The Challenge of Preventing Browser-Borne Malware
|
|
- Eleanore Lawrence
- 7 years ago
- Views:
Transcription
1 The Challenge of Preventing Browser-Borne Malware Sponsored by Spikes Security Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report
2 Part 1. Introduction The Challenge of Preventing Browser-Borne Malware Ponemon Institute, February 2015 We are pleased to present the findings of The Challenge of Preventing Browser-Borne Malware study sponsored by Spikes Security. The purpose of this research is to focus on how organizations can improve their ability to defend against web-borne malware. In this study, we define web-borne malware as malware that attacks and infiltrates a user s insecure browser. The recent JPMorgan Chase data breach that affected 76 million households and 7 million small businesses is an example of hackers targeting an employee s web habits. We surveyed 645 IT and IT security practitioners who are familiar and involved in their company s efforts to detect and contain malware. Survey participants were from U.S. businesses with an average of more than 14,000 employees. All of the organizations represented in this research have built a multilayer defense-in-depth architecture in an effort to prevent these types of attacks. Despite having such technologies in place, over the past 12 months, these organizations experienced an average of 51 security breaches because of a failure in malware detection technology. The findings also reveal the average cost to respond to and remediate just one security breach because of a failure in malware detection technology is approximately $62,000. This means organizations could have spent an average of $3.2 million to remediate a security breach caused by web-borne malware. Following are the key takeaways from this research: The threat of web-borne malware is growing. Almost all respondents agree that their existing security tools are not capable of completely detecting web-borne malware and the insecure web browser is a primary attack vector. Further, the findings are evidence of the need for a more effective solution to stop web-borne malware. A barrier to the detection and containment of malware is a lack of resources. Seventyseven percent of respondents say it is certain or very likely their organizations have been infected by web-borne malware that was undetected. Users insecure web browsers cause the majority of total malware infections. The web browser is a common attack vector that can severely impact their organization s security posture. On average, a user s insecure web browser is the cause of 55 percent of the total malware infections. Sandboxes and content analysis engines help, but do not solve the problem. Some 38 percent of respondents say web-borne malware was still able to bypass this solution. What would organizations pay to stop malware? According to the findings, organizations would allocate an average of 33 percent of their total security budget to stop web-borne attacks by 50 percent. To stop all attacks (100 percent), they would allocate an average of 50 percent of the budget. Dependency on traditional detection methods deters organizations from adopting new solutions. Sixty-five percent of respondents say overcoming psychological dependency upon traditional detection methods would be a main barrier to adopting a browser isolation technique that rendered traditional web-borne malware detection and containment methods obsolete and unnecessary. Ponemon Institute Research Report Page 1
3 Part 2. Key findings In this section we provide an analysis of the key findings. We have organized the results of the research according to the following themes: The challenge with detection and containment of web-borne malware The cost of not detecting and containing web-borne malware The threat of web-borne malware is growing. Figure 1 reveals the challenges organizations face in dealing with web-borne malware. Almost all respondents agree that their existing security tools are not capable of completely detecting web-borne malware and the insecure web browser is a primary attack vector. Further, the findings are evidence of the need for a more effective solution to stop web-borne malware. Figure 1. Reasons why detection and containment of web-borne malware is a challenge Strongly agree and agree responses Even with my organization s security tools, webborne malware can be completely undetectable 81% The insecure web browser is a primary attack vector 81% Traditional detection-based technologies are becoming ineffective in stopping these attacks 74% Browser-borne malware is a more significant threat today than 12 months ago 69% Web-borne malware is more serious that other types of malware infections 63% Commercial browsers such as Chrome, Explorer, Firefox, Safari, and others contain effective security tools for blocking web-borne malware 31% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Ponemon Institute Research Report Page 2
4 A barrier to the detection and containment of malware is a lack of resources. As shown in Figure 2, 77 percent of respondents say it is certain or very likely their organizations have been infected by web-borne malware that was undetected. Figure 2. How likely is it that your organization is or has been infected by web-borne malware without being detected? 60% 53% 50% 40% 30% 24% 20% 10% 0% Figure 3 reveals the main reasons respondents self reported that they are not fully capable of detecting and containing web-borne malware. According to 51 percent of respondents, they are not receiving the resources or budget they need to effectively detect and contain this threat and 49 percent of respondents say defending against web-borne malware is not a security priority. As a result, the majority of respondents (52 percent) rate their ability to detect and contain web-borne malware as very weak or weak. Figure 3. Main reasons organizations can not fully detect and contain web-borne malware More than one response permitted 12% Certain Very likely Likely Not likely No chance 9% 2% Lack of resources or budget 51% Not considered a security-related priority 49% Do not have ample expert personnel 35% Lack of enabling technologies 33% Other 5% 0% 10% 20% 30% 40% 50% 60% Ponemon Institute Research Report Page 3
5 Users insecure web browsers cause the majority of total malware infections. The web browser is a common attack vector that can severely impact their organization s security posture. On average, a user s insecure web browser is the cause of 55 percent of the total malware infections, as shown in Figure 4. Figure 4. What percent of total malware did a user s insecure web browser cause in the past 12 months? Extrapolated value = 55 percent 30% 25% 26% 24% 20% 18% 15% 10% 12% 15% 5% 5% 0% Less than 10% 10 to 25% 26 to 50% 51 to 75% 76 to 100% Don t know Ponemon Institute Research Report Page 4
6 Sandboxes and content analysis engines help, but do not solve the problem. Some 38 percent of respondents say web-borne malware was still able to bypass this solution, shown in Figure 5. In contrast, 50 percent say the web-borne malware was able to bypass their organization s layered firewall defense. Forty-six percent say the organization s anti-virus solution was not a deterrent and 41 percent say web-borne malware was able to bypass intrusion detection systems. This suggests an effective solution is still required to ensure that no browser-borne malware is able to penetrate the network, breach desktop browsers or gain access to sensitive internal resources. Figure 5. How frequently did web-borne malware bypass organizations technologies? Yes, frequently and yes, not frequently responses combined Layered firewall defenses 50% Anti-virus (AV) solutions 46% Intrusion detection systems (IDS) 41% Sandbox/content analysis engine 38% 0% 10% 20% 30% 40% 50% 60% Ponemon Institute Research Report Page 5
7 The cost of not detecting and containing web-borne malware Web-borne malware is a multi-million dollar problem. Organizations in this study experienced an average of 51 security breaches because of a failure in their malware detection technology as shown in Figure 6. The findings reveal the average cost to respond to and remediate just one security breach because of a failure in malware detection technology is approximately $62,000. This means organizations could have spent $3.2 million on dealing with a security breach caused by web-borne malware. Figure 6. In the past 12 months, how many security breaches did your organization experience due to a failure in malware detection technology? Extrapolated value = 51 25% 23% 20% 15% 10% 15% 12% 10% 16% 9% 11% 5% 4% 0% None Less than 5 5 to to to to to to 500 Ponemon Institute Research Report Page 6
8 Respondents are aware that attacks involving the web browser can have a severe impact on their organization s security posture. Applications are considered the attack vector that has the greatest impact on the security posture, however web browsers are a close second (tied with mobile devices & platforms), as shown in Figure 7. In terms of budget, mobile devices & platforms are receiving the most funding, followed by applications and then the web browser. Figure 7. Seven attack vectors that can affect security posture and the budget allocated to each vector Sum of risk allocation = 100 points Applications Mobile devices & platforms Web browser Malicious insiders Operating systems Servers & routers Storage & backup Allocated security risk Allocated security budget What would organizations pay to stop malware? According to Figure 8, organizations would allocate an average of 33 percent of their total security budget to stop web-borne attacks by 50 percent. To stop all attacks (100 percent), they would allocate an average of 50 percent of the budget. The average annual IT security budget is approximately $7.8 million and 39 percent of the budget is spent on defense-and-depth security tools such as web gateways, IPS, and antivirus. Figure 8. What organizations would pay to stop malware? 80% 70% 60% 50% 40% 30% 20% 10% 0% 2% 8% 0% 0% 18% 15% 15% 3% 3% 5% 29% 21% 1 to 5% 6 to 10% 11 to 20% 21 to 30% 31 to 40% 41 to 50% More than 50% 13% 68% Stop web-borne malware infections by 50 percent Stop web-borne malware infections by 100 percent Ponemon Institute Research Report Page 7
9 Dependency on traditional detection methods deters organizations from adopting new solutions. According to Figure 9, 65 percent of respondents say overcoming psychological dependency upon traditional detection methods would be a main barrier to adopting a browser isolation technique that rendered traditional web-borne malware detection and containment methods obsolete and unnecessary. This is followed by concerns over diminished user productivity (50 percent), system performance issues (44 percent) or complexity and difficulty to operate (41 percent). Figure 9. Barriers to adopting a browser isolation technique that makes traditional webborne malware detection and containment methods obsolete and unnecessary More than one response permitted Overcoming psychological dependency upon traditional detection methods 65% Diminished user productivity 50% System performance issues Too complex and/or difficult to operate 41% 44% Too costly 33% Insufficient scalability 16% Other 2% 0% 10% 20% 30% 40% 50% 60% 70% Ponemon Institute Research Report Page 8
10 Part 3. Methods A sampling frame composed of 18,330 IT and IT security practitioners located in the United States and familiar and involved in their company s efforts to detect and contain malware were selected for participation in this survey. As shown in the Table 1, 701 respondents completed the survey. Screening removed 56 surveys. The final sample was 645 surveys (or a 3.5 percent response rate). Table 1. Sample response Freq Total sampling frame 18, % Total returns % Rejected and screened surveys % Final sample % Pie chart 1 reports the current position or organizational level of respondents. By design, 55 percent of respondents reported their current position is at or above the supervisory level. Pie Chart 1. Current position or organizational level 5% 2% 2% 1% 16% 38% 20% Senior Executive Vice President Director Manager Supervisor Technician Staff Contractor 16% According to Pie Chart 2, more than half of the respondents (56 percent) report to the chief information officer. Another 21 percent responded they report to the chief information security officer. Pie Chart 2. Primary Person respondent or IT security leader reports to 8% 3% 2% 1% Chief Information Officer (CIO) 9% Chief Information Security Officer (CISO) Chief Risk Officer (CRO) 56% Compliance Officer Chief Security Officer (CSO) 21% Chief Financial Officer (CFO) General Counsel Ponemon Institute Research Report Page 9
11 Pie Chart 3 reports that 30 percent of respondents described their current role in IT security is security operations, 18 percent indicated security architecture and another 15 percent identified forensics as their current role. Pie Chart 3. Current role in IT security 5% 4% 9% 11% 8% 15% 18% 30% Security operations Security architecture Forensics Audit & compliance Network engineering Senior leadership (CISO) Security analytics Other Pie Chart 4 reports the primary industry classification of respondents organizations. This chart identifies financial services (18 percent) as the largest segment, followed by public sector (11 percent) and health and pharmaceuticals (10 percent). Pie Chart 4. Primary industry concentration 6% 7% 7% 2% 2% 2% 4% 3% 3% 8% 8% 9% 18% 10% 11% Financial services Public sector Health & pharmaceutical Retail Industrial Services Consumer products Technology & Software Energy & utilities Communications Education & research Entertainment & media Hospitality Transportation Other Ponemon Institute Research Report Page 10
12 According to Pie Chart 5, 46 percent of the respondents are from organizations with a global headcount of over 1,000 employees. Pie Chart 5. Worldwide headcount of the organization Extrapolated value = 14,410 11% 7% 23% Less than 500 people 500 to 1,000 people 16% 1,001 to 5,000 people 5,001 to 25,000 people 21% 25,001 to 75,000 people More than 75,000 people 22% Part 4. Caveats There are inherent limitations to survey research that need to be carefully considered before drawing inferences from findings. The following items are specific limitations that are germane to most web-based surveys. Non-response bias: The current findings are based on a sample of survey returns. We sent surveys to a representative sample of individuals located in the United States, resulting in a large number of usable returned responses. Despite non-response tests, it is always possible that individuals who did not participate are substantially different in terms of underlying beliefs from those who completed the instrument. Sampling-frame bias: The accuracy is based on contact information and the degree to which the list is representative of individuals who are IT or IT security practitioners. We also acknowledge that the results may be biased by external events such as media coverage. We also acknowledge bias caused by compensating subjects to complete this research within a holdout period. Self-reported results: The quality of survey research is based on the integrity of confidential responses received from subjects. While certain checks and balances can be incorporated into the survey process, there is always the possibility that a subject did not provide accurate response. Ponemon Institute Research Report Page 11
13 Appendix: Detailed Survey Results The following tables provide the percentage frequency of responses to all survey questions on a consolidated (global) basis across four regional clusters. All survey responses were captured in December Survey response Freq Total sampling frame % Total returns % Rejected or screened surveys % Final sample % Part 1. Screening questions S1. What best describes your level of involvement with the detection and containment of your organization s malware? Significant involvement 46% Some involvement 54% Nominal or no involvement (stop) 0% S2. Are you responsible for selecting, purchasing and/or using tools designed to stop browser-borne malware? Yes, full responsibility 34% Yes, some responsibility 66% No, not responsible (stop) 0% S3. Has your organization built a multilayer defense-in-depth architecture (i.e., secure web gateway, intrusion prevention, anti-virus, etc.)? Yes 100% No (stop) 0% Part 2. Attributions Q1. The insecure web browser is a primary attack vector. Strongly agree 40% Agree 41% Unsure 16% Disagree 3% Strongly disagree 0% Q2. Browser-borne malware is a more significant threat today than 12 months ago. Strongly agree 33% Agree 36% Unsure 21% Disagree 8% Strongly disagree 2% Ponemon Institute Research Report Page 12
14 Q3. Traditional detection-based technologies are becoming ineffective in stopping these attacks. Strongly agree 35% Agree 39% Unsure 19% Disagree 6% Strongly disagree 1% Q4. Web-borne malware is more serious than other types of malware infections Strongly agree 27% Agree 36% Unsure 15% Disagree 17% Strongly disagree 5% Q5. Commercial browsers such as Chrome, Explorer, Firefox, Safari, and others contain effective security tools for blocking web-borne malware. Strongly agree 13% Agree 18% Unsure 17% Disagree 39% Strongly disagree 13% Q6. Even with my organization s security tools, web-borne malware can be completely undetectable. Strongly agree 39% Agree 42% Unsure 10% Disagree 6% Strongly disagree 3% Part 3. General questions Q7. How likely is it that your organization is or has been infected by webborne malware without being detected? Certain 53% Very likely 24% Likely 12% Not likely 9% No chance 2% Q8a. Please rate your organization s ability to detect and contain webborne malware? Please use the following 10-point scale. 1 or 2 (weak) 17% 3 or 4 35% 5 or 6 15% 7 or 8 18% 9 or 10 (strong) 9% Total 94% Extrapolated value 4.5 Ponemon Institute Research Report Page 13
15 Q8b. If your rating is below 5, what are the main reasons why your organization is not fully capable of detecting and containing web-borne malware? Lack of resources or budget 51% Lack of enabling technologies 33% Do not have ample expert personnel 35% Not considered a security-related priority 49% Other (please specify) 5% Total 173% Q9. Over the past 12 months, what percent of your organization s total malware infections did a user s insecure web browser cause? Less than 10% 5% 10 to 25% 12% 26 to 50% 15% 51 to 75% 18% 76 to 100% 26% Don t know 24% Extrapolated value 55% Q10. Over the past 12 months, what percent of your organization s IT security funding was spent on the detection and containment of all malware? Less than 10% 21% 10 to 25% 23% 26 to 50% 20% 51 to 75% 7% 76 to 100% 5% Don't know 24% Extrapolated value 29% Q11. The following table contains 7 common attack vectors that can severely impact your organization s security posture. Please allocate the security risk inherent in each one of the 7 attack vectors as experienced Points by your organization. Note that the sum of your risk allocation must equal 100 points. Web browser 21 Operating systems 8 Applications 28 Servers & routers 6 Storage & backup 4 Malicious insiders 12 Mobile devices & platforms 21 Total points 100 Ponemon Institute Research Report Page 14
16 Q12. Please allocate the security budget or spending level for each one of the 7 attack vectors as experienced by your organization. Note that Points the sum of your allocation must equal 100 points. Web browser 17 Operating systems 12 Applications 18 Servers & routers 10 Storage & backup 8 Malicious insiders 15 Mobile devices & platforms 20 Total points 100 Q13. Has web-borne malware been able to bypass your organization s anti-virus (AV) solutions? Yes, frequently 13% Yes, not frequently 33% Yes, rarely 28% No 21% Unsure 5% Q14. Has web-borne malware been able to bypass your organization s intrusion detection systems (IDS)? Yes, frequently 11% Yes, not frequently 30% Yes, rarely 31% No 23% Unsure 5% Q15. Has web-borne malware been able to bypass your organization s layered firewall defenses? Yes, frequently 20% Yes, not frequently 30% Yes, rarely 19% No 27% Unsure 4% Q16. Has web-borne malware been able to bypass your organization s sandbox/content analysis engine? Yes, frequently 9% Yes, not frequently 29% Yes, rarely 18% No 29% Unsure 15% Ponemon Institute Research Report Page 15
17 Q17. What dollar range best describes your organization s annual IT security budget? Less than $100,000 2% $100,000 to $500,000 5% $500,001 to $1,000,000 10% $1,000,001 to 2,500,000 19% $2,500,001 to $5,000,000 24% $5,000,001 to $10,000,000 19% $10,001,000 to $25,000,000 15% $25,000,001 to $50,000,000 5% Greater than $50,000,000 1% Extrapolated value 7,799,300 Q18. What percentage of your organization s annual IT security budget is dedicated to defense-and-depth security tools (such as web gateways, IPS, AV, etc.)? Less than 1% 0% 1 to 5% 0% 6 to 10% 4% 11 to 20% 5% 21 to 30% 8% 31 to 40% 33% 41 to 50% 35% More than 50% 15% Extrapolated value 39% Q19. What percentage of your organization s annual IT security budget is dedicated to incident response security tools (i.e., tools that identify and resolve security breaches)? Less than 1% 0% 1 to 5% 0% 6 to 10% 25% 11 to 20% 31% 21 to 30% 32% 31 to 40% 8% 41 to 50% 4% More than 50% 0% Extrapolated value 19% Part 4. Concept questions Q20. As a percentage of your organization s total security budget, how much would your company pay to stop web-borne malware infections by 50 percent? Less than 1% 0% 1 to 5% 2% 6 to 10% 8% 11 to 20% 18% 21 to 30% 15% 31 to 40% 15% 41 to 50% 29% More than 50% 13% Extrapolated value 33% Ponemon Institute Research Report Page 16
18 Q21. As a percentage of your organization s total security budget, how much would your company pay to stop web-borne malware infections by 100 percent? Less than 1% 0% 1 to 5% 0% 6 to 10% 0% 11 to 20% 3% 21 to 30% 3% 31 to 40% 5% 41 to 50% 21% More than 50% 68% Extrapolated value 50% Q22. Are you aware of any security product that ensures browser-borne malware is no longer able to penetrate your network, breach desktop browsers or gain access to sensitive internal resources? Yes 21% No, but I m interested in learning more about this solution 56% No 23% Q23. Are you aware of any security product that ensures malware associated with original web content stays isolated outside the network, without affecting users normal browsing experiences including access to audio, video, text, and graphics? Yes 20% No, but I m interested in learning more about this solution 55% No 25% Q24. If yes to Q18 and/or Q19, please provide the name(s) of the vendor(s) that provides this solution. [Contextual response requested] Q25. Assuming your organization was able to validate a browser isolation technique that rendered traditional Web-borne malware detection and containment methods obsolete and unnecessary. What would be the main barriers to product adoption? Please select all that apply. Too costly 33% Too complex and/or difficult to operate 41% Overcoming psychological dependency upon traditional detection methods 65% Insufficient scalability 16% Diminished user productivity 50% System performance issues 44% Other (please specify) 2% Total 251% Ponemon Institute Research Report Page 17
19 Q26. In your organization, who influences and/or decides what security technology to purchase? Top three choices CIO/CTO 71% CISO 70% COO CFO 30% Security architect 45% Security engineer 25% IT manager/director 26% Service provider /outside consultant 33% Total 300% Q27. Over the past 12 months, how many security breaches did your organization experience because of a failure in malware detection technology? Your best estimate is much appreciated. None 15% Less than 5 23% 5 to 10 12% 11 to 25 10% 26 to 50 16% 51 to 100 9% 101 to % 251 to 500 4% More than 500 0% Extrapolated value 50.6 Q28. What is the cost to respond to and remediate just one security breach because of a failure in malware detection technology? Please note that your cost estimate should consider direct cash outlays, direct labor expenditures, indirect labor costs and overhead costs. Less than $100 1% $100 to $500 5% $501 to $1,000 8% $1,001 to $2,500 12% $2,501 to $5,000 18% $5,001 to $10,000 20% $10,001 to $25,000 12% $25,001 to $50,000 7% $50,001 to $100,000 8% $100,001 to $500,000 5% $500,001 to 1,000,000 3% Greater than $1,000,000 1% Extrapolated value 61,686 Ponemon Institute Research Report Page 18
20 Part 5. Your role and organization D1. What organizational level best describes your current position? Senior Executive 2% Vice President 1% Director 16% Manager 20% Supervisor 16% Technician 38% Staff 5% Contractor 2% Other (please specify) 0% D2. Check the Primary Person you or your IT security leader reports to within the organization. CEO/Executive Committee 0% Chief Financial Officer (CFO) 2% General Counsel 1% Chief Information Officer (CIO) 56% Chief Information Security Officer (CISO) 21% Compliance Officer 8% Human Resources VP 0% Chief Security Officer (CSO) 3% Chief Risk Officer (CRO) 9% Other (please specify 0% D3. What best describes your role in IT security? Senior leadership (CISO) 8% Security architecture 18% Forensics 15% Audit & compliance 11% Network engineering 9% Security operations 30% Security analytics 5% Other (please specify) 4% Ponemon Institute Research Report Page 19
21 D4. What industry best describes your organization s primary industry concentration? Agriculture & food services 1% Communications 3% Consumer products 7% Defense & aerospace 1% Education & research 3% Energy & utilities 6% Entertainment & media 2% Financial services 18% Health & pharmaceutical 10% Hospitality 2% Industrial 8% Public sector 11% Retail 9% Services 8% Technology & Software 7% Transportation 2% Other (please specify) 2% D5. What is the worldwide headcount of your organization? Less than 500 people 23% 500 to 1,000 people 21% 1,001 to 5,000 people 22% 5,001 to 25,000 people 16% 25,001 to 75,000 people 11% More than 75,000 people 7% Extrapolated value 14,410 For more information about this study, please contact Ponemon Institute by sending an to research@ponemon.org or calling our toll free line at Ponemon Institute Advancing Responsible Information Management Ponemon Institute is dedicated to independent research and education that advances responsible information and privacy management practices within business and government. Our mission is to conduct high quality, empirical studies on critical issues affecting the management and security of sensitive information about people and organizations. As a member of the Council of American Survey Research Organizations (CASRO), we uphold strict data confidentiality, privacy and ethical research standards. We do not collect any personally identifiable information from individuals (or company identifiable information in our business research). Furthermore, we have strict quality standards to ensure that subjects are not asked extraneous, irrelevant or improper questions. Ponemon Institute Research Report Page 20
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: March 2013 Ponemon Institute Research Report
More informationThe Cost of Insecure Mobile Devices in the Workplace Sponsored by AT&T
The Cost of Insecure Mobile Devices in the Workplace! Sponsored by AT&T Independently conducted by Ponemon Institute LLC Publication Date: March 2014 Part 1. Introduction The Cost of Insecure Mobile Devices
More informationA Study of Retail Banks & DDoS Attacks
A Study of Retail Banks & DDoS Attacks Sponsored by Corero Network Security Independently conducted by Ponemon Institute LLC Publication Date: December 2012 Ponemon Institute Research Report A Study of
More informationThe State of Data Security Intelligence. Sponsored by Informatica. Independently conducted by Ponemon Institute LLC Publication Date: April 2015
The State of Data Security Intelligence Sponsored by Informatica Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report The State of Data Security
More informationThe Importance of Cyber Threat Intelligence to a Strong Security Posture
The Importance of Cyber Threat Intelligence to a Strong Security Posture Sponsored by Webroot Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report
More informationIs Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report
More informationData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier Effect Sponsored by Netskope Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report Part 1. Introduction Data Breach:
More informationIs Your Company Ready for a Big Data Breach?
Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication
More informationAchieving Security in Workplace File Sharing. Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014
Achieving Security in Workplace File Sharing Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Ponemon Institute Research Report Part 1. Introduction Achieving
More informationThe Cost of Web Application Attacks
The Cost of Web Application Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report Part 1. Introduction The
More informationManaging Cyber Security as a Business Risk: Cyber Insurance in the Digital Age
Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013
More informationThe SQL Injection Threat Study
The SQL Injection Threat Study Sponsored by DB Networks Independently conducted by Ponemon Institute LLC Publication Date: April 2014 1 The SQL Injection Threat Study Presented by Ponemon Institute, April
More informationReputation Impact of a Data Breach U.S. Study of Executives & Managers
Reputation Impact of a Data Breach U.S. Study of Executives & Managers Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon
More informationThe State of Mobile Application Insecurity
The State of Mobile Application Insecurity Sponsored by IBM Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report Part 1. Introduction The State
More informationGlobal Insights on Document Security
Global Insights on Document Security Sponsored by Adobe Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report Global Insights on Document Security
More informationUnderstanding Security Complexity in 21 st Century IT Environments:
Understanding Security Complexity in 21 st Century IT Environments: A study of IT practitioners in the US, UK, France, Japan & Germany Sponsored by Check Point Software Technologies Independently conducted
More informationRisk & Innovation in Cybersecurity Investments. Sponsored by Lockheed Martin
Risk & Innovation in Cybersecurity Investments Sponsored by Lockheed Martin Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report Part 1. Introduction
More informationUnderstaffed and at Risk: Today s IT Security Department. Sponsored by HP Enterprise Security
Understaffed and at Risk: Today s IT Security Department Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute Research
More informationThe Unintentional Insider Risk in United States and German Organizations
The Unintentional Insider Risk in United States and German Organizations Sponsored by Raytheon Websense Independently conducted by Ponemon Institute LLC Publication Date: July 2015 2 Part 1. Introduction
More informationData Security in Development & Testing
Data Security in Development & Testing Sponsored by Micro Focus Independently conducted by Ponemon Institute LLC Publication Date: July 31, 2009 Ponemon Institute Research Report Data Security in Development
More informationWhat You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage
What You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage Sponsored by ObserveIT Independently conducted by Ponemon Institute LLC June 2015 Ponemon Institute Research Report
More informationElectronic Health Information at Risk: A Study of IT Practitioners
Electronic Health Information at Risk: A Study of IT Practitioners Sponsored by LogLogic Conducted by Ponemon Institute LLC October 15, 2009 Ponemon Institute Research Report Executive summary Electronic
More informationExposing the Cybersecurity Cracks: A Global Perspective
Exposing the Cybersecurity Cracks: A Global Perspective Part I: Deficient, Disconnected & in the Dark Sponsored by Websense, Inc. Independently conducted by Ponemon Institute LLC Publication Date: April
More informationThe Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners
The Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners Sponsored by Vormetric Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon Institute
More informationThe Impact of Cybercrime on Business
The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted
More informationThe Security Impact of Mobile Device Use by Employees
The Security Impact of Mobile Device Use by Employees Sponsored by Accellion Independently conducted by Ponemon Institute LLC Publication Date: December 2014 Ponemon Institute Research Report The Security
More informationCyber Threat Intelligence: Has to Be a Better Way
Exchanging Cyber Threat Intelligence: There Has to Be a Better Way Sponsored by IID Independently conducted by Ponemon Institute LLC Publication Date: April 2014 Ponemon Institute Research Report Exchanging
More information2012 Application Security Gap Study: A Survey of IT Security & Developers
2012 Application Gap Study: A Survey of IT & s Research sponsored by Innovation Independently Conducted by Ponemon Institute LLC March 2012 1 2012 Application Gap Study: A Survey of IT & s March 2012 Part
More informationSecurity Metrics to Manage Change: Which Matter, Which Can Be Measured?
Security Metrics to Manage Change: Which Matter, Which Can Be Measured? Sponsored by FireMon Independently conducted by Ponemon Institute LLC Publication Date: April 2014 2 Security Metrics to Manage Change:
More informationSecurity of Paper Records & Document Shredding. Sponsored by Cintas. Independently conducted by Ponemon Institute LLC Publication Date: January 2014
Security of Paper Records & Document Shredding Sponsored by Cintas Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Ponemon Institute Research Report Part 1. Introduction
More information2014: A Year of Mega Breaches
2014: A Year of Mega Breaches Sponsored by Identity Finder Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report Part 1. Introduction 2014: A
More informationPerceptions About Network Security Survey of IT & IT security practitioners in the U.S.
Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2011 Ponemon
More information2015 Global Study on IT Security Spending & Investments
2015 Study on IT Security Spending & Investments Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Sponsored by Part 1. Introduction Security risks are pervasive and becoming
More informationCyber Security on the Offense: A Study of IT Security Experts
Cyber Security on the Offense: A Study of IT Security Experts Co-authored with Radware Independently conducted by Ponemon Institute LLC Publication Date: November 2012 Ponemon Institute Research Report
More informationThe SQL Injection Threat & Recent Retail Breaches
The SQL Injection Threat & Recent Retail Breaches Sponsored by DB Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2014 1 Part 1. Introduction The SQL Injection Threat &
More informationData Security in the Evolving Payments Ecosystem
Data Security in the Evolving Payments Ecosystem Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report
More informationPerceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA)
Perceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA) Sponsored by Property Casualty Insurers Association of America Independently conducted by Ponemon Institute LLC Publication
More informationAdvanced Threats in Retail Companies: A Study of North America & EMEA
Advanced Threats in Companies: A Study of North America & EMEA Sponsored by Arbor Networks Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report
More informationExposing the Cybersecurity Cracks: A Global Perspective
Exposing the Cybersecurity Cracks: A Global Perspective Part 2: Roadblocks, Refresh and Raising the Human Security IQ Sponsored by Websense Independently conducted by Ponemon Institute LLC Publication
More informationThe Fraud Report: How Fake Users Are Impacting Business
The Fraud Report: How Fake Users Are Impacting Business Sponsored by TeleSign Independently conducted by Ponemon Institute LLC Publication Date: November 2015 Ponemon Institute Research Report The Fraud
More informationEfficacy of Emerging Network Security Technologies
Efficacy of Emerging Network Security Technologies Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Part
More informationNational Survey on Data Center Outages
National Survey on Data Center Outages Independently conducted by Ponemon Institute LLC Publication Date: 30 September 2010 Part 1. Executive Summary National Survey on Data Center Outages Ponemon Institute,
More informationThe State of Data Centric Security
The State of Data Centric Security Sponsored by Informatica Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report State of Data Centric Security
More informationThreat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations
Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations Sponsored by AccessData Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute
More informationCloud Security: Getting It Right
Cloud Security: Getting It Right Sponsored by Armor Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute Research Report Cloud Security: Getting It Right Ponemon
More information2014 State of Endpoint Risk. Sponsored by Lumension. Independently conducted by Ponemon Institute LLC Publication Date: December 2013
2014 State of Endpoint Risk Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: December 2013 Ponemon Institute Research Report 2014 State of Endpoint Risk Ponemon
More informationThird Annual Study: Is Your Company Ready for a Big Data Breach?
Third Annual Study: Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute
More informationThe Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations
The Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations Independently conducted by Ponemon Institute LLC Publication Date: 30 September 2010 Ponemon Institute Research Report Part
More informationAftermath of a Data Breach Study
Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath
More informationGlobal Survey on Social Media Risks Survey of IT & IT Security Practitioners
0 Global Survey on Social Media Risks Survey of IT & IT Security Practitioners Sponsored by Websense Independently conducted by Ponemon Institute LLC Publication Date: September 2011 1 Global Survey on
More informationThe Importance of Senior Executive Involvement in Breach Response
The Importance of Senior Executive Involvement in Breach Response Sponsored by HP Enterprise Security Services Independently conducted by Ponemon Institute LLC Publication Date: October 2014 The Importance
More informationSecurity of Cloud Computing Users Study
Security of Cloud Computing Users Study Sponsored by CA Technologies Independently conducted by Ponemon Institute, LLC Publication Date: March 2013 Security of Cloud Computing Users Study March 2013 Part
More informationCorporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Sponsored by Varonis Independently conducted by Ponemon Institute LLC Publication Date: December 2014 Ponemon Institute Research Report Corporate
More informationThe State of USB Drive Security
The State of USB Drive Security U.S. survey of IT and IT security practitioners Sponsored by Kingston Independently conducted by Ponemon Institute LLC Publication Date: July 2011 Ponemon Institute Research
More informationDefining the Gap: The Cybersecurity Governance Study
Defining the Gap: The Cybersecurity Governance Study Sponsored by Fidelis Cybersecurity Independently conducted by Ponemon Institute LLC Publication Date: June 2015 Ponemon Institute Research Report Defining
More informationHow Much Is the Data on Your Mobile Device Worth?
How Much Is the Data on Your Mobile Device Worth? Sponsored by Lookout Independently conducted by Ponemon Institute LLC Publication Date: January 2016 Ponemon Institute Research Report Part 1. Introduction
More informationState of Web Application Security U.S. Survey of IT & IT security practitioners
State of Web Application Security U.S. Survey of IT & IT security practitioners Sponsored by Cenzic & Barracuda Networks Independently conducted by Ponemon Institute LLC Publication Date: March 2011 Ponemon
More informationAchieving Data Privacy in the Cloud
Achieving Data Privacy in the Cloud Study of Information Technology Privacy and Compliance of Small to Medium-Sized Organizations in germany Sponsored by microsoft Independently Conducted by Ponemon Institute
More informationThe End Endorsed Devices pose a Large Security Risk to Your Organization
2013 State of the Endpoint Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: December 2012 Ponemon Institute Research Report 2013 State of the Endpoint Ponemon Institute:
More informationPrivileged User Abuse & The Insider Threat
Privileged User Abuse & The Insider Threat Commissioned by Raytheon Company Independently conducted by Ponemon Institute LLC Publication Date: May 2014 1 Privileged User Abuse & The Insider Threat Ponemon
More informationBreaking Bad: The Risk of Insecure File Sharing
Breaking Bad: The Risk of Insecure File Sharing Sponsored by Intralinks Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research Report Breaking Bad: The
More informationThe 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season
The 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season Sponsored by RSA Security Independently conducted by Ponemon Institute, LLC Publication Date: October 2013 Ponemon
More information2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition
2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition Sponsored by Silver Tail Systems Independently conducted by Ponemon Institute, LLC Publication Date: October 2012 Ponemon Institute
More informationPrivacy and Security in a Connected Life: A Study of European Consumers
Privacy and Security in a Connected Life: A Study of European Consumers Sponsored by Trend Micro Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research
More informationEconomic impact of privacy on online behavioral advertising
Benchmark study of Internet marketers and advertisers Independently Conducted by Ponemon Institute LLC April 30, 2010 Ponemon Institute Research Report Economic impact of privacy on online behavioral advertising
More informationThe Role of Governance, Risk Management & Compliance in Organizations
The Role of Governance, Risk Management & Compliance in Organizations Study of GRC practitioners Sponsored by RSA, The Security Division of EMC Independently conducted by Ponemon Institute LLC Publication
More informationChallenges of Cloud Information
The Challenges of Cloud Information Governance: A Global Data Security Study Sponsored by SafeNet Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research
More informationCompliance Cost Associated with the Storage of Unstructured Information
Compliance Cost Associated with the Storage of Unstructured Information Sponsored by Novell Independently conducted by Ponemon Institute LLC Publication Date: May 2011 Ponemon Institute Research Report
More information2015 Global Megatrends in Cybersecurity
2015 Global Megatrends in Cybersecurity Sponsored by Raytheon Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report 2015 Global Megatrends in
More information2015 State of the Endpoint Report: User-Centric Risk
2015 State of the Endpoint Report: User-Centric Risk Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report 2015 State
More information2015 Global Cyber Impact Report
2015 Global Cyber Impact Report Sponsored by Aon Risk Services Independently conducted by Ponemon Institute LLC Publication Date: April 2015 2015 Global Cyber Impact Report Ponemon Institute, April 2015
More informationSecurity of Cloud Computing Users A Study of Practitioners in the US & Europe
Security of Cloud Computing Users A Study of Practitioners in the US & Europe Sponsored by CA Independently conducted by Ponemon Institute LLC Publication Date: 12 May 2010 Ponemon Institute Research Report
More informationSecurity of Cloud Computing Providers Study
Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report I. Executive Summary
More informationThe Economic and Productivity Impact of IT Security on Healthcare
The Economic and Productivity Impact of IT Security on Healthcare Sponsored by Imprivata Independently conducted by Ponemon Institute LLC Publication Date: May 2013 Ponemon Institute Research Report The
More informationSecurity of Cloud Computing Providers Study
Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report I. Executive Summary
More informationLeading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers
Leading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers Independently Conducted by Ponemon Institute LLC February 2012 Leading Practices in Behavioral
More informationBig Data Analytics in Cyber Defense
Big Data Analytics in Cyber Defense Sponsored by Teradata Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Big Data Analytics in Cyber
More informationSponsored by Zimbra. The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA
The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA Sponsored by Zimbra Independently conducted by Ponemon Institute LLC Publication Date: November 2014 Ponemon Institute
More informationSurvey on the Governance of Unstructured Data. Independently Conducted and Published by Ponemon Institute LLC. Sponsored by Varonis Systems, Inc.
Survey on the Governance of Unstructured Data Independently Conducted and Published by Ponemon Institute LLC Sponsored by Varonis Systems, Inc. June 30, 2008 Please Do Not Quote Without Express Permission.
More informationThe Aftermath of a Data Breach: Consumer Sentiment
The Aftermath of a Data Breach: Consumer Sentiment Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2014 Ponemon Institute Research
More informationHow Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States
How Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States Sponsored by Imprivata Independently conducted by Ponemon Institute LLC Publication Date:
More informationData Loss Risks During Downsizing As Employees Exit, so does Corporate Data
Data Loss Risks During Downsizing As Employees Exit, so does Corporate Data Independently conducted by Ponemon Institute LLC Publication Date: February 23, 2009 Sponsored by Symantec Corporation Ponemon
More informationFirst Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies
First Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies Sponsored by ArcSight Independently conducted by Ponemon Institute LLC Publication Date: July 2010 Ponemon Institute Research Report
More informationThe Post Breach Boom. Sponsored by Solera Networks. Independently conducted by Ponemon Institute LLC Publication Date: February 2013
The Post Breach Boom Sponsored by Solera Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Part 1. Introduction The Post Breach
More informationState of SMB Cyber Security Readiness: UK Study
State of SMB Cyber Security Readiness: UK Study Sponsored by Faronics Independently conducted by Ponemon Institute LLC Publication Date: November 2012 Ponemon Institute Research Report Part 1. Introduction
More information2013 Study on Data Center Outages
2013 Study on Data Center Outages Independently conducted by Ponemon Institute LLC Publication Date: September 2013 2013 Study on Data Center Outages Ponemon Institute, September 2013 Part 1. Introduction
More informationThe TCO of Software vs. Hardware-based Full Disk Encryption Summary
The TCO of vs. -based Full Disk Encryption Summary Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Industry Co-Sponsors Ponemon Institute Research Report
More informationBest Practices in Data Protection Survey of U.S. IT & IT Security Practitioners
Best Practices in Data Protection Survey of U.S. IT & IT Security Practitioners Sponsored by McAfee Independently conducted by Ponemon Institute LLC Publication Date: October 2011 Ponemon Institute Research.
More informationThe TCO of Software vs. Hardware-based Full Disk Encryption
The TCO of Software vs. Hardware-based Full Disk Encryption Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Industry Co-Sponsors Ponemon Institute Research
More informationIBM QRadar Security Intelligence: Evidence of Value
IBM QRadar Security Intelligence: Evidence of Value Independently conducted by Ponemon Institute LLC February 2014 Ponemon Institute Research Report Background IBM QRadar: Evidence of Value Ponemon Institute:
More information2012 Cost of Cyber Crime Study: Germany
2012 Cost of Cyber Crime Study: Germany Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: October 2012 Ponemon Institute Research Report Part 1. Executive
More informationSophistication of attacks will keep improving, especially APT and zero-day exploits
FAQ Isla Q&A General What is Isla? Isla is an innovative, enterprise-class web malware isolation system that prevents all browser-borne malware from penetrating corporate networks and infecting endpoint
More informationEncryption in the Cloud
Encryption in the Cloud Who is responsible for data protection in the cloud? Sponsored by Thales e-security Independently conducted by Ponemon Institute LLC Publication Date: July 2012 Ponemon Institute
More informationState of IT Security Study of Utilities & Energy Companies
State of IT Security Study of Utilities & Energy Companies Sponsored by Q1 Labs Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report State of
More information2015 Cost of Data Breach Study: United States
2015 Cost of Data Breach Study: United States Benchmark research sponsored by IBM Independently conducted by Ponemon Institute LLC May 2015 Ponemon Institute Research Report 2015 1 Cost of Data Breach
More informationEnhancing Cybersecurity with Big Data: Challenges & Opportunities
Enhancing Cybersecurity with Big Data: Challenges & Opportunities Independently Conducted by Ponemon Institute LLC Sponsored by Microsoft Corporation November 2014 CONTENTS 2 3 6 9 10 Introduction The
More information2013 Cost of Data Breach Study: Global Analysis
2013 Cost of Data Breach Study: Global Analysis Benchmark research sponsored by Symantec Independently Conducted by Ponemon Institute LLC May 2013 Ponemon Institute Research Report Part 1. Executive Summary
More information2013 Cost of Data Breach Study: Global Analysis
2013 Cost of Data Breach Study: Global Analysis Benchmark research sponsored by Symantec Independently Conducted by Ponemon Institute LLC May 2013 Ponemon Institute Research Report Part 1. Executive Summary
More informationLiveThreat Intelligence Impact Report 2013
LiveThreat Intelligence Impact Report 2013 Sponsored by Independently conducted by Ponemon Institute LLC Publication Date: July 2013 Ponemon Institute Research Report Contents Part 1. Introduction 3 Executive
More information2013 Cost of Cyber Crime Study: United States
2013 Cost of Cyber Crime Study: United States Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: October 2013 Ponemon Institute Research Report Part
More information