How New Cyber Security Federal Regulations Are Impacting Application and Network Security
|
|
- Ralph Snow
- 7 years ago
- Views:
Transcription
1 How New Cyber Security Federal Regulations Are Impacting Application and Network Security MARKETING RESEARCH EMPLOYEE ENGAGEMENT A WORLD OF INSIGHTS September, 2014 Research by Radware and IDG
2
3 RESPONDENT PROFILE Total Respondents Organization Size Global Annual Sales ,000+ employees 42% 1,000-9,999 employees 50% Less than 1,000 employees 8% $5 billion+ 46% $1 billion - $4.9 billion 41% $500M - $999.9M 14% Job Title Breakdown Top Represented Industries CIO/CTO 41% Financial services (banking, accounting, tax, etc.) Computer related products or services Recruit target 7% 60% CSO/CISO 8% Manufacturing, Production, Distribution 6% EVP, Senior VP, VP 13% Healthcare, Medical, Biotech, Pharmaceuticals 4% Director 18% Retail, Wholesale 4% Business services, Consulting 4% Manager/Supervisor 20% Telecommunications, Internet/Cloud Service Provider 3% * A more detailed respondent profile is appended to this report. A WORLD OF INSIGHTS 3
4 KEY FINDINGS 99% of respondents claim to be very or somewhat familiar with new federal guidelines, although a substantial number, both in financial services and other verticals, are still unaware about many specific regulations Although financial respondents had greater awareness of the specific regulations inquired in the survey, a greater percentage of those in non-financial services (77%) claim to be very familiar with new federal guidelines regarding application and network security than do those in financial services (67%) The financial services industry has felt the affects of these changes more so than have other verticals, particularly with regards to productivity loss, business disruption, and revenue loss Specific areas regulatory changes have impacted include IT CAPEX and OPEX, user experience, and personnel costs Despite these adverse consequences, 87% of respondents agree that the current regulatory changes are very important or critical to keeping their companies and industries secure In order to remain compliant with new codes, respondents have made numerous strategic changes, including investing in new or specialized technologies, changing security processes and protocols, creating new security models, and implementing alert automation Other organizations are taking a more tactical approach, allocating additional budget and hiring new resources (both internal and external) Despite the impact these regulatory changes, respondents believe more can still be done: 4 in 5 believe it is critical or very important for the federal government to impose stricter regulations around application and network security, while 84% expect those regulations to be carried out over the next 12 months A WORLD OF INSIGHTS 4
5 KEY FINDINGS In regards to future regulatory changes, respondents anticipated approaches mirror what they are doing now, which may suggest that solutions put in place today are not suited to scale or accommodate stricter regulations Just 14% of respondents indicated that they would be unwilling to adopt application and network security best practices from other industries Although financial institutions are largely more concerned about the possibility of cyberattacks than are companies from other industries, on average they feel less prepared to safeguard against them The attacks that cause the most harm to businesses are unauthorized access, theft of IP, and sabotage As a result of such attacks, organizations fear loss of revenue, loss of customers, and diminished brand reputation Nearly 80% of respondents expect the frequency of cyber-attacks to increase or remain flat over the next 12 months, while 16% anticipate a decrease (remainder did not know) Over two in five respondents have yet to fill out an SEC questionnaire for compliance in the past 12 months A WORLD OF INSIGHTS 5
6 A WORLD OF INSIGHTS 6 IMPACT OF FEDERAL REGULATORY CHANGES
7 Although the majority of respondents claim to be very familiar with new federal guidelines, a large number are still unaware about specific regulations Total Financial Services Non-Financial Services FAMILIARITY WITH NEW FEDERAL GUIDELINES (GENERAL) FAMILIARITY WITH NEW FEDERAL GUIDELINES (SPECIFIC) 71% 67% 77% National Institute of Standards and Technology (NIST) Cyber Security Framework FFEIC Joint Statement Distributed Denial-of-Service (DDoS) Cyber- Attacks, Risk Mitigation, and Additional Resources (US) Driver Securities and Exchange Commission Cyber Exams (US) Driver 62% 64% 60% 59% 63% 52% 56% 59% 51% 32% 28% 22% Office of the Controller of Currency (OCC) (US) Guidance Driver National Credit Union Administration (NCUA) Risk Alert (US) Driver 51% 58% 41% 58% 65% 46% Very familiar Somewhat familiar 0% 1% 0% Not at all familiar None of the above 3% 1% 7% Q1: Within your industry/organization, how familiar are you with new or revised federal guidelines (or industry association regulations) regarding application and network security (e.g. cyber-attack mitigation, DoS/DDOS attacks) released over the past months? Q2. More specifically, of which of the following new or revised federal guidelines (or industry association regulations) regarding application and network security (released over the past months) are you aware? Total Base: 250; Financial Services Base: 150; Non-Financial Services Base: 100 A WORLD OF INSIGHTS 7
8 Financial services is acutely impacted by new or revised federal guidelines, particularly in terms of business disruption and revenue loss CONSEQUENCES OF NEW FEDERAL GUIDELINES Total Financial Services Non Financial Services Productivity loss 41% 49% 54% Business disruption 34% 48% 57% Revenue loss 32% 48% 58% Penalties/fines 31% 36% 40% None of the above 11% 17% 26% Q3: Has your organization experienced any of the following consequences as a result of recent - new or revised - federal guidelines (or industry association regulations) regarding application and network security? Total Base: 250; Financial Services Base: 150; Non-Financial Services Base: 100 A WORLD OF INSIGHTS 8
9 In addition to revenue loss, higher OPEX and CAPEX as a result of new federal regulations are also affecting bottom line results; despite these adverse consequences, respondents largely believe these regulations are very or critically important IMPACT OF NEW FEDERAL REGULATIONS TO ASPECTS OF BUSINESS Significant Moderate Minimal No Impact IT capital expenditures (CapEx) (i.e., data center upgrades/investments) IT operational expenses (OpEx) 42% 40% 38% 41% 16% 4% 15% 4% PERCEIVED IMPORTANCE OF NEW FEDERAL REGULATIONS 69% User experience 36% 38% 20% 6% Personnel costs Application performance 36% 35% 40% 41% 20% 19% 4% 5% 18% 11% Application development costs 35% 40% 21% 4% 1% 0% Procurement cycles for third-party apps 31% 41% 22% 6% Application development cycles 30% 46% 19% 5% Hiring practices 27% 48% 16% 8% Q4: What has been the impact of these recent - new or revised - federal guidelines (or industry association regulations) on the following aspects of your business? Q5: How important do you believe recent - new or revised - federal guidelines (or industry association regulation changes) to application and network security policies/requirements are to keeping your company/industry secure? Total Base: 250 A WORLD OF INSIGHTS 9
10 Top approaches to new federal regulations are more strategic (investing in new tech, process refresh, etc.) than simply adding supplemental resources ORGANIZATIONAL APPROACH TO NEW FEDERAL REGULATIONS Invested in new or specialized technologies (hardware and/or software) Changed security processes, protocols, and mandates Created new security models 49% 47% 53% EXTRA BUDGET New monies 14% average increase (N = 78) Re-assigned budget 11% average increase (N = 30) Implemented alert automation in event of breach Revised internal external reporting requirements processes Assigned extra budget Hired new external resources (i.e., temporary IT staffing, sub-contractors, etc.) Hired new internal resources (full-time/part-time staff) None, we have not changed our approach 1% 46% 44% 43% 42% 41% HIRED RESOURCES New internal 18 new employees (mean) (N = 102) New external Temporary IT staffing (56%) Sub-contractors (44%) Consultants (68%) Short-term vendor staff assistance (55%) Short-term partner staff assistance (40%) (N = 104) Q6: During the past 12 months, how has your organization approached compliance with new or revised federal guidelines (or industry association regulations) regarding application and network security? Q6a. Did your company allocate new or additional monies to address these compliance needs or reassign monies from an existing budget? Q6b. How many new internal hires were made over the past 12 months to address these compliance needs? Q6c. What types of new external resources have you contracted with to address your compliance needs over the past 12 months? Total Base: 250; Q6a Base 108: Q6a (Increase) Base: 78; Q6a (Re-assign) Base: 30; Q6b Base: 102; Q6c Base: 104 A WORLD OF INSIGHTS 10
11 Nearly two-thirds of respondents indicated a willingness to adopt application and network security best practices from another industry, compared to just 14% who would not WILLINGNESS TO ADOPT APPLICATION AND NETWORK SECURITY BEST PRACTICES FROM OTHER INDUSTRIES 63% 23% 14% Yes Maybe No Q10: Would you be willing to adopt application and network security best practices from another industry based on its response to anticipated Federal regulatory changes? Total Base: 250 A WORLD OF INSIGHTS 11
12 A WORLD OF INSIGHTS 12 FUTURE FEDERAL REGULATORY CHANGES
13 The vast majority of respondents believe it is very or critically important for the federal government to impose stricter regulations around application and network security, while more than 5 in 6 expect those regulations to be carried out over the next 12 months PERCEIVED IMPORTANCE OF STRICTER REGULATIONS Total Reported Adverse Consequences Did Not Report Adverse Consequences 66% 61% 36% 36% 19% 16% 17% 16% 24% Critical/Very important Adverse conseq.: 82% No Adverse conseq.: 72% 84% of respondents expect network and application security to be more tightly regulated by the federal government over the next 12 months 5% 2% 1% 1% 1% 0% Critical Very important Somewhat important Not very important Not at all important Q7: In terms of keeping your company/industry secure, how important do you believe it is for the federal government to impose stricter regulations around application and network security? Q8: With respect to application and network security, do you expect your industry will be more tightly regulated by the federal government over the next 12 months? Total Base: 250; Reported Adverse Consequences Base: 208; Did Not Report Adverse Consequences Base: 42 A WORLD OF INSIGHTS 13
14 Respondent organizations anticipated responses to future federal regulation changes mirror what organizations are doing today ANTICIPATED APPROACH TO FUTURE FEDERAL REGULATIONS CHANGES Total Financial Services Non Financial Services Implement new technologies (hardware and/or software) Create new security models Assign extra budget Change security processes, protocols, and mandates Implement aleart automation in event of breach Hire new external resources Hire new internal resources Revise internal/external reporting requirements/processes 56% 46% 51% 50% 53% 47% 52% 40% 47% 53% 39% 46% 47% 44% 43% 46% 38% 42% 45% 37% 38% 41% 35% 62% Q9: How do you anticipate your organization will approach compliance with future new or revised federal guidelines (or industry association regulations) regarding application and network security? Total Base: 250; Financial Services Base: 150; Non-Financial Services Base: 100 A WORLD OF INSIGHTS 14
15 A WORLD OF INSIGHTS 15 ATTACKS ON THE BUSINESS AND MITIGATION STRATEGIES
16 Although financial institutions are more concerned about the possibility of cyber-attacks than are respondent organizations from other industries, they believe their businesses are less prepared to safeguard against them Total Financial Services Non-Financial Services CONCERN ABOUT POSSIBILITY OF CYBER-ATTACKS Extremely concerned Very concerned Somewhat concerned Not very concerned Not at all concerned 13% 10% 18% 5% 3% 8% 0% 1% 0% 30% 28% 33% 41% 51% 58% Extremely/Very Concerned TITLE Financial: 86% Non-Financial: 74% PERCEIVED PREPAREDNESS TO SAFEGUARD AGAINST CYBER-ATTACKS Extremely well prepared Very well prepared Somewhat prepared Not very prepared Not at all prepared 0% 0% 1% 0% 0% 0% 26% 22% 31% 30% 33% 24% 44% 45% 44% Extremely/Very Well Prepared Financial: 67% Non-Financial: 75% Q11: How concerned are you about the possibility of cyber-attacks to your organization Q12. In your opinion, how prepared is your organization to safeguard itself from cyber-attacks? Total Base: 250; Financial Services Base: 150; Non-Financial Services Base: 100 A WORLD OF INSIGHTS 16
17 Unauthorized access, theft of IP, sabotage, and worm and virus damage are the most harmful attacks to the business ATTACKS CAUSING MOST HARM TO BUSINESS Unauthorized Access Theft of proprietary information/intellectual property Sabotage: deliberate disruption, deletion or destruction of information, systems, or networks Worm & Virus Damage 48% 47% 47% 46% Fraud 43% Criminal SPAM 38% Advanced persistent threat (APT) 37% Phishing 33% Distrubuted denial-of-service 32% Q13: Which of the following attacks would cause the most significant harm to your business? Total Base: 250 A WORLD OF INSIGHTS 17
18 Unsurprisingly, loss of revenue tops the list of negative outcomes resulting from a cyber-attack, followed by loss of customers, which was cited at a higher clip by non-financial industry respondents than by financial respondents CONCERN OVER OUTCOMES Loss of revenue 39% Loss of customers 38% Diminished brand value/reputation 31% Inability to conduct business for extended periods of time 28% Increased operational costs (customer service, engineering) 25% Delay of other important initiatives 25% Q14: Which of the following potential negative outcomes from an attack is your organization most concerned about? Total Base: 250 A WORLD OF INSIGHTS 18
19 Nearly 80% of respondents expect the frequency of cyber-attacks to their organization to increase or remain flat over the next 12 months FREQUENCY OF ATTACKS OVER NEXT 12 MONTHS On average, respondents anticipate a 3.5% increase in cyber-attacks over the next 12 months INCREASE 19% 44% 35% DECREASE 21% 16% Increase Remain flat Decrease Q15a: Over the next 12 months, do you anticipate the frequency of cyber-attacks directed at your organization to: Q15b: By what percent do you anticipate the number of cyber-attacks to [increase/decrease] over the next 12 months? Total Base: 250 A WORLD OF INSIGHTS 19
20 Nearly half of all respondents are leveraging the cloud to some capacity to mitigate DDoS attacks; a substantial percentage of respondents have yet to fill out an SEC questionnaire for compliance in the last 12 months DDOS MITIGATION STRATEGIES We are using a hybrid (mix of hardware and cloud) approach We leverage on-premise hardware/software (e.g. firewalls, routers, switches, and intrusion prevention systems) 28% 26% 58% of survey respondents have filled out a Security and Exchange Commission questionnaire for compliance in the past 12 months We leverage a cloud-based solution 21% We are using our ISP s/hosting provider s solution 17% 79% of respondents view their organization as critical infrastructure We are not protecting against DDoS attacks 8% Q16: In the past 12 months, have you filled out a Security and Exchange Commission (SEC) questionnaire for compliance? Q17. Based on your company s role and industry, do you view your organization as critical infrastructure (i.e. do you view your organization as an asset essential for the functioning of a society and/or economy)? Q18. Upon which of the following does your organization primarily rely to protect itself against and mitigate DDoS attacks? Total Base: 250 A WORLD OF INSIGHTS 20
21 A WORLD OF INSIGHTS 21 RESPONDENT PROFILE
22 Number of Employees Company Industry 100,000 or more 50,000-99,999 12% 6% Financial services (banking, accounting, tax, etc.) Computer related products or services Recruit target Manufacturing, Production, Distribution 7% 6% 60% 30,000-49,999 7% Healthcare, Medical, Biotech, Pharmaceuticals 4% 20,000-29,999 7% Retail, Wholesale 4% 10,000-19,999 7,500-9,999 10% 12% Business services, Consulting Telecommunications, Internet/Cloud Service Provider Architecture, Building, Construction, Engineering 4% 3% 2% 5,000-7,499 16% Media, Entertainment 2% 2,500-4,999 14% Energy and Utilities Advertising, Marketing, Public relations 1% 1% 1,000-2,499 7% Arts, Recreation 1% % Government (Federal, State & Local) 1% Fewer than 250 employees 3% 1% Mean number of employees: 25,151 Insurance Transportation Other 1% 1% 2% Q19: Approximately how many people are employed in your entire company or enterprise? (Please include all plants, divisions, branches, parents and subsidiaries worldwide) S5: Which of the following best describes your organization s industry or function? Total Base: 250 A WORLD OF INSIGHTS 22
23 Job Title Global Annual Sales Revenue CIO/CTO 41% $10 billion or more 19% CSO/CISO 8% $5 billion - $9.9 billion 27% EVP, Senior VP, VP 13% $3 billion - $4.9 billion 20% Director 18% $1 billion - $2.9 billion 20% Manager/Supervisor 20% $500 million - $999.9 million 14% Mean (billions): $5.18 S3: Which of the following best describes your title within your organization? S4: Please indicate your organization s total global annual sales revenue for the most recent fiscal year. Total Base: 250 A WORLD OF INSIGHTS 23
24 IDG Research Services specializes in marketing and media-related research for technology marketers. As a division of International Data Group (IDG), the world's leading technology media, research, and event company, IDG Research Services brings the resources and experience of a large, global company to its clients in the form of a small, customer-focused business. For more information please visit our website. Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware's solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit A WORLD OF INSIGHTS 24
Cloud Security Concerns and the Perceived Effectiveness of Traditional Security Solutions in a Cloud Environment
Cloud Security Concerns and the Perceived Effectiveness of Traditional Security Solutions in a Cloud Environment Presented by: IDG Research Company: CloudPassage June 2015 METHODOLOGY & RESEARCH OBJECTIVES
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationCYBERSECURITY EXAMINATION SWEEP SUMMARY
This Risk Alert provides summary observations from OCIE s examinations of registered broker-dealers and investment advisers, conducted under the Cybersecurity Examination Initiative, announced April 15,
More informationMarket Pulse Research: Big Data Storage & Analytics
Market Pulse Research: Big Data Storage & Analytics MARKETING RESEARCH EMPLOYEE ENGAGEMENT A WORLD OF INSIGHTS January 2015 Presented on behalf of HP & Microsoft METHODOLOGY & RESEARCH OBJECTIVES Sample
More informationEnterprise-class Cloud Strategy & Plans. Conducted on behalf of Dell and VMware Presented by: IDG Research Services
Enterprise-class Cloud Strategy & Plans Conducted on behalf of Dell and VMware Presented by: IDG Research Services February 2012 1 CONTENT COMMUNITY CONVERSATION CONVERSION Methodology Introduction This
More informationCybersecurity Strategic Consulting
Home Overview Challenges Global Resource Growth Impacting Industries Why Capgemini Capgemini & Sogeti Cybersecurity Strategic Consulting Enabling business ambitions, resilience and cost efficiency with
More informationData Security in Development & Testing
Data Security in Development & Testing Sponsored by Micro Focus Independently conducted by Ponemon Institute LLC Publication Date: July 31, 2009 Ponemon Institute Research Report Data Security in Development
More informationImpact of Cybersecurity Innovations in Key Sectors (Technical Insights)
Impact of Cybersecurity Innovations in Key Sectors (Technical Insights) Customized cybersecurity measures help overcome Industry specific challenges September 2014 Table of Contents Section Slide Number
More information2015 Global Study on IT Security Spending & Investments
2015 Study on IT Security Spending & Investments Independently conducted by Ponemon Institute LLC Publication Date: May 2015 Sponsored by Part 1. Introduction Security risks are pervasive and becoming
More informationData Center Research. June 2011. Data Center
Data Center Research June 2011 Data Center Purpose & Methodology To gain a better understanding of data center investments and plans taking place today and in the future Survey was conducted across IDG
More informationState of Mobility Survey. France Results
State of Mobility Survey France Results Methodology Survey performed by Applied Research 6,275 global organizations 43 countries NAM 2 LAM 14 EMEA 13 APJ 14 SMBs: Individuals in charge of computers Enterprises:
More informationMEMORANDUM. Date: October 28, 2013. Federally Regulated Financial Institutions. Subject: Cyber Security Self-Assessment Guidance
MEMORANDUM Date: October 28, 2013 To: Federally Regulated Financial Institutions Subject: Guidance The increasing frequency and sophistication of recent cyber-attacks has resulted in an elevated risk profile
More informationDeveloping National Frameworks & Engaging the Private Sector
www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012
More informationManaging Cyber Security as a Business Risk: Cyber Insurance in the Digital Age
Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: August 2013
More informationBYOD & MOBILE SECURITY
2013 surve y results BYOD & MOBILE SECURITY Group Partner Information Security Sponsored by Symantec KPMG Zimbani MailGuard INTRODUCTION Welcome to the 2013 BYOD & Mobile Security Report! Bring Your Own
More informationPACB One-Day Cybersecurity Workshop
PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationQuick Pulse Research: Software Defined Architecture. Conducted on behalf of F5 Presented by IDG Research Services December 2015
Quick Pulse Research: Software Defined Architecture 1 Conducted on behalf of F5 Presented by IDG Research Services December 2015 CONTENT COMMUNITY CONVERSATION CONVERSION METHODOLOGY AND RESEARCH OBJECTIVES
More informationDAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES
DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES Kaspersky Lab 2 Corporate IT Security Risks Survey details: More than 5500 companies in 26 countries around the world
More informationIs Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: April 2013 Ponemon Institute Research Report
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More information2015 Global Cyber Impact Report
2015 Global Cyber Impact Report Sponsored by Aon Risk Services Independently conducted by Ponemon Institute LLC Publication Date: April 2015 2015 Global Cyber Impact Report Ponemon Institute, April 2015
More informationOCIE Technology Controls Program
OCIE Technology Controls Program Cybersecurity Update Chris Hetner Cybersecurity Lead, OCIE/TCP 212-336-5546 Introduction (Role, Disclaimer, Background and Speech Topics) SEC Cybersecurity Program Overview
More informationISO? ISO? ISO? LTD ISO?
Property NetProtect 360 SM and NetProtect Essential SM Which one is right for your client? Do your clients Use e-mail? Rely on networks, computers and electronic data to conduct business? Browse the Internet
More informationSECURING YOUR SMALL BUSINESS. Principles of information security and risk management
SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and
More informationAftermath of a Data Breach Study
Aftermath of a Data Breach Study Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: January 2012 Ponemon Institute Research Report Aftermath
More informationIT Operations Benchmark Survey 2015. Research Reveals Strategies for IT to Drive Business Results and End-user Satisfaction
IT Operations Benchmark Survey 2015 Research Reveals Strategies for IT to Drive Business Results and End-user Satisfaction Introduction Welcome to the first annual Kaseya IT Operations Benchmark Survey.
More informationPeer Research Cloud Security Insights for IT Strategic Planning
SEPTEMBER 2011 Peer Research Cloud Security Insights for IT Strategic Planning Intel s IT Manager Survey on Cloud Security Why you should read this document: This report describes key findings from a survey
More informationIs Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution
Is Your Company Ready for a Big Data Breach? Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: March 2013 Ponemon Institute Research Report
More informationCYBER SECURITY INFORMATION SHARING & COLLABORATION
Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers
More informationDNS Server Security Survey
EXECUTIVE BRIEF DNS Server Security Survey Sponsored by: EfficientIP Romain Fouchereau June 2014 INTRODUCTION With most organizations having some business linked to and more importantly relying on an online
More informationIndustrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Industrial Cyber Security Risk
Industrial Cyber Security Risk Manager Proactively Monitor, Measure and Manage Industrial Cyber Security Risk Industrial Attacks Continue to Increase in Frequency & Sophistication Today, industrial organizations
More informationReputation Impact of a Data Breach U.S. Study of Executives & Managers
Reputation Impact of a Data Breach U.S. Study of Executives & Managers Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon
More informationCybersecurity Issues for Community Banks
Eastern Massachusetts Compliance Network Cybersecurity Issues for Community Banks Copyright 2014 by K&L Gates LLP. All rights reserved. Sean P. Mahoney sean.mahoney@klgates.com K&L Gates LLP State Street
More informationVIGILANCE INTERCEPTION PROTECTION
MINIMIZE CYBERTHREATS VIGILANCE INTERCEPTION PROTECTION CYBERSECURITY CDW FINANCIAL SERVICES 80 million identities were exposed by breaches in financial services in 2014. 1 1 symantec.com, Internet Security
More informationCybersecurity Awareness for Executives
SESSION ID: SOP-R04 Cybersecurity Awareness for Executives Rob Sloan Head of Cyber Content and Data Dow Jones @_rob_sloan Session Overview Aim: Provide a high level overview of an effective cybersecurity
More informationStudy of the Impact of cyber crime on businesses In canada
Study of the Impact of Cyber Crime on businesses in Canada 2 Introduction The International Cyber Security Protection Alliance (ICSPA) www.icspa.org, has conducted a study on the impact of cyber crime
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationAmid Ongoing Transformation and Compliance Challenges, Cybersecurity Represents Top IT Concern in Financial Services Industry
Amid Ongoing Transformation and Compliance Challenges, Cybersecurity Represents Top IT Concern in Financial Services Industry IT leaders are battening down the hatches, according to Protiviti s latest
More informationVendor Management Best Practices
23 rd Annual and One Day Seminar Vendor Management Best Practices Catherine Bruder CPA, CITP, CISA, CISM, CTGA Michigan Texas Florida Insight. Oversight. Foresight. SM Doeren Mayhew Bruder 1 $100 billion
More informationCybercrime and Regulatory Priorities for Cybersecurity
NRS Technology and Communication Compliance Forum Cybercrime and Regulatory Priorities for Cybersecurity Copyright 2014 by K&L Gates LLP. All rights reserved. Sean P. Mahoney sean.mahoney@klgates.com K&L
More informationDDoS Attacks in the United Kingdom
Neustar Insights DDoS Attacks in the United Kingdom 2012 Annual Trends and Impact Survey Contents Survey Findings, 2012 2011 Survey Methodology 3 Frequency of Attacks 3 Introduction In both 2011 and 2012,
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationThe Impact of Cybercrime on Business
The Impact of Cybercrime on Business Studies of IT practitioners in the United States, United Kingdom, Germany, Hong Kong and Brazil Sponsored by Check Point Software Technologies Independently conducted
More informationTHE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER
THE TOP SECURITY QUESTIONS YOU SHOULD ASK A CLOUD COMMUNICATIONS PROVIDER How to ensure a cloud-based phone system is secure. BEFORE SELECTING A CLOUD PHONE SYSTEM, YOU SHOULD CONSIDER: DATA PROTECTION.
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationBy: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015
Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity
More informationCybersecurity..Is your PE Firm Ready? October 30, 2014
Cybersecurity..Is your PE Firm Ready? October 30, 2014 The Panel Melinda Scott, Founding Partner, Scott Goldring Eric Feldman, Chief Information Officer, The Riverside Company Joe Campbell, CTO, PEF Services
More informationHope is Not a Strategy
Neustar Insights Hope is Not a Strategy 2012 Annual DDoS Attack and Impact Survey: A Year-to-Year Analysis Contents Survey methodology 3 Frequency of attacks 3 Financial impact 4 Attack size 5 Length of
More informationSmall Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m.
Small Firm Focus: A Practical Approach to Cybersecurity Friday, May 29 9:00 a.m. 10:15 a.m. Topics: Explain why it is important for firms of all sizes to address cybersecurity risk. Demonstrate awareness
More informationWebinar and Marketing Technology Purchase Decision Analysis Prepared for ON24
Webinar and Marketing Technology Purchase Decision Analysis Prepared for ON24 December 2015 www.hanoverresearch.com Table of Contents Introduction and Methodology.. P 3 Executive Summary and Key Findings..
More informationSmall Business Virtualization Poll APJ RESULTS
Small Business Virtualization Poll APJ RESULTS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Small businesses have a strong interest in virtualization... 8 Finding 2: Small businesses are still
More informationState of Security Survey GLOBAL FINDINGS
2011 State of Security Survey GLOBAL FINDINGS CONTENTS Introduction... 4 Methodology... 6 Finding 1: Cybersecurity is important to business... 8 Finding 2: The drivers of security are changing... 10 Finding
More informationInternet Reputation Management Guide. Building a Roadmap for Continued Success
Internet Reputation Management Guide Building a Roadmap for Continued Success About BrandProtect BrandProtect is the leader in multi-channel Internet threat monitoring and risk mitigation. The company
More informationAccenture Technology Consulting. Clearing the Path for Business Growth
Accenture Technology Consulting Clearing the Path for Business Growth Mega technology waves are impacting and shaping organizations in a profound way When a company s executive management team considers
More informationBAE Systems Cyber Security Survey Report
BAE Systems Cyber Security Survey Report Q1 2016 1 Copyright 2016 BAE Systems. All Rights Reserved. Table of Contents Page Number Objectives & Methodology 3 Executive Summary 4 Key Findings 7 Detailed
More informationTop Fraud Trends Facing Financial Institutions
Top Fraud Trends Facing Financial Institutions Presented on: October 7, 2015, 2-3 ET Presented by: Ann Davidson - VP of Risk Consulting at Allied Solutions Webinar Agenda 1. Fraud trends in 2015 and beyond
More informationPerceptions About Network Security Survey of IT & IT security practitioners in the U.S.
Perceptions About Network Security Survey of IT & IT security practitioners in the U.S. Sponsored by Juniper Networks Independently conducted by Ponemon Institute LLC Publication Date: June 2011 Ponemon
More informationIs Your Company Ready for a Big Data Breach?
Is Your Company Ready for a Big Data Breach? The Second Annual Study on Data Breach Preparedness Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication
More informationThe State of IT Transformation for Healthcare
The State of IT Transformation for Healthcare An Analysis by EMC and VMware EMC and VMware are helping IT groups at healthcare organizations transform to business-focused service providers. The State of
More informationCloud Security: Getting It Right
Cloud Security: Getting It Right Sponsored by Armor Independently conducted by Ponemon Institute LLC Publication Date: October 2015 Ponemon Institute Research Report Cloud Security: Getting It Right Ponemon
More informationHow To Understand Cloud Economics
WHITE PAPER Cloud Economics: A Financial Analysis of Information Management IT Delivery Models Sponsored by: Viewpointe LLC Michael Versace October 2013 Randy Perry IDC OPINION Executive Summary Cost optimization
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationSecurity solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.
Security solutions White paper Acquire a global view of your organization s security state: the importance of security assessments. April 2007 2 Contents 2 Overview 3 Why conduct security assessments?
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationThe Cost of Insecure Mobile Devices in the Workplace Sponsored by AT&T
The Cost of Insecure Mobile Devices in the Workplace! Sponsored by AT&T Independently conducted by Ponemon Institute LLC Publication Date: March 2014 Part 1. Introduction The Cost of Insecure Mobile Devices
More informationCyber Risks and Insurance Solutions Malaysia, November 2013
Cyber Risks and Insurance Solutions Malaysia, November 2013 Dynamic but vulnerable IT environment 2 Cyber risks are many and varied Malicious attacks Cyber theft/cyber fraud Cyber terrorism Cyber warfare
More informationHIMSS Survey Uncovers Critical Weaknesses In Hospital Web Security
HIMSS Survey Uncovers Critical Weaknesses In Hospital Web Security HIMSS Survey Uncovers Critical Weaknesses in Hospital Web Security 2 HIMSS Analytics, in partnership with Akamai, recently conducted a
More informationThe Pulse of Mobile Enterprise Applications. Empowering Employees and Enhancing Customer Engagement
The Pulse of Mobile Enterprise Applications Empowering Employees and Enhancing Customer Engagement The mobile enterprise applications market is on a growth trajectory. Our focus today? WAN-based solutions
More informationW H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a t i o n s a n d S t a f f i n g
Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R C l i m a t e C h a n g e : C l o u d ' s I m p a c t o n I T O r g a n i z a
More informationWhy a Network-based Security Solution is Better than Using Point Solutions Architectures
Why a Network-based Security Solution is Better than Using Point Solutions Architectures In This Paper Many threats today rely on newly discovered vulnerabilities or exploits CPE-based solutions alone
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationNew York State Department of Financial Services. Report on Cyber Security in the Insurance Sector
New York State Department of Financial Services Report on Cyber Security in the Insurance Sector February 2015 Report on Cyber Security in the Insurance Sector I. Introduction Cyber attacks against financial
More informationTop Ten Technology Risks Facing Colleges and Universities
Top Ten Technology Risks Facing Colleges and Universities Chris Watson, MBA, CISA, CRISC Manager, Internal Audit and Risk Advisory Services cwatson@schneiderdowns.com April 23, 2012 Overview Technology
More informationRadware Cloud Solutions for Enterprises. How to Capitalize on Cloud-based Services in an Enterprise Environment - White Paper
Radware Cloud Solutions for Enterprises How to Capitalize on Cloud-based Services in an Enterprise Environment - White Paper Table of Content Executive Summary...3 Introduction...3 The Range of Cloud Service
More informationIdentity & Access Management in the Cloud: Fewer passwords, more productivity
WHITE PAPER Strategic Marketing Services Identity & Access Management in the Cloud: Fewer passwords, more productivity Cloud services are a natural for small and midsize businesses, with their ability
More informationLeveraging Privileged Identity Governance to Improve Security Posture
Leveraging Privileged Identity Governance to Improve Security Posture Understanding the Privileged Insider Threat It s no secret that attacks on IT systems and information breaches have increased in both
More informationWhite Paper on Financial Industry Regulatory Climate
White Paper on Financial Industry Regulatory Climate According to a 2014 report on threats to the financial services sector, 45% of financial services organizations polled had suffered economic crime during
More informationCloud Security In Your Contingency Plans
Cloud Security In Your Contingency Plans Jerry Lock Security Sales Lead, Greater China Contingency Plans Avoid data theft and downtime by extending the security perimeter outside the data-center and protect
More informationDESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the
More informationEnterprise Computing Solutions
Business Intelligence Data Center Cloud Mobility Enterprise Computing Solutions Security Solutions arrow.com Security Solutions Secure the integrity of your systems and data today with the one company
More informationHow Companies Can Improve Website & Web Application Security. Even with a Tight IT Budget
How Companies Can Improve Website & Web Application Security Even with a Tight IT Budget Website and web application security is no longer a luxury it s a necessity. We live in the age of cyber warfare
More informationThe Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners
The Security of Cloud Infrastructure Survey of U.S. IT and Compliance Practitioners Sponsored by Vormetric Independently conducted by Ponemon Institute LLC Publication Date: November 2011 Ponemon Institute
More informationI D C V E N D O R S P O T L I G H T. H yb r i d C l o u d Solutions for ERP
I D C V E N D O R S P O T L I G H T H yb r i d C l o u d Solutions for ERP November 2014 Adapted from Worldwide Enterprise Applications 2014 2018 Forecast and 2013 Vendor Shares by Christine Dover Sponsored
More information2014: A Year of Mega Breaches
2014: A Year of Mega Breaches Sponsored by Identity Finder Independently conducted by Ponemon Institute LLC Publication Date: January 2015 Ponemon Institute Research Report Part 1. Introduction 2014: A
More informationThe Cloud Balancing Act for IT: Between Promise and Peril
The Cloud Balancing Act for IT: Between Promise and Peril Table of Contents EXECUTIVE SUMMARY...2 ONBOARDING CLOUD SERVICES...3 SYSTEMS OF RECORD: THE NEXT WAVE OF CLOUD ADOPTION...6 A CULTURE OF COMPLIANCE
More informationBuilding the business case for continuity and resiliency
Global Technology Services Research Analysis Risk Management Building the business case for continuity and resiliency The economics of IT risk and reputation and their importance to business continuity
More informationElectronic Health Information at Risk: A Study of IT Practitioners
Electronic Health Information at Risk: A Study of IT Practitioners Sponsored by LogLogic Conducted by Ponemon Institute LLC October 15, 2009 Ponemon Institute Research Report Executive summary Electronic
More informationHedge Funds & the Cloud: The Pros, Cons and Considerations
Hedge Funds & the Cloud: The Pros, Cons and Considerations By Mary Beth Hamilton, Director of Marketing, Eze Castle Integration The increased use of cloud-based services is undeniable. Analyst firm Forrester
More informationWHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk. A Hootsuite & Nexgate White Paper
WHITE PAPER Mapping Organizational Roles & Responsibilities for Social Media Risk A Hootsuite & Nexgate White Paper Mapping Organizational Roles & Responsibilities for Social Media Risk Executive Summary
More information10 Smart Ideas for. Keeping Data Safe. From Hackers
0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000
More informationTHE BUSINESS VALUE OF MANAGED SECURITY SERVICES.
THE BUSINESS VALUE OF MANAGED SECURITY SERVICES. INTRODUCTION For many organizations, outsourcing network security services appears to be a logical choice. You avoid hardware, licensing, and maintenance
More informationTESTIMONY OF VALERIE ABEND SENIOR CRITICAL INFRASTRUCTURE OFFICER OFFICE OF THE COMPTROLLER OF THE CURRENCY. Before the
For Release Upon Delivery 10:00 a.m., December 10, 2014 TESTIMONY OF VALERIE ABEND SENIOR CRITICAL INFRASTRUCTURE OFFICER OFFICE OF THE COMPTROLLER OF THE CURRENCY Before the COMMITTEE ON BANKING, HOUSING,
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationWILLIS SPECIAL REPORT: 10K DISCLOSURES HOW TECHNOLOGY AND TELECOM COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES
WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW TECHNOLOGY AND TELECOM COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES This special report examines the cyber risk disclosures made by the technology and telecommunications
More informationContinuous Third-Party Security Monitoring Powers Business Objectives And Vendor Accountability
A Custom Technology Adoption Profile Commissioned By BitSight Technologies Continuous Third-Party Security Monitoring Powers Business Objectives And Vendor Accountability Introduction As concerns around
More informationGEARS Cyber-Security Services
Florida Department of Management Services Division of State Purchasing Table of Contents Introduction... 1 About GEARS... 2 1. Pre-Incident Services... 3 1.1 Incident Response Agreements... 3 1.2 Assessments
More informationWILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES
WILLIS SPECIAL REPORT: 10K DISCLOSURES HOW RETAIL COMPANIES DESCRIBE THEIR CYBER LIABILITY EXPOSURES This special report examines the cyber risk disclosures made by the retail sector of the Fortune 1000.
More informationCIO SUMMIT l LAS VEGAS
CIO SUMMIT l LAS VEGAS Copyright 2014 EMC Corporation. All rights reserved. 1 IT Transformation Facilitator: Tom Roloff, SVP Global Services, EMC Many Industries Face Structural Change 3 Today s Business
More information