Cyber Security on the Offense: A Study of IT Security Experts
|
|
- Dennis Hines
- 8 years ago
- Views:
Transcription
1 Cyber Security on the Offense: A Study of IT Security Experts Co-authored with Radware Independently conducted by Ponemon Institute LLC Publication Date: November 2012 Ponemon Institute Research Report
2 Cyber Security on the Offense: A Study of IT Security Experts Ponemon Institute, November 2012 Part 1. Introduction We are pleased to present the findings of Cyber Security on the Offense: A Study of IT Security Experts authored by Radware and Ponemon Institute. The purpose of the study is to understand organizations recognition of the need to operate on the offense to prevent and detect cyber attacks. Further, the study looks at their ability to deploy offensive tactics such as prevention and counter measures to protect their organizations As cyber attacks grow in sophistication and stealth, organizations are urged to be proactive in addressing the threats. As revealed in this research, a major consequence of not preventing attacks such as DDoS (denial of service) can be costly. On average DDoS attacks are costing companies approximately $3.5 million annually, according to the findings of this research. 1 Other negative consequences include lost intellectual property, declines in productivity, damage to brand and reputation and lost revenue. These findings are corroborated in other Ponemon Institute studies. In this study, we surveyed 705 IT and IT security practitioners. Most report directly to the Chief Information Officer (61 percent) and 21 percent report to the Chief Information Security Officer. Sixty-two percent of respondents are at the supervisor level or higher with an average of more than 11 years experience. All respondents have, to some degree, responsibility for managing their organization s cyber security activities. Some of the most noteworthy findings include the following: Critical Counter Techniques The IT security experts surveyed agree that cyber attacks are more difficult to prevent than detect. That is why in this study they rate technologies that neutralize DDoS attacks, halt the attackers computers and pinpoint the attacker s weak spots as critical to achieving a strong cyber security posture. The majority of organizations (64 percent) say the severity of cyber attacks is on the rise yet less than half say they are vigilant in monitoring attacks. The most negative consequence experienced by organizations in this research as a result of a cyber intrusion is the loss of intellectual property. The average amount of downtime following a DDoS attack is 54 minutes and the average cost for each minute of downtime was about $22,000. However, the cost can range from as little as $1 to more than $100,000 per minute of downtime. Critical to achieving a strong cyber security posture is the ability to have visibility into the motives of the cyber criminal, network infrastructure and applications. Insufficient visibility of people and business processes is most often cited as a barrier to achieving a strong cyber security posture. The majority of respondents give their organizations an average or below rating for the ability to launch or implement a counter technique against hackers and other cyber criminals. Only 29 percent say their organizations are above average. Availability of information and systems to those who need it is the most important cyber security business priority. 1 To determine the average annual cost we used the following calculation: $21,699 (average cost per minute of downtime) x 53.5 minutes (average amount of downtime as a consequence of one DDoS attack) x average number of DDoS attacks in the past 12 months = $3,482, Ponemon Institute Research Report Page 1
3 Part 2. Key Findings Following is an analysis of the key findings in this research. The complete audited findings of this research are presented in the appendix of this report. We have organized the report according to the following themes: Cyber attacks are outpacing many organizations ability to respond. Respondents perceptions about the threats and barriers to achieving an effective offensive approach to cyber risk. Organizations need to build a stronger offense. Cyber attacks are outpacing many organizations ability to respond. Severity of cyber attacks is believed to be on the rise. According to Figure 1, the majority of respondents (64 percent) say the severity of cyber attacks experienced by their organization is on the rise yet only 29 percent agree that they have the in-house expertise to launch counter measures against hackers and other cyber criminals. Figure 1. Current perceptions and response to cyber attacks Strongly agree and agree response combined The severity of cyber attacks is on the rise 64% My organization is vigilant in monitoring cyber attacks Launching a strong offensive against cyber criminals is very important Security budget is sufficient for mitigating most cyber attacks 44% 44% 48% My organization has in-house expertise to launch counter measures against cyber criminals 29% 0% 10% 20% 30% 40% 50% 60% 70% Less than half of organizations say they are vigilant in monitoring attacks (48 percent). Possible reasons holding organizations back in addressing the attacks include lack of sufficient budget and not embracing the importance of launching a strong offensive against hackers and other cyber criminals, (both 44 percent). Ponemon Institute Research Report Page 2
4 Many organizations are lagging behind in their effectiveness to combat attacks and intrusions. Despite the recognition that cyber attacks are on the rise, 36 percent say their effectiveness is not improving but staying the same (Figure 2). Thirty-five percent of respondents say their organizations are less effective in dealing with attacks. Only 29 percent say their organization s cyber security posture is more effective in combating attacks and intrusions. The increase in frequency and severity of cyber attacks could be the reason. When asked what they thought about the current state of cyber risk, 64 percent of respondents say both frequency and severity are increasing and only 10 percent say they are decreasing. Figure 2. Effectiveness in combating cyber attacks The same in terms of its effectiveness in combating attacks and intrusions 36% Less effective in combating attacks and intrusions 35% More effective in combating attacks and intrusions 29% The most negative consequence of a cyber intrusion is the loss of intellectual property. When asked to rank the severity of consequences Figure 3 shows that by far organizations are losing intellectual property (including trade secrets). Other negative consequences are productivity declines and reputation damage. The security layers most vulnerable are the data and application layers. Figure 3. Negative consequences of a cyber attack 8 = most severe to 1 = least severe 0% 5% 10% 15% 20% 25% 30% 35% 40% Lost intellectual property/trade secrets 7.5 Productivity decline 6.8 Reputation damage Lost revenue Customer turnover Stolen or damaged equipment Cost of outside consultants and experts Regulatory actions or lawsuits Ponemon Institute Research Report Page 3
5 Lack of visibility and inability to protect against mobile and negligent insiders is putting organizations at risk. Visibility can be defined as an organization s ability to observe or record what employees are doing when logged onto their business computers, including mobileconnected devices such as laptops, smart phones, notebooks, tablets and other devices. As shown in Figure 4, respondents believe this lack of visibility is the greatest area of potential cyber security risk. Other risks that worry respondents are: mobile/remote employees, negligent insiders and third-party applications. Figure 4. Greatest areas of potential cyber security risk Three responses permitted Lack of system connectivity/visibility Mobile/remote employees Negligent insiders Across 3rd party applications Cloud computing infrastructure and providers Organizational misalignment and complexity Mobile devices such as smart phones Malicious insiders Desktop or laptop computers Network infrastructure environment Removable media and/or media (CDs, DVDs) Virtual computing environments Within operating systems The server environment Data centers 8% 7% 6% 6% 15% 13% 34% 32% 31% 29% 28% 25% 24% 22% 20% 0% 5% 10% 15% 20% 25% 30% 35% 40% Ponemon Institute Research Report Page 4
6 DDoS attacks are costly. Sixty-five percent of organizations represented in this study had an average of three DDoS attacks in the past 12 months. The average amount of downtime that their organization s network or enterprise systems experienced as a result of one DDoS attack was about 54 minutes, as shown in Figure 5. Figure 5. Average downtime after one DDoS attack 25% 22% 20% 16% 15% 10% 5% 10% 13% 11% 9% 5% 4% 10% 0% Less than 1 minute 1 to 10 minutes 11 to 20 minutes 21 to 30 minutes 31 to 60 minutes 1 to 2 hours 3 to 5 hours More than 5 hours Cannot determine Figure 6 shows that the average cost for each minute of downtime, which includes lost traffic, diminished end user productivity and lost revenues, was about $22,000. The cost can range from as little as $1 to more than $100,000 per minute of downtime. We calculated that these attacks average companies more than $3,482, annually. Figure 6. Cost per minute of downtime 25% 21% 20% 15% 12% 15% 15% 11% 10% 5% 1% 8% 7% 5% 5% 0% $1 to $10 $10 to $100 $101 to $1,000 $1,001 to $5,000 $5,001 to $10,000 $10,001 to $25,000 $25,001 to $50,000 $50,001 to More than $100,000 $100,000 Cannot determine Ponemon Institute Research Report Page 5
7 The majority of organizations are using anti-virus/anti-malware and anti-ddos to deal with cyber attacks. Figure 7 reveals the cyber defenses most frequently considered important to protect their organizations from attacks or intrusions are anti-virus/anti-malware, anti-dos/ddos (denial of services) and identity and authentication systems. Figure 7. Cyber defenses most important Very important and important response combined Anti-virus/anti-malware Anti-DoS/DDoS Identity and authentication systems Intrusion prevention systems Intrusion detection systems Secure network gateways Endpoint security systems Security intelligence systems including SIEM Web application firewalls Content aware firewalls 75% 71% 64% 59% 56% 52% 51% 51% 50% 50% 0% 10% 20% 30% 40% 50% 60% 70% 80% The least important cyber defenses are shown in Figure 8. Although respondents are concerned about employees mobile devices, only 26 percent of respondents say mobile device management is important. Also not considered as important are enterprise encryption for data at rest and ID credentialing, including biometrics. Figure 8. Cyber defenses not as important Very important and important response combined Secure coding in the development of new applications Data loss prevention systems 47% 45% Enterprise encryption for data in motion Other crypto technologies including tokenization ID credentialing including biometrics Enterprise encryption for data at rest 39% 38% 36% 32% Mobile device management 26% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Companies are using outside security services providers (MSSP) to help deal with attacks and intrusions. On average, 24 percent of their organizations security defenses are managed outside Ponemon Institute Research Report Page 6
8 and the most typical services are remote perimeter management and penetration and vulnerability testing. Respondents perceptions about the threats and barriers to achieving an effective offensive approach to cyber risks. Respondents are clear about the major threats and barriers they face. We asked respondents to rank specific cyber security threats according to their risk mitigation priority within their organizations. According to Figure 9, organizations are most concerned about addressing denial of service (DoS), server-side injections (SSI) and distributed denial of service (DDoS). The following threats are ranked as a lower priority for risk mitigation: phishing and social engineering, web scrapping and cross-site scripting. Figure 9. Cyber security threats according to risk mitigation priority 10 = highest priority to 1 = lowest priority Denial of service (DoS) Server side injection (SSI) Distributed denial of service (DDoS) Viruses, worms and trojans Malware Botnets Malicious insiders Cross-site scripting Web scrapping Phishing and social engineering Ponemon Institute Research Report Page 7
9 The biggest barrier to achieving a strong cyber security posture is the lack of visibility into the enterprise and user behavior. Critical to achieving a strong cyber security posture is the ability to have visibility into the motives of the cyber criminal, network infrastructure and applications. Figure 10 reveals that respondents believe the biggest barrier to creating a strong security posture is insufficient visibility of people and business processes. Insufficient resources or budget and lack of effective security technology solutions are also major barriers. Only 22 percent say it is the lack of assessment of cyber security risks. Figure 10. Barriers to achieving a strong cyber security posture Two responses permitted Insufficient visibility of people and business processes 44% Insufficient resources or budget Lack of effective security technology solutions 35% 34% Lack of oversight or governance 27% Insufficient assessment of cyber security risks Lack of skilled or expert personnel 19% 22% Complexity of compliance and regulatory requirements Lack of leadership 8% 10% Other 1% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Ponemon Institute Research Report Page 8
10 To reduce cyber risks organizations need to build a strong offense. Availability is the cyber security priority for many organizations. We asked respondents to select the top security objectives in terms of being a business priority within their organization. As shown in Figure 11, availability of information and systems to those who need it is considered most important. Compliance with regulations and laws is a close second. Maintaining the integrity or original state of information is about an average priority. Less important are confidentiality of sensitive and confidential information and interoperability. Figure 11. Ranking of cyber security objectives in terms of a business priority objective 5 = highest priority to 1 = lowest priority Availability Compliance Integrity Confidentiality Interoperability Ponemon Institute Research Report Page 9
11 Cyber attacks are more difficult to prevent than detect. Seventy-five percent say the attacks are difficult to stop and 60 percent say they are difficult to detect. Accordingly, as shown in Figure 12, 67 percent say technology that neutralizes denial of service attacks before they happen is important and 60 percent say it is technology that slows down or even halts the attacker s computers. Figure 12. Counter technique capabilities most important Very important and important response combined 68% 66% 64% 67% 62% 60% 58% 56% 54% 52% Technology that neutralizes denial of service attacks before they happen 60% Technology that slows down or even halts the attacker s computers 58% Technology that pinpoints the attacker s weak spots Network intelligence technologies are considered most promising to deal with cyber threats. Fifty-seven percent of respondents place importance on technologies that provide intelligence about networks and traffic, as shown in Figure 13. This is followed by 33 percent who say it is technologies that provide intelligence about attackers motivation and weak spots and technologies that secure information assets. Least valuable are technologies that secure the perimeter. Figure 13. Technologies most favored Two responses permitted Intelligence about networks and traffic technologies 57% Security of information assets technologies Intelligence about attackers motivation and weak spots technologies Insider threat minimizing technologies 33% 33% 31% Simplifying threat reporting technologies Endpoint security technologies including mobile devices Perimeter security technologies 10% 15% 21% 0% 10% 20% 30% 40% 50% 60% 70% Ponemon Institute Research Report Page 10
12 Counter techniques enable companies to thwart an attacker s offensive maneuvers while maintaining its defensive position. Seventy-one percent of respondents give their organizations an average or below rating for the ability to launch or implement a counter technique against hackers and other cyber criminals (Figure 14). Only 29 percent of respondents say their organizations are above average. Figure 14. Ability to launch a counter technique against a cyber criminal 1 = unable to perform counter technique to 10 = fully capable 20% 18% 16% 14% 12% 10% 8% 6% 4% 2% 0% 16% 19% 17% 11% Figure 15 shows that the main reasons for not being effective in launching a counter measure or technique is the lack of enabling technologies and resources or budget. Also significant is the dearth of expert personnel and the fact that very often counter measures are not a security priority. Figure 15. Reasons for not being fully capable of launching a counter technique More than one response permitted 80% 70% 8% 1 (weak) (strong) 71% 69% 5% 7% 5% 9% 3% 60% 50% 53% 53% 40% 30% 20% 10% 0% Lack of enabling technologies Lack of resources or budget Do not have ample expert personnel Not considered a security-related priority 2% Other Ponemon Institute Research Report Page 11
13 According to Figure 16, if respondents rated their organizations above average, the counter techniques deployed against hackers and other cyber criminals are manual surveillance methods and close examination of logs and configuration settings. Figure 16. Methods for performing counter techniques More than one response permitted 80% 70% 60% 67% 61% 50% 40% 43% 30% 20% 10% 0% Manual surveillance methods Close examination of logs and configuration settings Use of security intelligence tools 2% Other Ponemon Institute Research Report Page 12
14 Comparison of three industries In this section we compare three industry sectors namely, financial service, public sector (government) and health and pharmaceutical organizations. Please note that only these three industries had large enough sub-samples to be culled out of the total sample and analyzed separately. 2 The following bar chart compares three industry sectors according to their average ranking of eight negative consequences that they experienced as a result of a cyber attack or intrusion (wherein 8 is the most severe consequence). As can be seen in Figure 17, productivity declines are considered a very severe consequence among respondents in all three industry sectors. However, reputation damage and lost revenue appears to be less severe for the public sector. In contrast, respondents in financial services rate reputation damage, customer turnover and regulatory action as a more severe consequence of a cyber attack than the other sectors. Finally, organizations in healthcare and pharmaceuticals rate productivity decline, lost revenue, lost intellectual property and regulatory actions as a more severe consequence of a cyber attack than financial services and public sector organizations. Figure 17. Most severe consequences of a cyber attack for three industry sectors 8 = most severe to 1 = least severe Productivity decline Reputation damage Lost revenue Lost intellectual property Customer turnover Regulatory actions or lawsuits Stolen or damaged equipment Cost of consultants and experts Health & pharmaceuticals Public sector Financial services 2 The sample sizes are as follows: financial services (n = 134), public sector (n = 93) and health & pharmaceuticals (n = 78). Ponemon Institute Research Report Page 13
15 Figure 18 reports the average frequency of denial of service attacks experienced by financial service, public sector and health and pharmaceutical companies over the past 12 months. As can be seen, public sector organizations experienced a higher rate of DDoS attacks. Figure 18. Frequency of DDoS attacks experienced for organizations in three industries Financial services Public sector Health & pharmaceuticals Figure 19 summarizes the average amount of downtime that organizations in three industries experienced as a consequence of one DDoS attack. Here again, public sector organizations experience a longer period of downtime than financial service and health and pharmaceutical companies. Figure 19. Average downtime organizations in three industries Minutes of downtime Financial services Public sector Health & pharmaceuticals Ponemon Institute Research Report Page 14
16 Figure 20 reports the extrapolated cost incurred by organizations in three industries each minute of downtime. The estimated cost includes lost traffic, end-user productivity and lost revenues that occur because of denial of service attacks. As can be seen, financial service organizations experienced the highest cost per minute of downtime. In contrast, public sector organizations had a substantially lower cost of downtime estimate as shown below. Figure 20. Estimated cost per minute of downtime for organizations in three industries $35,000 $32,560 $30,000 $25,000 $23,519 $20,000 $15,000 $15,447 $10,000 $5,000 $- Financial services Public sector Health & pharmaceuticals Ponemon Institute Research Report Page 15
17 Part 3. Conclusion and recommendations As is revealed in this research, organizations are lagging behind in their ability to deal with the aggressive and sophisticated tactics of cyber criminals. The IT security experts surveyed give their organizations a below average score in their effectiveness to launch counter measures. To achieve a proactive cyber security posture, organizations should consider the following practices: Create a strategy and plan that puts emphasis on having a strong offense against hackers and other cyber criminals. Ensure internal IT staff as well as such external support as IT vendors and MSSPs are knowledgeable and available to respond to attacks before they take place. Support the strategy with the right technologies to prevent and detect cyber attacks. In this and other Ponemon Institute studies on cyber crimes, the financial and reputational consequences are well documented. Organizations that suffer attacks face real-world consequences. The findings of this research can help organizations make the business case for adopting a more proactive approach to the advanced persistent threats facing them. Ponemon Institute Research Report Page 16
18 Part 4. Methods A random sampling frame of 22,501 IT and IT security practitioners located in all regions of the United States were selected as participants to this survey. As shown in Table 1, 895 respondents completed the survey. Screening removed 139 surveys and an additional 51 surveys that failed reliability checks were removed. The final sample was 705 surveys (or a 3.1 percent response rate). Table 1. Sample response Freq. Pct% Total sampling frame 22, % Total returns % Rejected surveys % Screened surveys % Final sample % As noted in Table 2, the respondents average (mean) experience in IT, IT security or related fields is 11.4 years. Table 2. Other characteristics of respondents Mean Total years of overall experience 11.4 Total years in your current position 6.2 Pie Chart 1 reports the respondents primary industry segments. Nineteen percent of respondents are in financial services and 13 percent are in the public sector. Another eleven percent is in health and pharmaceuticals. Pie Chart 1. Distribution of respondents according to primary industry classification 4% 2% 2% 2% 1% 4% 5% 5% 5% 6% 6% 7% 8% 19% 11% 13% Financial services Public sector Health & pharmaceuticals Retail (conventional) E-commerce Industrial Services Energy & utilities Hospitality Technology & software Consumer products Transportation Communications Education & research Entertainment & media Agriculture & food services Ponemon Institute Research Report Page 17
19 Pie Chart 2 reports the respondent s organizational level within participating organizations. More than half (62 percent) of respondents are at or above the supervisory levels. Pie Chart 2. What organizational level best describes your current position? 4% 1% 2% 1% 17% Senior executive Vice president 33% Director Manager Supervisor 23% Technician Staff Consultant 19% According to Pie Chart 3, 61 percent of respondents report directly to the Chief Information Officer and 21 percent report to the CISO. Pie Chart 3. The primary person you or the IT security leader reports to within the organization 5% 3% 2% 2% 2% 4% Chief Information Officer Chief Information Security Officer 21% 61% Chief Risk Officer General Counsel Chief Financial Officer Compliance Officer Chief Security Officer Other Ponemon Institute Research Report Page 18
20 Forty-one percent of respondents say the CIO is most responsible for managing the cyber security posture and 21 percent say it is the CISO, as shown in Pie Chart 4. Pie Chart 4. The person most responsible for managing the cyber security posture 11% 12% 4% 3% 3% 2% 2% 1% 21% As shown in Pie Chart 5, 65 percent of respondents are from organizations with a global headcount of more than one thousand. Pie Chart 5. Global headcount 41% Chief information officer Chief information security officer No one person has overall responsibility Business unit management Outside managed service provider Chief risk officer Corporate compliance or legal department Chief technology officer Data center management Chief security officer 6% 4% 7% 9% < % 19% 100 to to 1,000 1,001 to 5,000 5,001 to 25,000 25,001 to 75,000 > 75,000 34% Ponemon Institute Research Report Page 19
21 Part 5. Caveats There are inherent limitations to survey research that need to be carefully considered before drawing inferences from findings. The following items are specific limitations that are germane to most web-based surveys. Non-response bias: The current findings are based on a sample of survey returns. We sent surveys to a representative sample of individuals, resulting in a large number of usable returned responses. Despite non-response tests, it is always possible that individuals who did not participate are substantially different in terms of underlying beliefs from those who completed the instrument. Sampling-frame bias: The accuracy is based on contact information and the degree to which the list is representative of individuals who are IT or IT security practitioners. We also acknowledge that the results may be biased by external events such as media coverage. We also acknowledge bias caused by compensating subjects to complete this research within a holdout period. Self-reported results: The quality of survey research is based on the integrity of confidential responses received from subjects. While certain checks and balances can be incorporated into the survey process, there is always the possibility that a subject did not provide a truthful response. Ponemon Institute Research Report Page 20
22 Appendix: Detailed Survey Results The following tables provide the frequency or percentage frequency of responses to all survey questions contained in this study. All survey responses were captured in September Survey response Freq Pct% Total sampling frame 22, % Total returns % Rejections % Screening reductions % Final sample % Part 1. Screening questions S1. How familiar are you with your organization s defense against cyber security attacks? Freq Pct% Very familiar % Familiar % Somewhat familiar % No knowledge (Stop) 90 11% Total % S2. Do you have any responsibility in managing cyber security activities within your organization? Freq Pct% Yes, full responsibility % Yes, some responsibility % Yes, minimum responsibility % No responsibility (Stop) 49 6% Total % Adjusted final sample 705 Part 2. Perceptions about the organization Strongly agree Agree Q1a. My organization is vigilant in monitoring cyber attacks. 22% 26% Q1b. My organization s security budget is sufficient for mitigating most cyber attacks (intrusions). 19% 25% Q1c. The severity of cyber attacks experienced by my organization is on the rise. 33% 31% Q1d. Launching a strong offensive against hackers and other cyber criminals is very important to my organization s security strategy. 17% 27% Q1e. My organization has the in-house expertise to launch counter measures against hackers and other cyber criminals. 11% 18% Part 3. Security environment Q2. Please rank each one of the following five (5) cyber security objectives in terms of a business priority within your organization from 5 = highest priority to 1 = lowest priority. Average rank Rank order Availability Integrity Confidentiality Interoperability Compliance Average 3.5 Ponemon Institute Research Report Page 21
23 Q3. Please rank each one of the following ten (10) cyber security threats in terms of a risk mitigation priority within your organization from 10 = highest priority to 1 = lowest priority. Average rank Rank order Malware Server side injection (SSI) Cross-site scripting Denial of service (DoS) Distributed denial of service (DDoS) Web scrapping Viruses, worms and trojans Botnets Malicious insiders Phishing and social engineering Average 6.2 Q4. Please rank each one of the following eight (8) negative consequences that your organization experienced as a result of a cyber attack or intrusion, from 8 = most severe to 1 = least severe. Average rank Rank order Lost revenue Lost intellectual property (including trade secrets) Stolen or damaged equipment Productivity decline Regulatory actions or lawsuits Reputation damage Customer turnover Cost of outside consultants and experts Total 5.2 Q5. Has the frequency and/or severity of cyber attacks experienced by your organization changed over the past 12 months? Pct% No change 20% Small increase (less than 10%) 25% Moderate increase (between 10% and 25%) 30% Increase Substantial increase (more than 25%) 9% 64% Small decrease (less than 10%) 5% Moderate decrease (between 10% and 25%) 3% Substantial decrease (more than 25%) 2% Decrease Cannot determine 6% 10% Total 100% Q6. What statement best describes changes to your organization s cyber security posture over the past 12 months? Pct% Our organization s cyber security posture is more effective in combating attacks and intrusions. 29% Our organization s cyber security posture is less effective in combating attacks and intrusions. 35% Our organization s cyber security posture remains the same in terms of its effectiveness in combating attacks and intrusions. 36% Total 100% Ponemon Institute Research Report Page 22
Big Data Analytics in Cyber Defense
Big Data Analytics in Cyber Defense Sponsored by Teradata Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Big Data Analytics in Cyber
More informationRisk & Innovation in Cybersecurity Investments. Sponsored by Lockheed Martin
Risk & Innovation in Cybersecurity Investments Sponsored by Lockheed Martin Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report Part 1. Introduction
More informationA Study of Retail Banks & DDoS Attacks
A Study of Retail Banks & DDoS Attacks Sponsored by Corero Network Security Independently conducted by Ponemon Institute LLC Publication Date: December 2012 Ponemon Institute Research Report A Study of
More informationThe Cost of Insecure Mobile Devices in the Workplace Sponsored by AT&T
The Cost of Insecure Mobile Devices in the Workplace! Sponsored by AT&T Independently conducted by Ponemon Institute LLC Publication Date: March 2014 Part 1. Introduction The Cost of Insecure Mobile Devices
More informationThe Impact of Cybercrime on Business
The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted
More informationUnderstanding Security Complexity in 21 st Century IT Environments:
Understanding Security Complexity in 21 st Century IT Environments: A study of IT practitioners in the US, UK, France, Japan & Germany Sponsored by Check Point Software Technologies Independently conducted
More informationEfficacy of Emerging Network Security Technologies
Efficacy of Emerging Network Security Technologies Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Part
More informationThe Importance of Cyber Threat Intelligence to a Strong Security Posture
The Importance of Cyber Threat Intelligence to a Strong Security Posture Sponsored by Webroot Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report
More informationIs Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: March 2013 Ponemon Institute Research Report
More informationPerceptions About Network Security Survey of IT & IT security practitioners in the U.S.
Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2011 Ponemon
More informationManaging Cyber Security as a Business Risk: Cyber Insurance in the Digital Age
Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013
More informationIs Your Company Ready for a Big Data Breach?
Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication
More informationIs Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report
More information2015 Global Study on IT Security Spending & Investments
2015 Study on IT Security Spending & Investments Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Sponsored by Part 1. Introduction Security risks are pervasive and becoming
More informationAftermath of a Data Breach Study
Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath
More informationThe State of Data Security Intelligence. Sponsored by Informatica. Independently conducted by Ponemon Institute LLC Publication Date: April 2015
The State of Data Security Intelligence Sponsored by Informatica Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report The State of Data Security
More informationThe State of Mobile Application Insecurity
The State of Mobile Application Insecurity Sponsored by IBM Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report Part 1. Introduction The State
More informationThe Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners
The Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners Sponsored by Vormetric Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon Institute
More informationAchieving Security in Workplace File Sharing. Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014
Achieving Security in Workplace File Sharing Sponsored by Axway Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Ponemon Institute Research Report Part 1. Introduction Achieving
More informationElectronic Health Information at Risk: A Study of IT Practitioners
Electronic Health Information at Risk: A Study of IT Practitioners Sponsored by LogLogic Conducted by Ponemon Institute LLC October 15, 2009 Ponemon Institute Research Report Executive summary Electronic
More informationData Security in Development & Testing
Data Security in Development & Testing Sponsored by Micro Focus Independently conducted by Ponemon Institute LLC Publication Date: July 31, 2009 Ponemon Institute Research Report Data Security in Development
More informationReputation Impact of a Data Breach U.S. Study of Executives & Managers
Reputation Impact of a Data Breach U.S. Study of Executives & Managers Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon
More informationThe SQL Injection Threat Study
The SQL Injection Threat Study Sponsored by DB Networks Independently conducted by Ponemon Institute LLC Publication Date: April 2014 1 The SQL Injection Threat Study Presented by Ponemon Institute, April
More informationData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier Effect Sponsored by Netskope Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report Part 1. Introduction Data Breach:
More information2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition
2012 Web Session Intelligence & Security Report: Business Logic Abuse Edition Sponsored by Silver Tail Systems Independently conducted by Ponemon Institute, LLC Publication Date: October 2012 Ponemon Institute
More informationSecurity Metrics to Manage Change: Which Matter, Which Can Be Measured?
Security Metrics to Manage Change: Which Matter, Which Can Be Measured? Sponsored by FireMon Independently conducted by Ponemon Institute LLC Publication Date: April 2014 2 Security Metrics to Manage Change:
More information2014: A Year of Mega Breaches
2014: A Year of Mega Breaches Sponsored by Identity Finder Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report Part 1. Introduction 2014: A
More information2014 State of Endpoint Risk. Sponsored by Lumension. Independently conducted by Ponemon Institute LLC Publication Date: December 2013
2014 State of Endpoint Risk Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: December 2013 Ponemon Institute Research Report 2014 State of Endpoint Risk Ponemon
More informationWhat You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage
What You Don t Know Will Hurt You: A Study of the Risk from Application Access and Usage Sponsored by ObserveIT Independently conducted by Ponemon Institute LLC June 2015 Ponemon Institute Research Report
More informationAdvanced Threats in Retail Companies: A Study of North America & EMEA
Advanced Threats in Companies: A Study of North America & EMEA Sponsored by Arbor Networks Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report
More informationThe 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season
The 2013 ecommerce Cyber Crime Report: Safeguarding Brand And Revenue This Holiday Season Sponsored by RSA Security Independently conducted by Ponemon Institute, LLC Publication Date: October 2013 Ponemon
More informationThe Unintentional Insider Risk in United States and German Organizations
The Unintentional Insider Risk in United States and German Organizations Sponsored by Raytheon Websense Independently conducted by Ponemon Institute LLC Publication Date: July 2015 2 Part 1. Introduction
More informationGlobal Insights on Document Security
Global Insights on Document Security Sponsored by Adobe Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report Global Insights on Document Security
More informationUnderstaffed and at Risk: Today s IT Security Department. Sponsored by HP Enterprise Security
Understaffed and at Risk: Today s IT Security Department Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute Research
More information2012 Application Security Gap Study: A Survey of IT Security & Developers
2012 Application Gap Study: A Survey of IT & s Research sponsored by Innovation Independently Conducted by Ponemon Institute LLC March 2012 1 2012 Application Gap Study: A Survey of IT & s March 2012 Part
More informationThird Annual Study: Is Your Company Ready for a Big Data Breach?
Third Annual Study: Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute
More informationSecurity of Paper Records & Document Shredding. Sponsored by Cintas. Independently conducted by Ponemon Institute LLC Publication Date: January 2014
Security of Paper Records & Document Shredding Sponsored by Cintas Independently conducted by Ponemon Institute LLC Publication Date: January 2014 Ponemon Institute Research Report Part 1. Introduction
More informationThe Cost of Web Application Attacks
The Cost of Web Application Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Ponemon Institute Research Report Part 1. Introduction The
More informationThe Security Impact of Mobile Device Use by Employees
The Security Impact of Mobile Device Use by Employees Sponsored by Accellion Independently conducted by Ponemon Institute LLC Publication Date: December 2014 Ponemon Institute Research Report The Security
More informationExposing the Cybersecurity Cracks: A Global Perspective
Exposing the Cybersecurity Cracks: A Global Perspective Part I: Deficient, Disconnected & in the Dark Sponsored by Websense, Inc. Independently conducted by Ponemon Institute LLC Publication Date: April
More informationState of Web Application Security U.S. Survey of IT & IT security practitioners
State of Web Application Security U.S. Survey of IT & IT security practitioners Sponsored by Cenzic & Barracuda Networks Independently conducted by Ponemon Institute LLC Publication Date: March 2011 Ponemon
More informationData Security in the Evolving Payments Ecosystem
Data Security in the Evolving Payments Ecosystem Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2015 Ponemon Institute Research Report
More informationThe SQL Injection Threat & Recent Retail Breaches
The SQL Injection Threat & Recent Retail Breaches Sponsored by DB Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2014 1 Part 1. Introduction The SQL Injection Threat &
More information2015 Global Megatrends in Cybersecurity
2015 Global Megatrends in Cybersecurity Sponsored by Raytheon Independently conducted by Ponemon Institute LLC Publication Date: February 2015 Ponemon Institute Research Report 2015 Global Megatrends in
More informationThe State of USB Drive Security
The State of USB Drive Security U.S. survey of IT and IT security practitioners Sponsored by Kingston Independently conducted by Ponemon Institute LLC Publication Date: July 2011 Ponemon Institute Research
More informationSecurity of Cloud Computing Users Study
Security of Cloud Computing Users Study Sponsored by CA Technologies Independently conducted by Ponemon Institute, LLC Publication Date: March 2013 Security of Cloud Computing Users Study March 2013 Part
More informationExposing the Cybersecurity Cracks: A Global Perspective
Exposing the Cybersecurity Cracks: A Global Perspective Part 2: Roadblocks, Refresh and Raising the Human Security IQ Sponsored by Websense Independently conducted by Ponemon Institute LLC Publication
More informationCloud Security: Getting It Right
Cloud Security: Getting It Right Sponsored by Armor Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute Research Report Cloud Security: Getting It Right Ponemon
More informationThe State of Data Centric Security
The State of Data Centric Security Sponsored by Informatica Independently conducted by Ponemon Institute LLC Publication Date: June 2014 Ponemon Institute Research Report State of Data Centric Security
More informationPrivileged User Abuse & The Insider Threat
Privileged User Abuse & The Insider Threat Commissioned by Raytheon Company Independently conducted by Ponemon Institute LLC Publication Date: May 2014 1 Privileged User Abuse & The Insider Threat Ponemon
More informationState of SMB Cyber Security Readiness: UK Study
State of SMB Cyber Security Readiness: UK Study Sponsored by Faronics Independently conducted by Ponemon Institute LLC Publication Date: November 2012 Ponemon Institute Research Report Part 1. Introduction
More informationThe Importance of Senior Executive Involvement in Breach Response
The Importance of Senior Executive Involvement in Breach Response Sponsored by HP Enterprise Security Services Independently conducted by Ponemon Institute LLC Publication Date: October 2014 The Importance
More informationThe End Endorsed Devices pose a Large Security Risk to Your Organization
2013 State of the Endpoint Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: December 2012 Ponemon Institute Research Report 2013 State of the Endpoint Ponemon Institute:
More informationGlobal Survey on Social Media Risks Survey of IT & IT Security Practitioners
0 Global Survey on Social Media Risks Survey of IT & IT Security Practitioners Sponsored by Websense Independently conducted by Ponemon Institute LLC Publication Date: September 2011 1 Global Survey on
More informationNational Survey on Data Center Outages
National Survey on Data Center Outages Independently conducted by Ponemon Institute LLC Publication Date: 30 September 2010 Part 1. Executive Summary National Survey on Data Center Outages Ponemon Institute,
More informationState of IT Security Study of Utilities & Energy Companies
State of IT Security Study of Utilities & Energy Companies Sponsored by Q1 Labs Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report State of
More informationChallenges of Cloud Information
The Challenges of Cloud Information Governance: A Global Data Security Study Sponsored by SafeNet Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research
More informationThreat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations
Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations Sponsored by AccessData Independently conducted by Ponemon Institute LLC Publication Date: February 2014 Ponemon Institute
More informationDefining the Gap: The Cybersecurity Governance Study
Defining the Gap: The Cybersecurity Governance Study Sponsored by Fidelis Cybersecurity Independently conducted by Ponemon Institute LLC Publication Date: June 2015 Ponemon Institute Research Report Defining
More informationSecurity of Cloud Computing Providers Study
Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report I. Executive Summary
More informationSecurity of Cloud Computing Providers Study
Security of Cloud Computing Providers Study Sponsored by CA Technologies Independently conducted by Ponemon Institute LLC Publication Date: April 2011 Ponemon Institute Research Report I. Executive Summary
More informationThe Post Breach Boom. Sponsored by Solera Networks. Independently conducted by Ponemon Institute LLC Publication Date: February 2013
The Post Breach Boom Sponsored by Solera Networks Independently conducted by Ponemon Institute LLC Publication Date: February 2013 Ponemon Institute Research Report Part 1. Introduction The Post Breach
More informationBreaking Bad: The Risk of Insecure File Sharing
Breaking Bad: The Risk of Insecure File Sharing Sponsored by Intralinks Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research Report Breaking Bad: The
More information2015 State of the Endpoint Report: User-Centric Risk
2015 State of the Endpoint Report: User-Centric Risk Sponsored by Lumension Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report 2015 State
More information2015 Global Cyber Impact Report
2015 Global Cyber Impact Report Sponsored by Aon Risk Services Independently conducted by Ponemon Institute LLC Publication Date: April 2015 2015 Global Cyber Impact Report Ponemon Institute, April 2015
More informationCyber Threat Intelligence: Has to Be a Better Way
Exchanging Cyber Threat Intelligence: There Has to Be a Better Way Sponsored by IID Independently conducted by Ponemon Institute LLC Publication Date: April 2014 Ponemon Institute Research Report Exchanging
More informationCorporate Data: A Protected Asset or a Ticking Time Bomb?
Corporate Data: A Protected Asset or a Ticking Time Bomb? Sponsored by Varonis Independently conducted by Ponemon Institute LLC Publication Date: December 2014 Ponemon Institute Research Report Corporate
More informationPerceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA)
Perceptions about the Potential Expiration of The Terrorism Risk Insurance Act (TRIA) Sponsored by Property Casualty Insurers Association of America Independently conducted by Ponemon Institute LLC Publication
More informationAchieving Data Privacy in the Cloud
Achieving Data Privacy in the Cloud Study of Information Technology Privacy and Compliance of Small to Medium-Sized Organizations in germany Sponsored by microsoft Independently Conducted by Ponemon Institute
More informationThe Economic and Productivity Impact of IT Security on Healthcare
The Economic and Productivity Impact of IT Security on Healthcare Sponsored by Imprivata Independently conducted by Ponemon Institute LLC Publication Date: May 2013 Ponemon Institute Research Report The
More informationLeading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers
Leading Practices in Behavioral Advertising & Consumer Privacy Study of Internet Marketers and Advertisers Independently Conducted by Ponemon Institute LLC February 2012 Leading Practices in Behavioral
More informationHow Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States
How Single Sign-On Is Changing Healthcare A Study of IT Practitioners in Acute Care Hospitals in the United States Sponsored by Imprivata Independently conducted by Ponemon Institute LLC Publication Date:
More informationThe Fraud Report: How Fake Users Are Impacting Business
The Fraud Report: How Fake Users Are Impacting Business Sponsored by TeleSign Independently conducted by Ponemon Institute LLC Publication Date: November 2015 Ponemon Institute Research Report The Fraud
More informationThe Role of Governance, Risk Management & Compliance in Organizations
The Role of Governance, Risk Management & Compliance in Organizations Study of GRC practitioners Sponsored by RSA, The Security Division of EMC Independently conducted by Ponemon Institute LLC Publication
More informationLiveThreat Intelligence Impact Report 2013
LiveThreat Intelligence Impact Report 2013 Sponsored by Independently conducted by Ponemon Institute LLC Publication Date: July 2013 Ponemon Institute Research Report Contents Part 1. Introduction 3 Executive
More informationIBM QRadar Security Intelligence: Evidence of Value
IBM QRadar Security Intelligence: Evidence of Value Independently conducted by Ponemon Institute LLC February 2014 Ponemon Institute Research Report Background IBM QRadar: Evidence of Value Ponemon Institute:
More informationThe Human Factor in Data Protection
The Human Factor in Data Protection Sponsored by Trend Micro Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report The Human Factor in Data Protection
More informationSponsored by Zimbra. The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA
The Open Source Collaboration Study: Viewpoints on Security & Privacy in the US & EMEA Sponsored by Zimbra Independently conducted by Ponemon Institute LLC Publication Date: November 2014 Ponemon Institute
More informationThe TCO for Full Disk Encryption Studies in the US, UK, Germany & Japan
The TCO for Full Disk Encryption Studies in the US, UK, Germany & Japan Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: July 2012 Ponemon Institute Research Report
More informationSecurity of Cloud Computing Users A Study of Practitioners in the US & Europe
Security of Cloud Computing Users A Study of Practitioners in the US & Europe Sponsored by CA Independently conducted by Ponemon Institute LLC Publication Date: 12 May 2010 Ponemon Institute Research Report
More informationEncryption in the Cloud
Encryption in the Cloud Who is responsible for data protection in the cloud? Sponsored by Thales e-security Independently conducted by Ponemon Institute LLC Publication Date: July 2012 Ponemon Institute
More informationFirst Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies
First Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies Sponsored by ArcSight Independently conducted by Ponemon Institute LLC Publication Date: July 2010 Ponemon Institute Research Report
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationSurvey on the Governance of Unstructured Data. Independently Conducted and Published by Ponemon Institute LLC. Sponsored by Varonis Systems, Inc.
Survey on the Governance of Unstructured Data Independently Conducted and Published by Ponemon Institute LLC Sponsored by Varonis Systems, Inc. June 30, 2008 Please Do Not Quote Without Express Permission.
More information2013 Study on Data Center Outages
2013 Study on Data Center Outages Independently conducted by Ponemon Institute LLC Publication Date: September 2013 2013 Study on Data Center Outages Ponemon Institute, September 2013 Part 1. Introduction
More informationThe TCO of Software vs. Hardware-based Full Disk Encryption Summary
The TCO of vs. -based Full Disk Encryption Summary Sponsored by WinMagic Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Industry Co-Sponsors Ponemon Institute Research Report
More informationData Loss Risks During Downsizing As Employees Exit, so does Corporate Data
Data Loss Risks During Downsizing As Employees Exit, so does Corporate Data Independently conducted by Ponemon Institute LLC Publication Date: February 23, 2009 Sponsored by Symantec Corporation Ponemon
More informationBest Practices in Data Protection Survey of U.S. IT & IT Security Practitioners
Best Practices in Data Protection Survey of U.S. IT & IT Security Practitioners Sponsored by McAfee Independently conducted by Ponemon Institute LLC Publication Date: October 2011 Ponemon Institute Research.
More information2013 Cost of Cyber Crime Study: United States
2013 Cost of Cyber Crime Study: United States Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: October 2013 Ponemon Institute Research Report Part
More information2012 Business Banking Trust Trends Study
2012 Business Banking Trust Trends Study Sponsored by Guardian Analytics Independently conducted by Ponemon Institute LLC Publication Date: August 2012 Ponemon Institute Research Report Part 1. Introduction
More informationCompliance Cost Associated with the Storage of Unstructured Information
Compliance Cost Associated with the Storage of Unstructured Information Sponsored by Novell Independently conducted by Ponemon Institute LLC Publication Date: May 2011 Ponemon Institute Research Report
More informationSecond Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies
Second Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies Sponsored by ArcSight, an HP Company Independently conducted by Ponemon Institute LLC Publication Date: August 2011 Ponemon Institute
More informationCritical Infrastructure: Security Preparedness and Maturity Sponsored by Unisys
Critical Infrastructure: Security Preparedness and Maturity Sponsored by Unisys Independently conducted by Ponemon Institute LLC Publication Date: July 2014 31 Part 1. Introduction Ponemon Institute is
More informationThe economics of IT risk and reputation
Global Technology Services Research Report Risk Management The economics of IT risk and reputation What business continuity and IT security really mean to your organization Findings from the IBM Global
More informationEnhancing Cybersecurity with Big Data: Challenges & Opportunities
Enhancing Cybersecurity with Big Data: Challenges & Opportunities Independently Conducted by Ponemon Institute LLC Sponsored by Microsoft Corporation November 2014 CONTENTS 2 3 6 9 10 Introduction The
More informationThe Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to Leader Contents Introduction......... 3 Ready to leapfrog?......... 4 Key study findings......... 4 THEME 1: Innovation and strategy: separating the leapfrogs from
More informationThe Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations
The Billion Dollar Lost Laptop Problem Benchmark study of U.S. organizations Independently conducted by Ponemon Institute LLC Publication Date: 30 September 2010 Ponemon Institute Research Report Part
More information2012 Cost of Cyber Crime Study: Germany
2012 Cost of Cyber Crime Study: Germany Sponsored by HP Enterprise Security Independently conducted by Ponemon Institute LLC Publication Date: October 2012 Ponemon Institute Research Report Part 1. Executive
More informationFinal Document. Sponsored by. Symantec. 2011 Cost of Data Breach Study: Germany
Final Document Sponsored by Symantec 2011 Cost of Data Breach Study: Germany Benchmark Research Conducted by Ponemon Institute LLC Report: March 2012 Ponemon Institute : Please do not share without express
More information2013 Cost of Data Breach Study: United States
2013 Cost of Data Breach Study: United States Benchmark research sponsored by Symantec Independently Conducted by Ponemon Institute LLC May 2013 Ponemon Institute Research Report Part 1. Executive Summary
More information