Research Report Page 17

19 Q26. In your organization, who influences and/or decides what security technology to purchase? Top three choices CIO/CTO 71% CISO 70% COO CFO 30% Security architect 45% Security engineer 25% IT manager/director 26% Service provider /outside consultant 33% Total 300% Q27. Over the past 12 months, how many security breaches did your organization experience because of a failure in malware detection technology? Your best estimate is much appreciated. None 15% Less than 5 23% 5 to 10 12% 11 to 25 10% 26 to 50 16% 51 to 100 9% 101 to % 251 to 500 4% More than 500 0% Extrapolated value 50.6 Q28. What is the cost to respond to and remediate just one security breach because of a failure in malware detection technology? Please note that your cost estimate should consider direct cash outlays, direct labor expenditures, indirect labor costs and overhead costs. Less than $100 1% $100 to $500 5% $501 to $1,000 8% $1,001 to $2,500 12% $2,501 to $5,000 18% $5,001 to $10,000 20% $10,001 to $25,000 12% $25,001 to $50,000 7% $50,001 to $100,000 8% $100,001 to $500,000 5% $500,001 to 1,000,000 3% Greater than $1,000,000 1% Extrapolated value 61,686 Ponemon Institute Research Report Page 18

20 Part 5. Your role and organization D1. What organizational level best describes your current position? Senior Executive 2% Vice President 1% Director 16% Manager 20% Supervisor 16% Technician 38% Staff 5% Contractor 2% Other (please specify) 0% D2. Check the Primary Person you or your IT security leader reports to within the organization. CEO/Executive Committee 0% Chief Financial Officer (CFO) 2% General Counsel 1% Chief Information Officer (CIO) 56% Chief Information Security Officer (CISO) 21% Compliance Officer 8% Human Resources VP 0% Chief Security Officer (CSO) 3% Chief Risk Officer (CRO) 9% Other (please specify 0% D3. What best describes your role in IT security? Senior leadership (CISO) 8% Security architecture 18% Forensics 15% Audit & compliance 11% Network engineering 9% Security operations 30% Security analytics 5% Other (please specify) 4% Ponemon Institute Research Report Page 19

21 D4. What industry best describes your organization s primary industry concentration? Agriculture & food services 1% Communications 3% Consumer products 7% Defense & aerospace 1% Education & research 3% Energy & utilities 6% Entertainment & media 2% Financial services 18% Health & pharmaceutical 10% Hospitality 2% Industrial 8% Public sector 11% Retail 9% Services 8% Technology & Software 7% Transportation 2% Other (please specify) 2% D5. What is the worldwide headcount of your organization? Less than 500 people 23% 500 to 1,000 people 21% 1,001 to 5,000 people 22% 5,001 to 25,000 people 16% 25,001 to 75,000 people 11% More than 75,000 people 7% Extrapolated value 14,410 For more information about this study, please contact Ponemon Institute by sending an to or calling our toll free line at Ponemon Institute Advancing Responsible Information Management Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. Our mission is to conduct high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations. As a member of the Council of American Survey Research Organizations (CASRO), we uphold strict data confidentiality, privacy and ethical research standards. We do not collect any personally identifiable information from individuals (or company identifiable information in our business research). Furthermore, we have strict quality standards to ensure that subjects are not asked extraneous, irrelevant or improper questions. Ponemon Institute Research Report Page 20

The Cost of Malware Containment

The Cost of Malware Containment The Cost of Malware Containment Sponsored by Damballa Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report The Cost of Malware Containment Ponemon

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: March 2013 Ponemon Institute Research Report

More information

A Study of Retail Banks & DDoS Attacks

A Study of Retail Banks & DDoS Attacks A Study of Retail Banks & DDoS Attacks Sponsored by Corero Network Security Independently conducted by Ponemon Institute LLC Publication Date: December 2012 Ponemon Institute Research Report A Study of

More information

The Importance of Cyber Threat Intelligence to a Strong Security Posture

The Importance of Cyber Threat Intelligence to a Strong Security Posture The Importance of Cyber Threat Intelligence to a Strong Security Posture Sponsored by Webroot Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report

More information

The State of Data Security Intelligence. Sponsored by Informatica. Independently conducted by Ponemon Institute LLC Publication Date: April 2015

The State of Data Security Intelligence. Sponsored by Informatica. Independently conducted by Ponemon Institute LLC Publication Date: April 2015 The State of Data Security Intelligence Sponsored by Informatica Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report The State of Data Security

More information

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution

Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report

More information

Is Your Company Ready for a Big Data Breach?

Is Your Company Ready for a Big Data Breach? Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication

More information

Data Breach: The Cloud Multiplier Effect

Data Breach: The Cloud Multiplier Effect Data Breach: The Cloud Multiplier Effect Sponsored by Netskope Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report Part 1. Introduction Data Breach:

More information

The Cost of Insecure Mobile Devices in the Workplace Sponsored by AT&T

The Cost of Insecure Mobile Devices in the Workplace Sponsored by AT&T The Cost of Insecure Mobile Devices in the Workplace! Sponsored by AT&T Independently conducted by Ponemon Institute LLC Publication Date: March 2014 Part 1. Introduction The Cost of Insecure Mobile Devices

More information

Reputation Impact of a Data Breach U.S. Study of Executives & Managers

Reputation Impact of a Data Breach U.S. Study of Executives & Managers Reputation Impact of a Data Breach U.S. Study of Executives & Managers Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon

More information

Understaffed and at Risk: Today s IT Security Department. Sponsored by HP Enterprise Security

Understaffed and at Risk: Today s IT Security Department. Sponsored by HP Enterprise Security Understaffed and at Risk: Today s IT Security Department Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute Research

More information

Achieving Security in Workplace File Sharing. Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014

Achieving Security in Workplace File Sharing. Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Achieving Security in Workplace File Sharing Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Ponemon Institute Research Report Part 1. Introduction Achieving

More information

The Cost of Web Application Attacks

The Cost of Web Application Attacks The Cost of Web Application Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report Part 1. Introduction The

More information

Understanding Security Complexity in 21 st Century IT Environments:

Understanding Security Complexity in 21 st Century IT Environments: Understanding Security Complexity in 21 st Century IT Environments: A study of IT practitioners in the US, UK, France, Japan & Germany Sponsored by Check Point Software Technologies Independently conducted

More information

The SQL Injection Threat Study

The SQL Injection Threat Study The SQL Injection Threat Study Sponsored by DB Networks Independently conducted by Ponemon Institute LLC Publication Date: April 2014 1 The SQL Injection Threat Study Presented by Ponemon Institute, April

More information

Risk & Innovation in Cybersecurity Investments. Sponsored by Lockheed Martin

Risk & Innovation in Cybersecurity Investments. Sponsored by Lockheed Martin Risk & Innovation in Cybersecurity Investments Sponsored by Lockheed Martin Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report Part 1. Introduction

More information

The Unintentional Insider Risk in United States and German Organizations

The Unintentional Insider Risk in United States and German Organizations The Unintentional Insider Risk in United States and German Organizations Sponsored by Raytheon Websense Independently conducted by Ponemon Institute LLC Publication Date: July 2015 2 Part 1. Introduction

More information

Global Insights on Document Security

Global Insights on Document Security Global Insights on Document Security Sponsored by Adobe Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report Global Insights on Document Security

More information

The State of Mobile Application Insecurity

The State of Mobile Application Insecurity The State of Mobile Application Insecurity Sponsored by IBM Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report Part 1. Introduction The State

More information

Data Security in Development & Testing

Data Security in Development & Testing Data Security in Development & Testing Sponsored by Micro Focus Independently conducted by Ponemon Institute LLC Publication Date: July 31, 2009 Ponemon Institute Research Report Data Security in Development

More information

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013

More information

Exposing the Cybersecurity Cracks: A Global Perspective

Exposing the Cybersecurity Cracks: A Global Perspective Exposing the Cybersecurity Cracks: A Global Perspective Part I: Deficient, Disconnected & in the Dark Sponsored by Websense, Inc. Independently conducted by Ponemon Institute LLC Publication Date: April

More information

APPLICATION SECURITY IN THE CHANGING RISK LANDSCAPE

APPLICATION SECURITY IN THE CHANGING RISK LANDSCAPE APPLICATION SECURITY IN THE CHANGING RISK LANDSCAPE INDEPENDENTLY CONDUCTED BY PONEMON INSTITUTE LLC, JULY 2016 Part 1. Introduction Ponemon Institute is pleased to present the results of Application Security

More information

What You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage

What You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage What You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage Sponsored by ObserveIT Independently conducted by Ponemon Institute LLC June 2015 Ponemon Institute Research Report

More information

Electronic Health Information at Risk: A Study of IT Practitioners

Electronic Health Information at Risk: A Study of IT Practitioners Electronic Health Information at Risk: A Study of IT Practitioners Sponsored by LogLogic Conducted by Ponemon Institute LLC October 15, 2009 Ponemon Institute Research Report Executive summary Electronic

More information

The Security Impact of Mobile Device Use by Employees

The Security Impact of Mobile Device Use by Employees The Security Impact of Mobile Device Use by Employees Sponsored by Accellion Independently conducted by Ponemon Institute LLC Publication Date: December 2014 Ponemon Institute Research Report The Security

More information

Security of Paper Records & Document Shredding. Sponsored by Cintas. Independently conducted by Ponemon Institute LLC Publication Date: January 2014

Security of Paper Records & Document Shredding. Sponsored by Cintas. Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Security of Paper Records & Document Shredding Sponsored by Cintas Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Ponemon Institute Research Report Part 1. Introduction

More information

The Impact of Cybercrime on Business

The Impact of Cybercrime on Business The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted

More information

2012 Application Security Gap Study: A Survey of IT Security & Developers

2012 Application Security Gap Study: A Survey of IT Security & Developers 2012 Application Gap Study: A Survey of IT & s Research sponsored by Innovation Independently Conducted by Ponemon Institute LLC March 2012 1 2012 Application Gap Study: A Survey of IT & s March 2012 Part

More information

The Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners

The Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners The Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners Sponsored by Vormetric Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon Institute

More information

Cyber Threat Intelligence: Has to Be a Better Way

Cyber Threat Intelligence: Has to Be a Better Way Exchanging Cyber Threat Intelligence: There Has to Be a Better Way Sponsored by IID Independently conducted by Ponemon Institute LLC Publication Date: April 2014 Ponemon Institute Research Report Exchanging

More information

Security Metrics to Manage Change: Which Matter, Which Can Be Measured?

Security Metrics to Manage Change: Which Matter, Which Can Be Measured? Security Metrics to Manage Change: Which Matter, Which Can Be Measured? Sponsored by FireMon Independently conducted by Ponemon Institute LLC Publication Date: April 2014 2 Security Metrics to Manage Change:

More information

2014: A Year of Mega Breaches

2014: A Year of Mega Breaches 2014: A Year of Mega Breaches Sponsored by Identity Finder Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report Part 1. Introduction 2014: A

More information

Perceptions About Network Security Survey of IT & IT security practitioners in the U.S.

Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2011 Ponemon

More information

The SQL Injection Threat & Recent Retail Breaches

The SQL Injection Threat & Recent Retail Breaches The SQL Injection Threat & Recent Retail Breaches Sponsored by DB Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2014 1 Part 1. Introduction The SQL Injection Threat &

More information

Cyber Security on the Offense: A Study of IT Security Experts

Cyber Security on the Offense: A Study of IT Security Experts Cyber Security on the Offense: A Study of IT Security Experts Co-authored with Radware Independently conducted by Ponemon Institute LLC Publication Date: November 2012 Ponemon Institute Research Report

More information

2015 Global Study on IT Security Spending & Investments

2015 Global Study on IT Security Spending & Investments 2015 Study on IT Security Spending & Investments Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Sponsored by Part 1. Introduction Security risks are pervasive and becoming

More information

Efficacy of Emerging Network Security Technologies

Efficacy of Emerging Network Security Technologies Efficacy of Emerging Network Security Technologies Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Part

More information

Privacy and Security in a Connected Life: A Study of US Consumers

Privacy and Security in a Connected Life: A Study of US Consumers Privacy and Security in a Connected Life: A Study of US Consumers Sponsored by Trend Micro Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report

More information

Perceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA)

Perceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA) Perceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA) Sponsored by Property Casualty Insurers Association of America Independently conducted by Ponemon Institute LLC Publication

More information

Advanced Threats in Retail Companies: A Study of North America & EMEA

Advanced Threats in Retail Companies: A Study of North America & EMEA Advanced Threats in Companies: A Study of North America & EMEA Sponsored by Arbor Networks Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report

More information

Aftermath of a Data Breach Study

Aftermath of a Data Breach Study Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath

More information

Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations

Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations Sponsored by AccessData Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute

More information

National Survey on Data Center Outages

National Survey on Data Center Outages National Survey on Data Center Outages Independently conducted by Ponemon Institute LLC Publication Date: 30 September 2010 Part 1. Executive Summary National Survey on Data Center Outages Ponemon Institute,

More information

Data Security in the Evolving Payments Ecosystem

Data Security in the Evolving Payments Ecosystem Data Security in the Evolving Payments Ecosystem Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report

More information

Third Annual Study: Is Your Company Ready for a Big Data Breach?

Third Annual Study: Is Your Company Ready for a Big Data Breach? Third Annual Study: Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute

More information

Exposing the Cybersecurity Cracks: A Global Perspective

Exposing the Cybersecurity Cracks: A Global Perspective Exposing the Cybersecurity Cracks: A Global Perspective Part 2: Roadblocks, Refresh and Raising the Human Security IQ Sponsored by Websense Independently conducted by Ponemon Institute LLC Publication

More information

The Fraud Report: How Fake Users Are Impacting Business

The Fraud Report: How Fake Users Are Impacting Business The Fraud Report: How Fake Users Are Impacting Business Sponsored by TeleSign Independently conducted by Ponemon Institute LLC Publication Date: November 2015 Ponemon Institute Research Report The Fraud

More information

The State of Data Centric Security

The State of Data Centric Security The State of Data Centric Security Sponsored by Informatica Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report State of Data Centric Security

More information

How Much Is the Data on Your Mobile Device Worth?

How Much Is the Data on Your Mobile Device Worth? How Much Is the Data on Your Mobile Device Worth? Sponsored by Lookout Independently conducted by Ponemon Institute LLC Publication Date: January 2016 Ponemon Institute Research Report Part 1. Introduction

More information

The Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations

The Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations The Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations Independently conducted by Ponemon Institute LLC Publication Date: 30 September 2010 Ponemon Institute Research Report Part

More information

Security of Cloud Computing Users Study

Security of Cloud Computing Users Study Security of Cloud Computing Users Study Sponsored by CA Technologies Independently conducted by Ponemon Institute, LLC Publication Date: March 2013 Security of Cloud Computing Users Study March 2013 Part

More information

The Importance of Senior Executive Involvement in Breach Response

The Importance of Senior Executive Involvement in Breach Response The Importance of Senior Executive Involvement in Breach Response Sponsored by HP Enterprise Security Services Independently conducted by Ponemon Institute LLC Publication Date: October 2014 The Importance

More information

Cloud Security: Getting It Right

Cloud Security: Getting It Right Cloud Security: Getting It Right Sponsored by Armor Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute Research Report Cloud Security: Getting It Right Ponemon

More information

The State of USB Drive Security

The State of USB Drive Security The State of USB Drive Security U.S. survey of IT and IT security practitioners Sponsored by Kingston Independently conducted by Ponemon Institute LLC Publication Date: July 2011 Ponemon Institute Research

More information

2014 State of Endpoint Risk. Sponsored by Lumension. Independently conducted by Ponemon Institute LLC Publication Date: December 2013

2014 State of Endpoint Risk. Sponsored by Lumension. Independently conducted by Ponemon Institute LLC Publication Date: December 2013 2014 State of Endpoint Risk Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: December 2013 Ponemon Institute Research Report 2014 State of Endpoint Risk Ponemon

More information

Achieving Data Privacy in the Cloud

Achieving Data Privacy in the Cloud Achieving Data Privacy in the Cloud Study of Information Technology Privacy and Compliance of Small to Medium-Sized Organizations in germany Sponsored by microsoft Independently Conducted by Ponemon Institute

More information

The Imprivata Report on the Economic Impact of Inefficient Communications in Healthcare

The Imprivata Report on the Economic Impact of Inefficient Communications in Healthcare The Imprivata Report on the Economic Impact of Inefficient Communications in Healthcare Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report The

More information

Global Survey on Social Media Risks Survey of IT & IT Security Practitioners

Global Survey on Social Media Risks Survey of IT & IT Security Practitioners 0 Global Survey on Social Media Risks Survey of IT & IT Security Practitioners Sponsored by Websense Independently conducted by Ponemon Institute LLC Publication Date: September 2011 1 Global Survey on

More information

Defining the Gap: The Cybersecurity Governance Study

Defining the Gap: The Cybersecurity Governance Study Defining the Gap: The Cybersecurity Governance Study Sponsored by Fidelis Cybersecurity Independently conducted by Ponemon Institute LLC Publication Date: June 2015 Ponemon Institute Research Report Defining

More information

State of Web Application Security U.S. Survey of IT & IT security practitioners

State of Web Application Security U.S. Survey of IT & IT security practitioners State of Web Application Security U.S. Survey of IT & IT security practitioners Sponsored by Cenzic & Barracuda Networks Independently conducted by Ponemon Institute LLC Publication Date: March 2011 Ponemon

More information

Corporate Data: A Protected Asset or a Ticking Time Bomb?

Corporate Data: A Protected Asset or a Ticking Time Bomb? Corporate Data: A Protected Asset or a Ticking Time Bomb? Sponsored by Varonis Independently conducted by Ponemon Institute LLC Publication Date: December 2014 Ponemon Institute Research Report Corporate

More information

2013 State of the Endpoint

2013 State of the Endpoint 2013 State of the Endpoint Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: December 2012 Ponemon Institute Research Report 2013 State of the Endpoint Ponemon Institute:

More information

Compliance Cost Associated with the Storage of Unstructured Information

Compliance Cost Associated with the Storage of Unstructured Information Compliance Cost Associated with the Storage of Unstructured Information Sponsored by Novell Independently conducted by Ponemon Institute LLC Publication Date: May 2011 Ponemon Institute Research Report

More information

The 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season

The 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season The 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season Sponsored by RSA Security Independently conducted by Ponemon Institute, LLC Publication Date: October 2013 Ponemon

More information

Breaking Bad: The Risk of Insecure File Sharing

Breaking Bad: The Risk of Insecure File Sharing Breaking Bad: The Risk of Insecure File Sharing Sponsored by Intralinks Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research Report Breaking Bad: The

More information

The Role of Governance, Risk Management & Compliance in Organizations

The Role of Governance, Risk Management & Compliance in Organizations The Role of Governance, Risk Management & Compliance in Organizations Study of GRC practitioners Sponsored by RSA, The Security Division of EMC Independently conducted by Ponemon Institute LLC Publication

More information

Privileged User Abuse & The Insider Threat

Privileged User Abuse & The Insider Threat Privileged User Abuse & The Insider Threat Commissioned by Raytheon Company Independently conducted by Ponemon Institute LLC Publication Date: May 2014 1 Privileged User Abuse & The Insider Threat Ponemon

More information

Challenges of Cloud Information

Challenges of Cloud Information The Challenges of Cloud Information Governance: A Global Data Security Study Sponsored by SafeNet Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research

More information

The Economic and Productivity Impact of IT Security on Healthcare

The Economic and Productivity Impact of IT Security on Healthcare The Economic and Productivity Impact of IT Security on Healthcare Sponsored by Imprivata Independently conducted by Ponemon Institute LLC Publication Date: May 2013 Ponemon Institute Research Report The

More information

Security of Cloud Computing Providers Study

Security of Cloud Computing Providers Study Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report I. Executive Summary

More information

Security of Cloud Computing Providers Study

Security of Cloud Computing Providers Study Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report I. Executive Summary

More information

2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition

2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition 2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition Sponsored by Silver Tail Systems Independently conducted by Ponemon Institute, LLC Publication Date: October 2012 Ponemon Institute

More information

Privacy and Security in a Connected Life: A Study of European Consumers

Privacy and Security in a Connected Life: A Study of European Consumers Privacy and Security in a Connected Life: A Study of European Consumers Sponsored by Trend Micro Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research

More information

Leading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers

Leading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers Leading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers Independently Conducted by Ponemon Institute LLC February 2012 Leading Practices in Behavioral

More information

2015 Global Megatrends in Cybersecurity

2015 Global Megatrends in Cybersecurity 2015 Global Megatrends in Cybersecurity Sponsored by Raytheon Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report 2015 Global Megatrends in

More information

2015 State of the Endpoint Report: User-Centric Risk

2015 State of the Endpoint Report: User-Centric Risk 2015 State of the Endpoint Report: User-Centric Risk Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report 2015 State

More information

Economic impact of privacy on online behavioral advertising

Economic impact of privacy on online behavioral advertising Benchmark study of Internet marketers and advertisers Independently Conducted by Ponemon Institute LLC April 30, 2010 Ponemon Institute Research Report Economic impact of privacy on online behavioral advertising

More information

2015 Global Cyber Impact Report

2015 Global Cyber Impact Report 2015 Global Cyber Impact Report Sponsored by Aon Risk Services Independently conducted by Ponemon Institute LLC Publication Date: April 2015 2015 Global Cyber Impact Report Ponemon Institute, April 2015

More information

Security of Cloud Computing Users A Study of Practitioners in the US & Europe

Security of Cloud Computing Users A Study of Practitioners in the US & Europe Security of Cloud Computing Users A Study of Practitioners in the US & Europe Sponsored by CA Independently conducted by Ponemon Institute LLC Publication Date: 12 May 2010 Ponemon Institute Research Report

More information

Best Practices in Data Protection Survey of U.S. IT & IT Security Practitioners

Best Practices in Data Protection Survey of U.S. IT & IT Security Practitioners Best Practices in Data Protection Survey of U.S. IT & IT Security Practitioners Sponsored by McAfee Independently conducted by Ponemon Institute LLC Publication Date: October 2011 Ponemon Institute Research.

More information

Big Data Analytics in Cyber Defense

Big Data Analytics in Cyber Defense Big Data Analytics in Cyber Defense Sponsored by Teradata Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Big Data Analytics in Cyber

More information

IBM QRadar: Evidence of Value

IBM QRadar: Evidence of Value IBM QRadar: Evidence of Value Independently conducted by Ponemon Institute LLC February 2014 Ponemon Institute Research Report IBM QRadar: Evidence of Value Ponemon Institute: February 2014 Part 1. Introduction

More information

The Post Breach Boom. Sponsored by Solera Networks. Independently conducted by Ponemon Institute LLC Publication Date: February 2013

The Post Breach Boom. Sponsored by Solera Networks. Independently conducted by Ponemon Institute LLC Publication Date: February 2013 The Post Breach Boom Sponsored by Solera Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Part 1. Introduction The Post Breach

More information

How Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States

How Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States How Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States Sponsored by Imprivata Independently conducted by Ponemon Institute LLC Publication Date:

More information

The TCO of Software vs. Hardware-based Full Disk Encryption Summary

The TCO of Software vs. Hardware-based Full Disk Encryption Summary The TCO of vs. -based Full Disk Encryption Summary Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Industry Co-Sponsors Ponemon Institute Research Report

More information

Sponsored by Zimbra. The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA

Sponsored by Zimbra. The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA Sponsored by Zimbra Independently conducted by Ponemon Institute LLC Publication Date: November 2014 Ponemon Institute

More information

Survey on the Governance of Unstructured Data. Independently Conducted and Published by Ponemon Institute LLC. Sponsored by Varonis Systems, Inc.

Survey on the Governance of Unstructured Data. Independently Conducted and Published by Ponemon Institute LLC. Sponsored by Varonis Systems, Inc. Survey on the Governance of Unstructured Data Independently Conducted and Published by Ponemon Institute LLC Sponsored by Varonis Systems, Inc. June 30, 2008 Please Do Not Quote Without Express Permission.

More information

First Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies

First Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies First Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies Sponsored by ArcSight Independently conducted by Ponemon Institute LLC Publication Date: July 2010 Ponemon Institute Research Report

More information

2012 Cost of Cyber Crime Study: Germany

2012 Cost of Cyber Crime Study: Germany 2012 Cost of Cyber Crime Study: Germany Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: October 2012 Ponemon Institute Research Report Part 1. Executive

More information

The TCO of Software vs. Hardware-based Full Disk Encryption

The TCO of Software vs. Hardware-based Full Disk Encryption The TCO of Software vs. Hardware-based Full Disk Encryption Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Industry Co-Sponsors Ponemon Institute Research

More information

The Aftermath of a Data Breach: Consumer Sentiment

The Aftermath of a Data Breach: Consumer Sentiment The Aftermath of a Data Breach: Consumer Sentiment Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2014 Ponemon Institute Research

More information

Enhancing Cybersecurity with Big Data: Challenges & Opportunities

Enhancing Cybersecurity with Big Data: Challenges & Opportunities Enhancing Cybersecurity with Big Data: Challenges & Opportunities Independently Conducted by Ponemon Institute LLC Sponsored by Microsoft Corporation November 2014 CONTENTS 2 3 6 9 10 Introduction The

More information

IBM QRadar Security Intelligence: Evidence of Value

IBM QRadar Security Intelligence: Evidence of Value IBM QRadar Security Intelligence: Evidence of Value Independently conducted by Ponemon Institute LLC February 2014 Ponemon Institute Research Report Background IBM QRadar: Evidence of Value Ponemon Institute:

More information

Sophistication of attacks will keep improving, especially APT and zero-day exploits

Sophistication of attacks will keep improving, especially APT and zero-day exploits FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint

More information

Data Loss Risks During Downsizing As Employees Exit, so does Corporate Data

Data Loss Risks During Downsizing As Employees Exit, so does Corporate Data Data Loss Risks During Downsizing As Employees Exit, so does Corporate Data Independently conducted by Ponemon Institute LLC Publication Date: February 23, 2009 Sponsored by Symantec Corporation Ponemon

More information

State of SMB Cyber Security Readiness: UK Study

State of SMB Cyber Security Readiness: UK Study State of SMB Cyber Security Readiness: UK Study Sponsored by Faronics Independently conducted by Ponemon Institute LLC Publication Date: November 2012 Ponemon Institute Research Report Part 1. Introduction

More information

2013 Study on Data Center Outages

2013 Study on Data Center Outages 2013 Study on Data Center Outages Independently conducted by Ponemon Institute LLC Publication Date: September 2013 2013 Study on Data Center Outages Ponemon Institute, September 2013 Part 1. Introduction

More information

State of IT Security Study of Utilities & Energy Companies

State of IT Security Study of Utilities & Energy Companies State of IT Security Study of Utilities & Energy Companies Sponsored by Q1 Labs Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report State of

More information

Encryption in the Cloud

Encryption in the Cloud Encryption in the Cloud Who is responsible for data protection in the cloud? Sponsored by Thales e-security Independently conducted by Ponemon Institute LLC Publication Date: July 2012 Ponemon Institute

More information