State of Security Survey GLOBAL FINDINGS

Size: px
Start display at page:

Download "State of Security Survey GLOBAL FINDINGS"

Transcription

1 2011 State of Security Survey GLOBAL FINDINGS

2

3 CONTENTS Introduction... 4 Methodology... 6 Finding 1: Cybersecurity is important to business... 8 Finding 2: The drivers of security are changing Finding 3: Details about cyberattacks for business Finding 4: What are businesses doing about security? Key Recommendations State of Security Survey 3

4 Introduction In its 2011 State of Security Survey, Symantec sought to update its global perspective on key security threats, trends and responses across a range of businesses worldwide, including SMBs and larger enterprises 3,300 in all. Of course, the insights from this survey provide a strategic market outlook for Symantec. At the same time, however, sharing its results with the industry in general and IT professionals in particular will help provide benchmarks for assessing the state of their own cybersecurity readiness. Overall, survey participants consider safeguarding their networks and data to be critically important to their business. Many see a growing menace in cyberattacks, with substantial hard and soft costs resulting from them. As the IT landscape continues its migration from desktop to mobile computing, along with increasing numbers of mobile and remote employees, the industry drivers of cybersecurity are reflecting these changes. Organizations are getting better at fighting the war against cybersecurity threats. While the majority of respondents suffered damages as a result of cyberattacks, more respondents reported a decline in the number and frequency of attacks compared to However, the survey revealed that many companies nearly half of the respondents could still do more to secure their networks and information assets. In response, companies are increasing their cybersecurity staffing and budgets. This report provides greater detail on Symantec s 2011 State of Security Survey, including our four key findings. Recommendations for improving cybersecurity follow, as does a compilation of the survey s most pertinent data behind our findings. For more information about any of the contents of this report, please contact your Symantec representative or visit 4 State of Security Survey

5 State of Security Survey 5

6 Methodology Symantec commissioned Applied Research to conduct the 2011 State of Security Survey in April and May of Researchers contacted a total of 3,300 businesses, ranging from five to more than 5,000 employees. The businesses represented a variety of industries. In the case of small businesses, the respondents were responsible for computing resources at the company, while enterprise respondents were tactical IT, strategic IT or C-level executives. The poll has a reliability of 95% confidence with +/- 1.8% margin of error. 6 State of Security Survey

7 How many employees does your organization have worldwide? 5 to 49 6% 50 to 99 6% 100 to % 250 to % 500 to % 1,000 to 2,499 (small enterprise) 12% 2,500 to 4,999 (medium enterprise) 12% 5,000 or more (large enterprise) 12% 0% 5% 10% 15% 20% 25% 30% State of Security Survey 7

8 Finding 1 Cybersecurity is important to business Businesses today are concerned about a variety of threats, including criminal activity, brand-related events, natural disasters and state-level attacks such as terrorism. According to our survey results, however, their most serious fears relate to cybersecurity. Specifically, their top worry is cyberattacks followed by IT incidents caused by well-meaning insiders and internally generated IT-related threats. Not only have cyberthreats risen to the top of organizations watch lists, but also the importance of these threats has increased for many respondents. In fact, 41 percent think cybersecurity is more important today than it was just a year ago. This compares to just 15 percent who say cybersecurity s importance is somewhat or significantly decreasing. Clearly, businesses increasingly believe that keeping their networks and information secure is of vital importance to their operations. Threats 8 State of Security Survey

9 Please rank the following business risks in order of significance to your organization. (1 being most significant, 7 being least significant, Average ranks) 0 Cyberattacks IT incidents caused by well-meaning insiders Internally generated Traditional criminal IT-related threats activity Brand-related events Natural disasters Terrorism How has the importance of securing your organization s platforms and information changed from 12 months ago? Significantly more important 13% Somewhat more important 28% About the same 45% Somewhat less important 11% Significantly less important 4% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% The security of IT is threatened by trends including: Mobile computing Social media Consumerization of IT The most critical threats are: Well-meaning insiders Hackers Targeted attacks State of Security Survey 9

10 Finding 2 The drivers of security are changing If concerns over corporate cybersecurity are increasing, why? With the market saturated by mobile devices, it s no surprise that 47 percent of survey respondents consider mobile computing to be the top challenge to providing cybersecurity. Mobile computing may be revolutionizing the productivity landscape, but IT finds it a major difficulty in securing corporate networks and data. In addition to mobile computing, 46 percent of respondents indicate that the second most pressing concern is the surge in social media. While these communication channels present unique marketing and collaborative opportunities, the potential for clicking on malicious links or posting sensitive information worries IT. Next on the list of drivers is the consumerization of IT, a concern for 45 percent of respondents. As end users adopt new technologies such as tablet computers that cross over from consumer to business markets, IT must address the additional challenges of securing those endpoints as well as the corporate network connectivity for those devices. The top sources of security threats? Forty-nine percent of respondents point to hackers. Next on the list are well-meaning insiders, say 46 percent. Third, say 45 percent of those surveyed, are targeted attacks. Attacks 10 State of Security Survey

11 Somewhat/Extremely Significant Industry Trends Affecting Difficulty of Security Public Infrastructure/Platform-as-a-Service 39% Public Software-as-a-Service 40% Private cloud computing 40% Compliance 41% Changes in the threat landscape 43% Application growth 44% Virtualization 44% Consumerization of IT 45% Social media 46% Mobile computing 47% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Somewhat/Extremely Significant Security Threats State-sponsored attacks 35% Criminals 41% Hacktivism 41% Industrial espionage 41% Malicious insiders 44% Targeted attacks 45% Well-meaning insiders 46% Hackers 49% 0% 10% 20% 30% 40% 50% 60% 71% 71% of respondents saw an attack in the last year, including malicious code, social engineering and external malicious attacks 21% 21% of respondents see the frequency of attacks increasing and almost ¼ saw the attacks as somewhat to significantly effective State of Security Survey 11

12 Finding 3 Details about cyberattacks for business Concerns about hackers are well-founded, given the number of businesses that are experiencing cyberattacks. Seventy-one percent of organizations saw attacks in the past 12 months, compared to 75 percent in Ninety-two percent of respondents report losses from such incidents, down from 100 percent last year. The percentage who reported an increasing frequency of attacks fell from 29 percent in 2010 to 21 percent in The top three losses were downtime, theft of employee s identity information and theft of intellectual property. How destructive are these attacks in hard costs? In a word, substantial. Among SMBs, 20 percent incurred at least $100,000 in expenses from attacks within the last year. And the cost was even higher for larger enterprises, with 20 percent incurring at least $271,000 in damages. Respondents say the top sources of those costs are lost productivity and revenue; lost organizational, customer, or employee data; and damage to a company s brand reputation. The methods cybercriminals use in their attacks reflect the evolving drivers of security, according to the survey s results. Malicious code attacks rank highest among respondents with 22 percent of them having experienced this kind of attack in the prior year. continued on page 14 Effects of Cyberattacks 12 State of Security Survey

13 Characterize the quantity of cyberattacks against your organization over the past 12 months: We saw an extremely large number of cyberattacks 2% We saw a large number of cyberattacks 4% We saw cyberattacks on a regular basis 21% We saw just a few cyberattacks 44% We saw no cyberattacks 29% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Somewhat/Extremely High Number in past 12 months? Targeted attacks 13% Internal malicious attacks 13% Denial of Service attacks 14% Internal unintentional actions 15% External malicious attacks 18% Social engineering attacks 20% Malicious code attacks 22% 0% 5% 10% 15% 20% 25% 92% 92% of those attacked saw losses from cyberattacks including downtime, intellectual property and customer credit card info 84% 84% of these losses translated into actual costs (productivity, revenue, money or goods) $195k 20% of businesses lost at least $195,000 as a result of cyberattacks State of Security Survey 13

14 Finding 3 continued from page 10 Twenty percent say they suffered social engineering attacks in the past year that include phishing, spoofing and pre-texting. External malicious attacks remain ever present, seeking to breach traditional defenses such as firewalls and antivirus software. This kind of attack affected 18 percent of respondents in the past year. Interestingly, respondents also see these three cyberattack methods as the fastest growing. Attacks Growing Somewhat/Extremely Quickly Internal malicious attacks 17% Denial of Service attacks 18% Targeted attacks 19% Internal unintentional actions 19% External malicious attacks 24% Social engineering attacks 26% Malicious code attacks 30% 0% 5% 10% 15% 20% 25% 30% 35% 14 State of Security Survey

15 Cyber Losses Experienced Theft of employee PHI 10% Theft of customer PHI 14% Identity theft 16% Theft of customer financial information 17% Theft of other corporate data 18% Theft of customer PII 19% Theft of intellectual property 19% Theft of employee PII 20% Downtime of our environment 43% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% Costs of Cyberattacks Reduced stock price 11% Litigation costs Regulatory fines Direct financial cost (money or goods) Loss of customer trust/damaged customer relationships We don't know what was taken or impacted Costs to comply with regulations after an attack Damaged brand reputation Loss of organization, customer, or employee data 13% 14% 15% 15% 16% 17% 17% 17% Lost revenue 23% Lost productivity 35% 0% 5% 10% 15% 20% 25% 30% 35% 40% State of Security Survey 15

16 Finding 4 What are businesses doing about security? When it comes to security measures, businesses need to be able to both deter attacks and also react to them when they occur. It s also important to pursue strategic initiatives that will lay the foundation for future protection. Based on the survey results, there is room for organizations to improve in how they prepare for and respond to threats. The survey revealed that organizations are the most prepared when it comes to routine security measures. Fifty-two percent report that they are doing well in this area, and 51 percent say they are doing well in addressing cyberattacks. On the other hand, only 48 percent say they are doing well in the areas of strategic security initiatives and just 45 percent are pursuing innovative security issues. To address these shortfalls, businesses are increasing staffing levels for the IT department. In particular, they are adding staff to deal with network, Web and endpoint security. In addition, they are increasing their budgets for network and Web security as well as security systems management. It s clear that organizations are stepping up their efforts in improving their protection, but many companies nearly half of those surveyed have much work still to do in safeguarding their networks and information assets. How IT is Responding 16 State of Security Survey

17 Doing Well/Extremely Well Pursuing innovative or cutting-edge security issues 45% Pursuing strategic security initiatives 48% Demonstrating compliance 48% Attending to security attacks or breaches 51% Addressing routine security measures 52% 0% 10% 20% 30% 40% 50% 60% Manpower Slowly/Rapidly Growing Security Budget Slowly/Rapidly Growing Reporting 40% Reporting 34% Auditing/Compliance 40% Incident response 34% Policies and procedures 40% Policies and procedures 35% Security for virtualized environments 40% Security for private cloud initiatives 36% Security for public cloud initiatives 41% Security for public cloud initiatives 36% Security for private cloud initiatives 42% User training and awareness 36% Vulnerability assessment/detection 42% Messaging security 37% Security systems management 42% Vulnerability assessment/detection 37% Responding to security incidents 42% Endpoint security 37% Risk management 43% Risk management 37% User training and awareness 43% IT audit and compliance 37% Messaging security 43% Security for virtualized environments 38% Preventing data loss 43% Mobile security 38% Mobile security 43% Security systems management 38% Endpoint security 45% Data loss prevention 39% Web security 46% Web security 41% Network security 46% Network security 42% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 46% 46% of respondents are increasing staffing in areas of network and web security 38% 38% of respondents are increasing security systems management budgets 41% 41% of respondents are increasing network and web security budgets State of Security Survey 17

18 Key Recommendations Organizations need to develop and enforce IT policies. By prioritizing risks and defining policies that span across all locations, customers can enforce policies through built-in automation and workflow to protect information, identify threats, and remediate incidents as they occur or anticipate them before they happen. Businesses need to protect information proactively by taking an information-centric approach to protecting both information and interactions. Taking a content-aware approach to protecting information is key in identifying and classifying confidential, sensitive information, knowing where it resides, who has access to it, and how it is coming in or leaving your organization. Proactively encrypting endpoints will also help organizations minimize the consequences associated with lost devices. To help control access, IT administrators need to validate and protect the identities of users, sites and devices throughout their organizations. Furthermore, they need to provide trusted connections and authenticate transactions where appropriate. Organizations need to manage systems by implementing secure operating environments, distributing and enforcing patch levels, automating processes to streamline efficiency, and monitoring and reporting on system status. IT administrators need to protect their infrastructure by securing all of their endpoints including the growing number of mobile devices along with messaging and Web environments. Defending critical internal servers and implementing the ability to back up and recover data should also be priorities. In addition, organizations need the visibility and security intelligence to respond to threats rapidly. 18 State of Security Survey

19 State of Security Survey 19

2012 Endpoint Security Best Practices Survey GLOBAL RESULTS

2012 Endpoint Security Best Practices Survey GLOBAL RESULTS 2012 Endpoint Security Best Practices Survey GLOBAL RESULTS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Top tier organizations fare better against attacks... 8 Finding 2: Top tier organizations

More information

2012 Endpoint Security Best Practices Survey

2012 Endpoint Security Best Practices Survey WHITE PAPER: 2012 ENDPOINT SECURITY BEST PRACTICES SURVEY........................................ 2012 Endpoint Security Best Practices Survey Who should read this paper Small and medium business owners

More information

SYMANTEC 2010 SMB INFORMATION PROTECTION SURVEY. Symantec 2010 SMB Information Protection Survey. Global Data

SYMANTEC 2010 SMB INFORMATION PROTECTION SURVEY. Symantec 2010 SMB Information Protection Survey. Global Data SYMANTEC 2010 SMB INFORMATION PROTECTION SURVEY Symantec 2010 SMB Information Protection Survey Global Data June 2010 CONTENTS Executive Summary...3 Methodology...4 Finding 1: SMBs serious about information

More information

State of Mobility Survey. France Results

State of Mobility Survey. France Results State of Mobility Survey France Results Methodology Survey performed by Applied Research 6,275 global organizations 43 countries NAM 2 LAM 14 EMEA 13 APJ 14 SMBs: Individuals in charge of computers Enterprises:

More information

INFORMATION PROTECTED

INFORMATION PROTECTED INFORMATION PROTECTED Symantec Protection Suite Effective, comprehensive threat protection Safeguarding your organization s business-critical assets in today s ever-changing threat landscape has never

More information

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.

More information

Global IT Security Risks

Global IT Security Risks Global IT Security Risks June 17, 2011 Kaspersky Lab leverages the leading expertise in IT security risks, malware and vulnerabilities to protect its customers in the best possible way. To ensure the most

More information

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent

More information

Building a Business Case:

Building a Business Case: Building a Business Case: Cloud-Based Security for Small and Medium-Size Businesses table of contents + Key Business Drivers... 3... 4... 6 A TechTarget White Paper brought to you by Investing in IT security

More information

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE

More information

Cybersecurity. Considerations for the audit committee

Cybersecurity. Considerations for the audit committee Cybersecurity Considerations for the audit committee Insights on November 2012 governance, risk and compliance Fighting to close the gap Ernst & Young s 2012 Global Information Security Survey 2012 Global

More information

Data Backup for Small and Medium Businesses: Priorities, Current Practices, and Risks

Data Backup for Small and Medium Businesses: Priorities, Current Practices, and Risks Data Backup for Small and Medium Businesses: Priorities, Current Practices, and Risks November 12, 2008 How safe is small business data? As the power of computers continues to grow, more and more of the

More information

Federal Cyber Security Outlook for 2010

Federal Cyber Security Outlook for 2010 Federal Cyber Security Outlook for 2010 National IT Security Challenges Mounting How well prepared are IT professionals within U.S. government agencies to respond to foreign cyber threats? Will government

More information

Into the cybersecurity breach

Into the cybersecurity breach Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing

More information

Conquering PCI DSS Compliance

Conquering PCI DSS Compliance Any organization that stores, processes or transmits information related to credit and debit card payments has a responsibility to protect each cardholder s personal data. To help accomplish this goal,

More information

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average

More information

Cybercrime: risks, penalties and prevention

Cybercrime: risks, penalties and prevention Cybercrime: risks, penalties and prevention Cyber attacks have been appearing in the news with increased frequency and recent victims of cybercrime have included well-known companies such as Sony, LinkedIn,

More information

Information Security Addressing Your Advanced Threats

Information Security Addressing Your Advanced Threats Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?

More information

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations

More information

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime?

Cyber Warfare. Global Economic Crime Survey. Causes of Cyber Attacks. David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP. Why Cybercrime? Cyber Warfare David Childers, CEO Compli Vivek Krishnamurthy, Foley Hoag LLP Global Economic Crime Survey Cyber crime is the fastest growing economic crime up more than 2300% since 2009 1 in 10 companies

More information

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

THE SECURITY OF HOSTED EXCHANGE FOR SMBs THE SECURITY OF HOSTED EXCHANGE FOR SMBs In the interest of security and cost-efficiency, many businesses are turning to hosted Microsoft Exchange for the scalability, ease of use and accessibility available

More information

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations

More information

Transforming SMB Security Stephen Banbury

Transforming SMB Security Stephen Banbury Transforming SMB Security Stephen Banbury VP, Global SMB Channel & Alliances Compelling Trends for Change Symantec as a Leader in Security Winning Together 2 NOT SO LONG AGO SMB Attitudes Towards Business

More information

Cyber Security. John Leek Chief Strategist

Cyber Security. John Leek Chief Strategist Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity

More information

THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY

THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY CYBER HYGIENE AND ORGANIZATIONAL PLANNING ARE AT LEAST AS INTEGRAL TO SECURING INFORMATION NETWORKS AS FIREWALLS AND ANTIVIRUS SOFTWARE Cybersecurity

More information

Hope for the best, prepare for the worst:

Hope for the best, prepare for the worst: Hope for the best, prepare for the worst: Why your customers will demand self-service back-up Presented by Ridley Ruth, COO Breaking News Yahoo email Accounts were hacked in Jan 2014 (Washington Post)

More information

Manage the unexpected

Manage the unexpected Manage the unexpected Navigate risks and thrive Today s business world is threatened by a multitude of online security risks. But many organizations simply do not have the resources or expertise to combat

More information

What Data? I m A Trucking Company!

What Data? I m A Trucking Company! What Data? I m A Trucking Company! Presented by: Marc C. Tucker 434 Fayetteville Street, Suite 2800 Raleigh, NC, 27601 919.755.8713 marc.tucker@smithmoorelaw.com Presented by: Rob D. Moseley, Jr. 2 West

More information

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation

More information

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES

FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES FINANCIAL FRAUD: THE IMPACT ON CORPORATE SPEND IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5,500 companies in 26 countries around the world

More information

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY, A GROWING CIO PRIORITY www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------

More information

Preemptive security solutions for healthcare

Preemptive security solutions for healthcare Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare

More information

The Attacker s Target: The Small Business

The Attacker s Target: The Small Business Check Point Whitepaper The Attacker s Target: The Small Business Even Small Businesses Need Enterprise-class Security to protect their Network July 2013 Contents Introduction 3 Enterprise-grade Protection

More information

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious

More information

North American Electric Reliability Corporation (NERC) Cyber Security Standard

North American Electric Reliability Corporation (NERC) Cyber Security Standard North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation

More information

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There

More information

Small Business Virtualization Poll GLOBAL RESULTS

Small Business Virtualization Poll GLOBAL RESULTS Small Business Virtualization Poll GLOBAL RESULTS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Small businesses have a strong interest in virtualization... 8 Finding 2: Small businesses are

More information

DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES

DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape White Paper Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape Financial services organizations have a unique relationship with technology: electronic data and transactions

More information

Managing cyber risks with insurance

Managing cyber risks with insurance www.pwc.com.tr/cybersecurity Managing cyber risks with insurance Key factors to consider when evaluating how cyber insurance can enhance your security program June 2014 Managing cyber risks to sensitive

More information

WHITE PAPER: INFORMATION-CENTRIC SECURITY

WHITE PAPER: INFORMATION-CENTRIC SECURITY WHITE PAPER: INFORMATION-CENTRIC SECURITY PROTECTING YOUR DATA FROM THE INSIDE- OUT Despite the growing number of high profile data breaches and the anxiety they re causing organizations, too much information

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3

Executive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3 GLOBAL ADVANCED THREAT LANDSCAPE SURVEY 2014 TABLE OF CONTENTS Executive Summary 3 Snowden and Retail Breaches Influencing Security Strategies 3 Attackers are on the Inside Protect Your Privileges 3 Third-Party

More information

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments

Data Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex

More information

Hope for the best, prepare for the worst:

Hope for the best, prepare for the worst: Hope for the best, prepare for the worst: Why your customers will demand self-service back-up Presented by Ridley Ruth, COO 2014 a record year for hacking! 100K+ WordPress sites infected by mysterious

More information

Perceptions About Network Security Survey of IT & IT security practitioners in the U.S.

Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2011 Ponemon

More information

Small Business Virtualization Poll APJ RESULTS

Small Business Virtualization Poll APJ RESULTS Small Business Virtualization Poll APJ RESULTS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Small businesses have a strong interest in virtualization... 8 Finding 2: Small businesses are still

More information

McAfee Security Architectures for the Public Sector

McAfee Security Architectures for the Public Sector White Paper McAfee Security Architectures for the Public Sector End-User Device Security Framework Table of Contents Business Value 3 Agility 3 Assurance 3 Cost reduction 4 Trust 4 Technology Value 4 Speed

More information

Enterprise Encryption Trends Survey GLOBAL RESULTS

Enterprise Encryption Trends Survey GLOBAL RESULTS Enterprise Encryption Trends Survey GLOBAL RESULTS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Encryption use growing rapidly but fragmented... 8 Finding 2: Use of encryption in rogue projects...10

More information

BIG SHIFT TO CLOUD-BASED SECURITY

BIG SHIFT TO CLOUD-BASED SECURITY GUIDE THE BIG SHIFT TO CLOUD-BASED SECURITY How mid-sized and smaller organizations can manage their IT risks and meet regulatory compliance with minimal staff and budget. CONTINUOUS SECURITY TABLE OF

More information

Readiness Assessments: Vital to Secure Mobility

Readiness Assessments: Vital to Secure Mobility White Paper Readiness Assessments: Vital to Secure Mobility What You Will Learn Mobile devices have been proven to increase employee productivity and job satisfaction, but can also pose significant threats

More information

2015 VORMETRIC INSIDER THREAT REPORT

2015 VORMETRIC INSIDER THREAT REPORT Research Conducted by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security FINANCIAL SERVICES EDITION #2015InsiderThreat RESEARCH BRIEF US FINANCIAL SERVICES SPOTLIGHT ABOUT

More information

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist

Cyber- Attacks: The New Frontier for Fraudsters. Daniel Wanjohi, Technology Security Specialist Cyber- Attacks: The New Frontier for Fraudsters Daniel Wanjohi, Technology Security Specialist What is it All about The Cyber Security Agenda ; Protecting computers, networks, programs and data from unintended

More information

CYBER SECURITY INFORMATION SHARING & COLLABORATION

CYBER SECURITY INFORMATION SHARING & COLLABORATION Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers

More information

OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS

OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS Table of Contents 01 02 03 04 05 06 Today, Every Business is an Online Business Attackers Know They Can Do Damage Impacts of Attack and

More information

Malware isn t The only Threat on Your Endpoints

Malware isn t The only Threat on Your Endpoints Malware isn t The only Threat on Your Endpoints Key Themes The cyber-threat landscape has Overview Cybersecurity has gained a much higher profile over the changed, and so have the past few years, thanks

More information

Global IT Security Risks: 2012

Global IT Security Risks: 2012 Global IT Security Risks: 2012 Kaspersky Lab is a leading developer of secure content and threat management solutions and was recently named a Leader in the Gartner Magic Quadrant for Endpoint Protection

More information

Banks likely to remain top cybercrime targets

Banks likely to remain top cybercrime targets Banks likely to remain top cybercrime targets Protecting assets and reputation through a sustainable security infrastructure Contents Introduction Meeting the challenge of targeted attacks 2 3 A balancing

More information

Cybersecurity. Are you prepared?

Cybersecurity. Are you prepared? Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data

More information

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.

More information

Global Corporate IT Security Risks: 2013

Global Corporate IT Security Risks: 2013 Global Corporate IT Security Risks: 2013 May 2013 For Kaspersky Lab, the world s largest private developer of advanced security solutions for home users and corporate IT infrastructures, meeting the needs

More information

CGI Cyber Risk Advisory and Management Services for Insurers

CGI Cyber Risk Advisory and Management Services for Insurers CGI Cyber Risk Advisory and Management Services for Insurers Minimizing Cyber Risks cgi.com 3 As organizations seek to create value in today s highly interconnected world, they inherently increase their

More information

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat

More information

Threat Management Survey GLOBAL FINDINGS

Threat Management Survey GLOBAL FINDINGS 2011 Threat Management Survey GLOBAL FINDINGS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Enterprises lack confidence in their security posture... 8 Finding 2: Organizations struggling with

More information

Leveraging a Maturity Model to Achieve Proactive Compliance

Leveraging a Maturity Model to Achieve Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance White Paper: Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance Contents Introduction............................................................................................

More information

The Impact of Cybercrime on Business

The Impact of Cybercrime on Business The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

State of Cloud Survey SOUTH AFRICA FINDINGS

State of Cloud Survey SOUTH AFRICA FINDINGS 2011 State of Cloud Survey SOUTH AFRICA FINDINGS CONTENTS Executive Summary... 4 Methodology... 6 Finding 1: Cloud security is top goal and top concern.................................. 8 Finding 2: IT

More information

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: ESG data indicates that many enterprise organizations

More information

Cybersecurity and internal audit. August 15, 2014

Cybersecurity and internal audit. August 15, 2014 Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices

More information

Cyber Security Management

Cyber Security Management Cyber Security Management Focusing on managing your IT Security effectively. By Anthony Goodeill With the news cycles regularly announcing a recurrently theme of targets of hacker attacks and companies

More information

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask

Everything You Wanted to Know about DISA STIGs but were Afraid to Ask Everything You Wanted to Know about DISA STIGs but were Afraid to Ask An EiQ Networks White Paper 2015 EiQ Networks, Inc. All Rights Reserved. EiQ, the EiQ logo, the SOCVue logo, SecureVue, ThreatVue,

More information

Your Customers Want Secure Access

Your Customers Want Secure Access FIVE REASONS WHY Cybersecurity IS VITAL to Your retail Businesses Your Customers Want Secure Access Customer loyalty is paramount to the success of your retail business. How loyal will those customers

More information

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary

More information

Managing IT Security with Penetration Testing

Managing IT Security with Penetration Testing Managing IT Security with Penetration Testing Introduction Adequately protecting an organization s information assets is a business imperative one that requires a comprehensive, structured approach to

More information

Strengthen security with intelligent identity and access management

Strengthen security with intelligent identity and access management Strengthen security with intelligent identity and access management IBM Security solutions help safeguard user access, boost compliance and mitigate insider threats Highlights Enable business managers

More information

DENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE THREAT OF DDOS ATTACKS IT SECURITY RISKS SPECIAL REPORT SERIES

DENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE THREAT OF DDOS ATTACKS IT SECURITY RISKS SPECIAL REPORT SERIES DENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world

More information

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord Building The Human Firewall Andy Sawyer, CISM, C CISO Director of Security Locke Lord Confidentiality, Integrity, Availability Benchmarks of Cybersecurity: Confidentiality Information is protected against

More information

2012 Bit9 Cyber Security Research Report

2012 Bit9 Cyber Security Research Report 2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by

More information

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity

Nine recommendations for alternative funds battling cyber crime. kpmg.ca/cybersecurity Nine recommendations for alternative funds battling cyber crime kpmg.ca/cybersecurity Cyber criminals steal user names and passwords and use it to conduct financial trading activity illicitly. Hackers

More information

IT SECURITY RISKS SURVEY 2014: A BUSINESS APPROACH TO MANAGING DATA SECURITY THREATS

IT SECURITY RISKS SURVEY 2014: A BUSINESS APPROACH TO MANAGING DATA SECURITY THREATS IT SECURITY RISKS SURVEY 2014: A BUSINESS APPROACH TO MANAGING DATA SECURITY THREATS Contents Introduction... 2 Key figures... 3 Methodology... 4 Concerns and priorities of IT managers: data comes first...

More information

Healthcare Information Security Today

Healthcare Information Security Today Healthcare Information Security Today 2015 Survey Analysis: Evolving Threats and Health Info Security Efforts WHITE PAPER SURVEY BACKGROUND The Information Security Media Group conducts an annual Healthcare

More information

Cisco Security Services

Cisco Security Services Cisco Security Services Cisco Security Services help you defend your business from evolving security threats, enhance the efficiency of your internal staff and processes, and increase the return on your

More information

Information Security Services

Information Security Services Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual

More information

Stay ahead of insiderthreats with predictive,intelligent security

Stay ahead of insiderthreats with predictive,intelligent security Stay ahead of insiderthreats with predictive,intelligent security Sarah Cucuz sarah.cucuz@spyders.ca IBM Security White Paper Executive Summary Stay ahead of insider threats with predictive, intelligent

More information

Detect, Prevent and Remediate the Cyber attack Nelson Yuen

Detect, Prevent and Remediate the Cyber attack Nelson Yuen Detect, Prevent and Remediate the Cyber attack Nelson Yuen Senior Systems Engineer Overview of the Local Security Landscape IP camera footages broadcasted live online In September, 2014, more than 1,000

More information

White Paper. Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise

White Paper. Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise WHITE PAPER: BUSINESS CONTINUITY AND BREACH PROTECTION White Paper Business Continuity and Breach Protection: Why SSL Certificate Management is Critical to Today s Enterprise Business Continuity and Breach

More information

PCI Data Security Standards (DSS)

PCI Data Security Standards (DSS) ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants

More information

Security Awareness Campaigns Deliver Major, Ongoing ROI

Security Awareness Campaigns Deliver Major, Ongoing ROI Security Awareness Campaigns Deliver Major, Ongoing ROI CONTENTS 01 01 02 04 05 06 Introduction The Challenge Immediate Value Evaluating effectiveness Ongoing value Conclusion INTRODUCTION By this point,

More information

Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST

Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST Cybersecurity: Learn Critical Strategies to Protecting Your Enterprise November 6, 2013 1:00PM EST November 6, 2013 Copyright 2013 Trusted Computing Group 1 November 6, 2013 Copyright 2013 Trusted Computing

More information

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry A White Paper Presented by: Lockheed Martin Corporation Combatting the Biggest Cyber Threats to the Financial Services Industry Combatting

More information

Managed Security in the Enterprise (U.S. Enterprise)

Managed Security in the Enterprise (U.S. Enterprise) MANAGED SECURITY IN THE ENTERPRISE Managed Security in the Enterprise (U.S. Enterprise) March 2009 CONTENTS Executive overview... 3 Methodology... 4 Demographics... 5 Finding 1: Cyber Risk a Big Problem...

More information

How-To Guide: Cyber Security. Content Provided by

How-To Guide: Cyber Security. Content Provided by How-To Guide: Cyber Security Content Provided by Who needs cyber security? Businesses that have, use, or support computers, smartphones, email, websites, social media, or cloudbased services. Businesses

More information

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. MAJOR FINANCIAL SERVICES LEADER Top 5 Global Bank Selects Resolution1 for Cyber Incident Response. Automation and remote endpoint remediation reduce incident response (IR) times from 10 days to 5 hours.

More information

MANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results.

MANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results. MANAGED SERVICES PROVIDER Dynamic Solutions. Superior Results. REVOLUTIONIZE YOUR INSTITUTION BY FULLY LEVERAGING THE BENEFITS OF TECHNOLOGY MAXIMIZE YOUR TECHNOLOGY INVESTMENTS ENHANCE SECURITY OF YOUR

More information

The Importance of Cyber Threat Intelligence to a Strong Security Posture

The Importance of Cyber Threat Intelligence to a Strong Security Posture The Importance of Cyber Threat Intelligence to a Strong Security Posture Sponsored by Webroot Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report

More information

INFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT. October 2013. Sponsored by:

INFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT. October 2013. Sponsored by: 2013 INFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT & October 2013 & INFORMATION SECURITY CYBER LIABILITY RISK MANAGEMENT: The Third Annual Survey on the Current State of and Trends in Information

More information

CYBERSECURITY IN HEALTHCARE: A TIME TO ACT

CYBERSECURITY IN HEALTHCARE: A TIME TO ACT share: TM CYBERSECURITY IN HEALTHCARE: A TIME TO ACT Why healthcare is especially vulnerable to cyberattacks, and how it can protect data and mitigate risk At a time of well-publicized incidents of cybersecurity

More information