Gold Sponsor of the study: Incident Response Management
|
|
- Meghan Randall
- 8 years ago
- Views:
Transcription
1 Gold Sponsor of the study: Incident Response Management How European Enterprises are Planning to Prepare for a Cyber Security Breach Y R A M SUM IVE T U C E PAC 2015 X E
2 Telefonica company profile About Telefonica Telefonica is one of the largest telecommunications companies in the world in terms of market capitalisation and number of customers. From its consolidated position in the sector, and with fixed telephony and mobile broadband as key areas that support future growth, the company focuses its strategy on securing its leadership in the digital world. Present in 21 countries and with a customer base of more than 341 million customers, Telefonica has a strong presence in Europe and Latin America, important industrial alliances and a leading global scale which positions the company to capture growth opportunities. Telefonica is a fully publicly traded company with more than 1.5 million direct stakeholders and its ordinary shares are traded in various stock markets, including London and New York among others. Telefonica is committed to delivering more secure and market leading innovation across its security value proposition through its division Telefonica Business Solutions, a leading provider within the Telefonica Group of a wide range of integrated communication and digital solutions for the B2B market. The security value proposition in Telefonica Business Solutions is underpinned by its Security product division including ElevenPaths, Telefonica s fully-owned subsidiary, which brings radical and disruptive innovation in security services and Alliances which include world leading security partners and organizations. At ElevenPaths, the vision is to develop innovative security products that redefine how Telefonica addresses emerging threats, as well as guaranteeing security and privacy for all without interfering with their day-to-day lives. Telefonica s customers depend on technology, communications and the Internet which makes them vulnerable to exposure to security threats. The breakneck pace of change has to be matched by the speed of innovation, creating agile structures that enable us to stay ahead of attackers. MC template PAC
3 Telefonica company profile About Telefonica (continued) The Security division within Business Solutions is designed to enable Telefonica to exceed customer expectations while adapting to their specific characteristics and needs though a ground-breaking value proposition. Telefonica s extensive experience in security and communication networks, expert workforce and the development of intelligence-driven managed security services of cutting-edge technology, as well as the capillarity of focused local security units across the world, makes Telefonica a market leading partner. In the cyber-security, Telefonica is dedicated to protecting the property and businesses of its customers (Government, Enterprises, Multinationals and Small and Medium Business) through unobtrusive services, providing a portfolio of solutions that help prevent attacks, detect any breaches or incidents, and ensure we support our customers address the ongoing challenge of security. For more information: Follow us in: Blog: Blog.elevenpaths.com ( ( LinkedIn/elevenpaths ( YouTube/elevenpaths ( MC template PAC
4 Key Findings Most organisations suffered a breach last year Security spend is shifting towards Incident Response Are firms really ready for cyber breaches? Most organisations outsource Incident Response Technology support for Incident Response is emerging 67% of organizations reported a cyber breach in the last 12 months 100% of firms surveyed reported a cyber breach at some point in the past A breach is - to all intents and purposes - inevitable. Traditionally, cyber security focuses on Prevent & Protect approaches Firms are migrating spend to Detect a breach quickly and Respond to minimise the impact of that breach. 86% of firms claim a high state of readiness for cyber breaches Yet 39% do not have a cyber readiness plan And only 30% of firms that have a plan test it monthly. CISOs generally prefer to keep operations in house But with incident response, outsourcing is more common Accessing required expertise, on demand, is the driver. Two-thirds of organisations do use some technology for Incident Response But most use in-house solutions or a patchy variety of existing technologies IR Management solutions are emerging and will gain rapid adoption. Incident Response Management PAC
5 Introduction Suffering a major breach is a near-certainty. Research from a variety of sources shows that the average firm will suffer one major breach each year. The consequences of a major breach include loss of IP, availability, customer service, revenue and reputation. And the fines for data protection non-compliance are set to soar under the upcoming GDPR and NISD regulations, with mandatory breach reporting due to be introduced from Responding to an incident quickly and effectively is a complex process, involving technical, communications & management staff. And the world is watching as you respond. Our hypothesis for this study was that enterprises are struggling to cope with Incident Response. We wanted to investigate the extent to which firms are experiencing cyber breaches, and if so how organisations are prepared for this eventuality. Are cyber breaches inevitable? We were also interested in how firms cope with the skills shortage, and if they use technology and/or outsourced services to deliver Incident Response. Do firms seek to offset cyber breach risk, through a combination of IR planning and Cyber Risk insurance? We surveyed 200 decision makers in large companies in the UK, France and Germany, to understand their motivations and drivers with regard to Incident Response. This study deals with the following questions: To what extent are firms being breached, and what is their broad approach to responding to such incidents? Do companies understand the importance of IR? Do they have a defined and tested IR plan? Are they adjusting their cyber security spend, or allocating new budget, in order to fund an IR programme? Do they test their IR regularly and update processes accordingly? Do they follow best practices? Do they use an IR management tool? Do they outsource IR capability? Are they aware of the impending NIS and GDPR regulatory changes? Is their technical IR plan integrated with business and communications contingency planning? Incident Response Management PAC
6 About the Study 200 survey respondents in Western Europe Public Sector 24% Financial Services 17% Education 15% Manufacturing 14% Services 12% Retail 9% Healthcare 4% Others 8% 65% CIO/VP IT respondents 35% CISO respondents 33% 35% 33% F M A M J All respondents had over 1,000 employees FR DE UK Survey conducted between Apr-May 2015 Incident Response Management PAC
7 Anatomy of a Cyber Breach Incident 67% of firms have had a cyber breach in the last year, and 100% report a breach at some time in the past Breach severity 9% 34% 35% V.High High Med 23% Low 75k Average cost of most severe breach in last year 69% of breaches are discovered between one and six months after attack J F M A M J We used a 3 rd part monitoring service We found it ourselves We were alerted by a third party We were alerted by the media 43% 37% 21% 1% Firms require between one and six man months to recover from a breach Incident Response Management PAC
8 A fundamental shift in security spending Q. What is the split today of spend between planning, preparing and prevention versus detection, response and recovery? And how do you see this changing over the next two years? Prevent & Protect 77% 61% Average spend today 75% 60% Median spend today 23% 39% Average spend today 25% 40% Median spend today Average spend in 2 years Median spend in 2 years Average spend in 2 years Median spend in 2 years Detect & Respond Most organisations have built their cyber security approach around protecting the perimeter and preventing attacks. However, as we have seen, cyber breaches still occur. This means that organisations have used up most of the budget that has, ultimately, failed to do what it was spent to do. Most organisations take between one and six months to discover an attack, meaning that the perpetrator has been inside to the organisation long enough to cause damage or to extract information. The shift in spend towards a Detect & Respond approach is therefore a reaction to the inevitability of a cyber breach. We see this as a re-balancing of cyber security spend to a more appropriate split of operational attention. While the focus on Prevent & Protect needs to be maintained, looking for breaches and quickly remediating them has increased in priority. Incident Response Management PAC
9 How prepared are you for a cyber breach? 86% 39% 30% Of firms claim they are very or somewhat ready for a cyber breach Of firms don t have a cyber readiness plan Of those firms with a plan test it monthly or more frequently It's a case of good news followed by bad news, when it comes to preparedness for a cyber breach. An extremely healthy 86% of organisations say that they are very or somewhat ready for a cyber breach. However, readiness clearly means different things to different firms: 39% do not have a cyber readiness plan. How an organisation can claim readiness without having a plan to describe what readiness means or how to test it is a clear indication of the variability of maturity across organisations when it comes to incident response. Frequency of testing a plan is also highly variable. Only 30% of firms that have a plan test it monthly or more frequently. Most (65%) test their plan quarterly, which is common but increasingly insufficient given the rate of change in the threat landscape. 5% of firms test their incident response preparedness annually. Overall, we are concerned at the state of readiness of firms for a cyber breach. While most companies believe that they are ready for a breach this confidence does not match the reality of the situation. Firms are at best unaware of best practice when it comes to incident response, and at worst are in denial of the precariousness of their situation. Incident Response Management PAC
10 Internal or external resourcing? Q. How do you resource incident response? Most organisations eschew outsourcing for cyber security. They fear loss of visibility and control of their security operations. So, typically, they use outsourcing in a cautious, riskbased and selective manner. They also outsource security as a short-term fix until they are able to back-fill resources with in-house expertise. With incident response, however, the opposite appears to be true. In our survey, 69% of firms use a combination of internal and external staff, with a further 14% using external resources exclusively. 14% Use external staff only 18% Use internal staff only 69% The nature of incident response dictates that resource utilisation is unpredictable. Although all of the companies surveyed reported a cyber breach (67% in the last 12 months), the timing of a breach is indeterminable. This means that if internal staff are to be used then they are drawn from other security activities as and when the need arises. But this may impact on-going operations. So it makes sense to plan to use external resources, either retained on standby or on a more ad hoc basis. Use a combination of internal & external staff Incident Response Management PAC
11 Technology for Incident response Q. Are you using any technology to assist in incident response? 22% 61% Of which 11% Built in-house and the rest is a wide variety of existing capability delivering patchy IR coverage We asked the respondents whether they are using any technology to assist in incident response. We were surprised to find that 61% of firms do use technology in their incident response. However, when asked to describe this technology we get a very patchy view. The most common answer type of technology used is built in-house, as opposed to a commercial off-the-shelf solution. Firms corral a wide variety of technologies to support incident response, such as SIEM, threat monitoring and network security. Clearly, these technologies are not designed for managing and organisations incident response program. There is some evidence to suggest that organisations are aware that more specialised solutions for incident response are available, although this is clearly still an emerging market. Awareness of such solutions appears to be low, but as spend shifts towards Detect & Respond activities we expect this to increase rapidly. Incident Response Management PAC
12 Disclaimer, usage rights, independence and data protection This study was compiled in multi-client mode under the sponsorship of FireEye, HP, Telefonica and Resilient Systems. For further information, please visit Disclaimer The contents of this study were compiled with the greatest possible care. However, no liability for their accuracy can be assumed. Analyses and evaluations reflect the state of our knowledge in May 2015 and may change at any time. This applies in particular, but not exclusively, to statements made about the future. Names and designations that appear in this study may be registered trademarks. Usage rights This study is protected by copyright. Any reproduction or dissemination to third parties, including in part, requires the prior explicit authorization of the sponsors. The publication or dissemination of tables, graphics etc. in other publications also requires prior authorization. Independence and data protection This study was produced solely by Pierre Audoin Consultants (PAC). The sponsors had no influence over the analysis of the data and the production of the study. The participants in the study were assured that the information they provided would be treated confidentially. No statement enables conclusions to be drawn about individual companies, and no individual survey data was passed to the sponsors or other third parties. All participants in the study were selected at random. There is no connection between the production of the study and any commercial relationship between the respondents and the sponsors of this study. Incident Response Management PAC
13 Contact Founded in 1976, Pierre Audoin Consultants (PAC) is part of the CXP Group, the leading independent European research and consulting firm for the software, IT services and digital transformation industry. The CXP Group offers its customers comprehensive support services for the evaluation, selection and optimization of their software solutions and for the evaluation and selection of IT services providers, and accompanies them in optimizing their sourcing and investment strategies. As such, the CXP Group supports ICT decision makers in their digital transformation journey. Further, the CXP Group assists software and IT services providers in optimizing their strategies and go-to-market approaches with quantitative and qualitative analyses as well as consulting services. Public organizations and institutions equally base the development of their IT policies on our reports. Capitalizing on 40 years of experience, based in 8 countries (with 17 offices worldwide) and with 140 employees, the CXP Group provides its expertise every year to more than 1,500 ICT decision makers and the operational divisions of large enterprises as well as mid-market companies and their providers. The CXP Group consists of three branches: Le CXP, BARC (Business Application Research Center) and Pierre Audoin Consultants (PAC). Duncan Brown Research Director +44 (0) d.brown@pac-online.com Dominic Trott Senior Consultant +44 (0) d.trott@pac-online.com For more information please visit: PAC s latest news: Follow us on PAC 2015
Premium Sponsor of the study: Incident Response Management
Premium Sponsor of the study: Incident Response Management How European Enterprises are Planning to Prepare for a Cyber Security Breach PAC 2015 Preface Arthur Wong, Senior Vice President of Enterprise
More informationGold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary
Gold study sponsor: Is cyber security now too hard for enterprises? Cyber security trends in the UK Executive Summary Core statements I. Cyber security is now too hard for enterprises The threat is increasing
More informationIs cyber security now too hard for enterprises? Cyber security trends in the UK. Executive Summary
Is cyber security now too hard for enterprises? Executive Summary Sponsors The creation and distribution of this study was supported by CGI, cybx and Fujitsu/Symantec. Premium sponsors: Gold sponsor: 2
More informationSilver Sponsor of the study. Digital Testing in Europe: Strategies, Challenges & Measuring Success
Silver Sponsor of the study Digital Testing in Europe: Strategies, Challenges & Measuring Success Key Findings Digital having a major impact on the testing/qa function. More than three quarters of European
More informationPremium study sponsors: Is cyber security now too hard for enterprises?
Premium study sponsors: Is cyber security now too hard for enterprises? Company profile Fujitsu Technology Solutions GmbH About Fujitsu Fujitsu is a Japanese IT company offering a complete range of products,
More informationIs a cyber breach inevitable? Cyber Security Challenges in the Netherlands
Cyber Security Challenges in the Netherlands June 2015 Comissioned by: 2 Published by CGI George Hintzenweg 89, 3068 AX Rotterdam, The Netherlands Pierre Audoin Consultants (PAC) Ltd 15 Bowling Green Lane,
More informationDigital Transformation in Germany
Silver sponsor of the study: Changing marketing and IT strategies Executive Summary Background The way enterprises interact with their customers is currently undergoing a massive change: Digital technologies,
More informationSponsor of the study: Holistic Customer Experience in the Digital Age
Sponsor of the study: Holistic Customer Experience in the Digital Age A Trend Study for Germany, France and the UK PAC 2015 Core findings 1 Everybody talks about digitization but few companies have a profound
More informationOmnichannel Retail in Europe
Gold Sponsor of the study Omnichannel Retail in Europe Strategies, Challenges & Measuring Success SAP - Company Profile SAP is the world leader in enterprise applications in terms of software and software-related
More informationRisks and uncertainties
Risks and uncertainties Our risk management approach We have a well-established risk management methodology which we use throughout the business to allow us to identify and manage the principal risks that
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationsecurity changes with Orange focus on your business, we focus on your security
security changes with Orange focus on your business, we focus on your security the only constant in security is change New uses and new technologies, proliferation of platforms and new workspaces in a
More informationREPORT. Next steps in cyber security
REPORT March 2015 Contents Executive summary...3 The Deloitte and Efma questionnaire...5 Level of awareness...5 Level of significance...8 Level of implementation...11 Gap identification and concerns...15
More informationA NEW APPROACH TO CYBER SECURITY
A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively
More informationCyber Risk: Global Warning? by Cinzia Altomare, Gen Re
Cyber Risk: Global Warning? by Cinzia Altomare, Gen Re Global Warning It is a matter of time before there is a major cyber attackon the global financial system and the public needs to invest heavily in
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationCyber Risks and Insurance Solutions Malaysia, November 2013
Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare
More informationW H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s
W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s IDC Middle East, Africa, and Turkey, Al Thuraya Tower 1, Level 15, Dubai
More informationThe Changing IT Risk Landscape Understanding and managing existing and emerging risks
The Changing IT Risk Landscape Understanding and managing existing and emerging risks IIA @ Noon Kareem Sadek Senior Manager, Deloitte Canada Chris Close Senior Manager, Deloitte Canada December 2, 2015
More informationCyber Security : preventing and mitigating incidents. Alexander Brown Robert Allen
Cyber Security : preventing and mitigating incidents Alexander Brown Robert Allen 07 & 08 October 2015 Cyber Security context of the threat The magnitude and tempo of [cyber security attacks], basic or
More informationBeyond Data Breach: Cyber Trends and Exposures
Beyond Data Breach: Cyber Trends and Exposures Vietnam 7 th May 2015 Jason Kelly Head of Asia Financial Lines AIG Agenda Why do companies need cyber protection Example of Cyber attack worldwide and in
More informationUK ICT Outsourcing Service Provider Performance and Satisfaction (SPPS) Study: 2013
A STUDY BY KPMG UK ICT Outsourcing Service Provider Performance and Satisfaction (SPPS) Study: 2013 A study of the UK Information and Communication Technology (ICT) Outsourcing Market and its Service Providers
More informationLondon Business Interruption Association Technology new risks and opportunities for the Insurance industry
London Business Interruption Association Technology new risks and opportunities for the Insurance industry Kiran Nagaraj Senior Manager, KPMG LLP February 2014 Agenda Introduction The world we live in
More informationDigital Leaders Survey
Contents 1. Key findings 3 2. Top three management issues 4 3. Top three IT topics or trends 5 4. Additional resources needed to address the issues prioritised 6 5. Skills gaps 7 6. Concerns about future
More informationThird Annual Study: Is Your Company Ready for a Big Data Breach?
Third Annual Study: Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute
More informationA COMPLETE APPROACH TO SECURITY
A COMPLETE APPROACH TO SECURITY HOW TO ACHEIVE AGILE SECURITY OPERATIONS THREAT WATCH Cyber threats cost the UK economy 27 billion a year 200,000 new threats are identified every day 58% of businesses
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationHow To Decide If You Should Move To The Cloud
Can security conscious businesses really adopt the Cloud safely? January 2014 1 Phone: 01304 814800 Fax: 01304 814899 info@ Contents Executive overview The varied Cloud security landscape How risk assessment
More informationState of Security Survey GLOBAL FINDINGS
2011 State of Security Survey GLOBAL FINDINGS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Cybersecurity is important to business... 8 Finding 2: The drivers of security are changing... 10 Finding
More informationEnterprise Security Governance. Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security
Enterprise Security Governance Robert Coles Chief Information Security Officer and Global Head of Digital Risk & Security Governance and Organisational Model Risk Mgmt & Reporting Digital Risk & Security
More informationA global infrastructure to safeguard your business_
Global Security Services A global infrastructure to safeguard your business_ Global Solutions More than just peace of mind: increase confidence and reduce risk across your entire organisation_ How do you
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationPrincipal risks and uncertainties
Principal risks and uncertainties Our risk management approach We have a well-established risk management methodology which we use throughout the business to allow us to identify and manage the principal
More informationLeverage Micro- Segmentation To Build A Zero Trust Network
A Forrester Consulting Thought Leadership Paper Commissioned By VMware July 2015 Leverage Micro- Segmentation To Build A Zero Trust Network Table Of Contents Executive Summary... 1 Current Security Implementations
More informationAre organizations completely ready to stop cyberattacks?
Are organizations completely ready to stop cyberattacks? A research survey details the security perspective of IT decision makers in the US, UK, and Australia on resourcing, preparedness, and management
More informationDNS Server Security Survey
EXECUTIVE BRIEF DNS Server Security Survey Sponsored by: EfficientIP Romain Fouchereau June 2014 INTRODUCTION With most organizations having some business linked to and more importantly relying on an online
More informationOur specialist insurance services for Professionals risks
Our specialist insurance services for Professionals risks Price Forbes & Partners is an independent Lloyd s broker based in the heart of London s insurance sector. We trade with all of the major international
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationChanging the Enterprise Security Landscape
Changing the Enterprise Security Landscape Petr Hněvkovský Presales Consultant, ArcSight EMEA HP Enterprise Security Products 2012 Hewlett-Packard Development Company, L.P. The information contained herein
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationThe EBF would like to take the opportunity to note few general remarks on key issues as follows:
Ref.:EBF_001314 Brussels, 17 June 2013 Launched in 1960, the European Banking Federation is the voice of the European banking sector from the European Union and European Free Trade Association countries.
More informationPremium Sponsor of the study. Digital Testing in Europe: Strategies, Challenges & Measuring Success
Premium Sponsor of the study Digital Testing in Europe: Strategies, Challenges & Measuring Success Foreword Matthias Rasking Testing Lead, Europe, Africa and Latin America Today s business world is increasingly
More informationAre European companies equipped to fight off cyber security attacks?
A Steria Report Are European companies equipped to fight off cyber security attacks? Executive summary In collaboration with PAC è www.steria.com è www.steria.com Are European companies equipped to fight
More informationCyberprivacy and Cybersecurity for Health Data
Experience the commitment Cyberprivacy and Cybersecurity for Health Data Building confidence in health systems Providing better health care quality at lower cost will be the key aim of all health economies
More informationCloud Adoption Practices & Priorities Survey Report
Cloud Adoption Practices & Priorities Survey Report January 2015 2015 Cloud Security Alliance All Rights Reserved All rights reserved. You may download, store, display on your computer, view, print, and
More informationAftermath of a Data Breach Study
Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath
More informationTCS as a Digital Transformation Partner for European Customers
TCS as a Digital Transformation Partner for European Customers December 2014 By Nicole Dufft, Independent Vice President - Digital Enterprise, PAC Germany TCS as a Digital Transformation Partner 2 1. INTRODUCTION
More informationManaged Security in the Enterprise (U.S. Enterprise)
MANAGED SECURITY IN THE ENTERPRISE Managed Security in the Enterprise (U.S. Enterprise) March 2009 CONTENTS Executive overview... 3 Methodology... 4 Demographics... 5 Finding 1: Cyber Risk a Big Problem...
More informationIs Your Company Ready for a Big Data Breach?
Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication
More informationCYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION
CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION In the ever-evolving technological landscape which we all inhabit, our lives are dominated by
More informationCompanies need integrated mobility management solutions
Spotlight analysis Companies need integrated mobility management solutions January 2014 f This spotlight analysis is based on the PAC trend study Mobile Device & Application Management in Germany, France,
More informationThe Theory and Practice of Outsourcing Dave Griffiths
The Theory and Practice of Outsourcing Dave Griffiths This paper discusses the reasons why companies are interested in information outsourcing (the theory) and how it can be made to work for the benefit
More informationNETWORK SECURITY FOR SMALL AND MID-SIZE BUSINESSES
NETWORK SECURITY FOR SMALL AND MID-SIZE BUSINESSES September, 2015 Derek E. Brink, CISSP, Vice President and Research Fellow IT Security and IT GRC Report Highlights p2 p4 p6 p7 SMBs need to adopt a strategy
More informationA risky business. Why you can t afford to gamble on the resilience of business-critical infrastructure
A risky business Why you can t afford to gamble on the resilience of business-critical infrastructure Banking on a computer system that never fails? Recent failures in the retail banking system show how
More informationThe Cloud Balancing Act for IT: Between Promise and Peril
The Cloud Balancing Act for IT: Between Promise and Peril Table of Contents EXECUTIVE SUMMARY...2 ONBOARDING CLOUD SERVICES...3 SYSTEMS OF RECORD: THE NEXT WAVE OF CLOUD ADOPTION...6 A CULTURE OF COMPLIANCE
More informationHealthcare Security: Improving Network Defenses While Serving Patients
White Paper Healthcare Security: Improving Network Defenses While Serving Patients What You Will Learn Safeguarding the privacy of patient information is critical for healthcare providers. However, Cisco
More informationUnder control 2015 Hot topics for IT internal audit in financial services. An Internal Audit viewpoint
Under control 2015 Hot topics for IT internal audit in financial services An Internal Audit viewpoint Introduction Welcome to our fourth annual review of the IT hot topics for IT internal audit in financial
More informationClose the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle
Close the security gap with a unified approach Detect, block and remediate risks faster with end-to-end visibility of the security cycle Events are not correlated. Tools are not integrated. Teams are not
More informationBest Practices to Improve Breach Readiness
Best Practices to Improve Breach Readiness Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC http://blog.emc2.de/trust-security @RobtWesGriffin 1 Security Breaches 2 Security
More informationCybersecurity. Are you prepared?
Cybersecurity Are you prepared? First Cash, then your customer, now YOU! What is Cybersecurity? The body of technologies, processes, practices designed to protect networks, computers, programs, and data
More informationResearch Results. April 2015. Powered by
Research Results April 2015 Powered by Introduction Where are organizations investing their IT security dollars, and just how confident are they in their ability to protect data form a variety of intrusions?
More informationSeamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security
Seamus Reilly Director EY Information Security sreilly@uk.ey.com 0207 951 3179 Cyber Security An Internal Audit perspective on the threats and responses within the Retail Sector 15 th May 2014 Agenda Introductions
More informationHow To Manage Risk On A Scada System
Risk Management for Industrial Control Systems (ICS) And Supervisory Control Systems (SCADA) Information For Senior Executives (Revised March 2012) Disclaimer: To the extent permitted by law, this document
More informationWho s next after TalkTalk?
Who s next after TalkTalk? Frequently Asked Questions on Cyber Risk Fraud threat to millions of TalkTalk customers TalkTalk cyber-attack: website hit by significant breach These are just two of the many
More informationDENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE THREAT OF DDOS ATTACKS IT SECURITY RISKS SPECIAL REPORT SERIES
DENIAL OF SERVICE: HOW BUSINESSES EVALUATE THE IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world
More informationCyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things
Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations
More informationBest Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper
Best Practices in ICS Security for Device Manufacturers A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security
More informationCyber Security solutions
Cyber Security solutions The scenario IT security has become a highly critical issue for all businesses as a result of the growing pervasiveness and diffusion of ICT technology. Risks can arise both inside
More informationCybersecurity Awareness for Executives
SESSION ID: SOP-R04 Cybersecurity Awareness for Executives Rob Sloan Head of Cyber Content and Data Dow Jones @_rob_sloan Session Overview Aim: Provide a high level overview of an effective cybersecurity
More informationCybersecurity Report on Small Business: Study Shows Gap between Needs and Actions
SURVEY REPORT: cyber security Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions Confidence in a connected world. Executive summary An online survey revealed that while U.S.
More informationCyber Insurance as one element of the Cyber risk management strategy
Cyber Insurance as one element of the Cyber risk management strategy Stéphane Hurtaud Partner Governance, Risk & Compliance Thierry Flamand Partner Insurance Leader Laurent de la Vaissière Director Governance,
More informationO p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s
EXECUTIVE BRIEF O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s Adapted from IDC research by Eric Owen Click here to enter text. September 2014 INTRODUCTION
More informationeguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life
Executive s Guide to Windows Server 2003 End of Life Facts About Windows Server 2003 Introduction On July 14, 2015 Microsoft will end support for Windows Sever 2003 and Windows Server 2003 R2. Like Windows
More information3-in-1 Business Technology Solutions
Derbyshire Leicestershire London Head Office Head Office Leicestershire The Hopkiln, Bury Court, Bentley, Surrey GU0 5lZ 0345 0742 993 0345 303 00 leicestershire@opusteam.co.uk info@opusteam.co.uk London
More informationNavigating Cyber Risk Exposure and Insurance. Stephen Wares EMEA Cyber Risk Practice Leader Marsh
Navigating Cyber Risk Exposure and Insurance Stephen Wares EMEA Cyber Risk Practice Leader Marsh Presentation Format Four Key Questions How important is cyber risk and how should we view the cyber threat?
More informationAsset Management Policy March 2014
Asset Management Policy March 2014 In February 2011, we published our current Asset Management Policy. This is the first update incorporating further developments in our thinking on capacity planning and
More informationTHE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols
THE TOP 4 CONTROLS www.tripwire.com/20criticalcontrols THE TOP 20 CRITICAL SECURITY CONTROLS ARE RATED IN SEVERITY BY THE NSA FROM VERY HIGH DOWN TO LOW. IN THIS MINI-GUIDE, WE RE GOING TO LOOK AT THE
More informationCyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft
Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security
More informationCyber Security Solutions
Cyber Security Solutions Defending the Enterprise General Dynamics Information Technology defends mission-critical systems including government, health, finance, defence, large-enterprise and national
More informationwww.hcltech.com ANALYTICS STRATEGIES FOR INSURANCE
www.hcltech.com ANALYTICS STRATEGIES FOR INSURANCE WHITEPAPER July 2015 ABOUT THE AUTHOR Peter Melville Insurance Domain Lead Europe, HCL He has twenty five years of experience in the insurance industry
More informationMarketsandMarkets. http://www.marketresearch.com/marketsandmarkets-v3719/ Publisher Sample
MarketsandMarkets http://www.marketresearch.com/marketsandmarkets-v3719/ Publisher Sample Phone: 800.298.5699 (US) or +1.240.747.3093 or +1.240.747.3093 (Int'l) Hours: Monday - Thursday: 5:30am - 6:30pm
More informationACE European Risk Briefing 2012
#5 ACE European Risk Briefing 2012 IT and cyber risk respondent profiles The research was carried out between 13 April and 3 May 2012. The sample comprised 606 European risk managers, CROs, CFOs, COOs
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationKea Influencer Relations and Marketing for High-Tech & Technology Providers
Kea Analyst Relations Industry analysts play a key role in defining markets and educating buyers. We work with clients to identify and track the most influential and relevant industry analysts, and advise
More informationHow To Write An Article On The European Cyberspace Policy And Security Strategy
EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA
More informationSecuring Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement.
Securing Information in an Outsourcing Environment (Guidance for Critical Infrastructure Providers) Executive Overview Supplement June 2011 DISCLAIMER: This document is intended as a general guide only.
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationInternet Reputation Management Guide. Building a Roadmap for Continued Success
Internet Reputation Management Guide Building a Roadmap for Continued Success About BrandProtect BrandProtect is the leader in multi-channel Internet threat monitoring and risk mitigation. The company
More information2015 VORMETRIC INSIDER THREAT REPORT
Research Conducted by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security RETAIL EDITION #2015InsiderThreat RESEARCH BRIEF RETAIL CUSTOMERS AT RISK ABOUT THIS RESEARCH BRIEF
More informationEU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32. A call for views and evidence
EU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32 A call for views and evidence 22 nd May 2013 Contents Contents... 2 Overview: The EU Directive on Network and Information Security...
More informationCYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES
CYBER AND PRIVACY INSURANCE: LOSS MITIGATION SERVICES How can you better prepare and respond to cyber risks? ACE developed Loss Mitigation Services to help policyholders understand and gauge various areas
More informationCybersecurity in the States 2012: Priorities, Issues and Trends
Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State
More informationHalf prepared? A global study into corporate preparedness for disaster recovery and business continuity
Half prepared? A global study into corporate preparedness for disaster recovery and business continuity November 2011 Half prepared? The latest global business survey from Regus reveals that companies
More informationMOBILE BANKING TESTING TIMES FOR APPS DEVELOPMENT RESULTS OF OUR SURVEY
MOBILE BANKING TESTING TIMES FOR APPS DEVELOPMENT RESULTS OF OUR SURVEY About this survey A SNAPSHOT ABOUT THE DEVELOPMENT OF MOBILE BANKING APPLICATIONS The aim of this survey, conducted in February 2014,
More informationBT Advise Connect. Delivering intelligent network capability around the globe. BT Connect IQ Quick Start. BT Advise
BT Advise Connect Delivering intelligent network capability around the globe BT Connect IQ Quick Start BT Advise BT Connect IQ Quick Start In today s complex market, the network and delivery of network
More informationHow do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI
How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI CGI Cyber Protection & Resilience Solutions Optimized risk management and protection
More information10 steps to the Cloud for SMBs Introduction to Cloud computing. www.fasthosts.co.uk. Ask the Experts. Making Business Work Better Online
10 steps to the Cloud for SMBs Introduction to Cloud computing This paper is designed to explain, in plain English, the real reasons behind how your business can benefit from Cloud computing, and help
More informationTHE CYBER SECURITY PLAYBOOK WHAT EVERY BOARD OF DIRECTORS SHOULD KNOW BEFORE, DURING, AND AFTER AN ATTACK SECURITY REIMAGINED
THE CYBER SECURITY PLAYBOOK WHAT EVERY BOARD OF DIRECTORS SHOULD KNOW BEFORE, DURING, AND AFTER AN ATTACK SECURITY REIMAGINED THE CYBER SECURITY PLAYBOOK 2 03 Introduction 04 Changing Roles, Changing Threat
More informationSecure Thinking Bigger Data. Bigger risk?
Secure Thinking Bigger Data. Bigger risk? MALWARE HACKERS REPUTATION PROTECTION RISK THEFT There has always been data. What is different now is the scale and speed of data growth. Every day we create 2.5
More information