PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY"

Transcription

1 PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018

2 2018 Study on Global Megatrends in Cybersecurity Ponemon Institute, February 2018 Introduction Around the world, cyberattacks on businesses are getting more powerful and harder to stop. Corporate boards aren't being briefed on cybersecurity, and executives don't see it as a strategic priority. Meanwhile, information security officers will become more important yet they aren t always getting the resources they need to protect organizations from growing and more sophisticated threats. Those are among the findings of the 2018 Study on Global Megatrends in Cybersecurity, a survey sponsored by Raytheon and conducted by the Ponemon Institute. The study, conducted in late 2017, looks at commercial cybersecurity through the eyes of those who work on its front lines. More than 1,100 senior information technology practitioners from the United States, Europe, and the Middle East/North Africa region weighed in on the state of the industry today, and where it's going over the next few years. The purpose of this research is to help organizations better understand the changes occurring in the cybersecurity ecosystem that will impact their security posture over the next three years and to elevate the urgency for action when it comes to protecting organizations from cyber threats. According to the research, over the next three years, cyber extortion or ransomware attacks will increase in frequency, as will nation-state attacks and cyber warfare. To improve their preparedness, organizations represented in this research are planning to take the following actions: Expand the CISO s role and responsibility Engage in threat intelligence sharing Require frequent audits and assessments of their security policies and procedures Hire managed security service providers Increase investments in big data analytics, artificial intelligence in cyber defense and threat intelligence feeds The report also highlights megatrends from the 2015 study to show how perceptions about the CISO s role are changing, as well as the growth in the use of certain types of technologies to prevent cyber exploits and data breaches. Following are the seven global megatrends that are problematic for the state of cybersecurity over the next three years. 1. A data breach from an unsecured Internet of Things (IoT) device in the workplace is predicted to be very likely over the next three years. 82% of respondents predict unsecured IoT devices will likely cause a data breach in their organizations. 80% say such a breach could be catastrophic 2. The risk of cyber extortion and data breaches will increase in frequency. CISOs will be faced with a greater risk of cyber extortion, such as ransomware, according to 67% of respondents. 66% of respondents believe data breaches or cybersecurity exploits will seriously diminish their organization s shareholder value. 60% of respondents predict that nation-state attacks against government and commercial organizations will worsen and could potentially lead to a cyber war (That s up from 22% of survey respondents who believe that today.) Page 1

3 3. As a result, IT security practitioners are more pessimistic about their ability to protect their organizations from cyber threats. In this year s study, 54% of respondents believe their cybersecurity posture will either stay the same (35% of respondents) or decline (19% of respondents). In fact, 58% of respondents believe the problem of not having an expert cyber staff will worsen and 46% of respondents believe artificial intelligence will not reduce the need for experts in cybersecurity. 4. Cyber warfare and breaches involving high-value information will have the greatest negative impact on organizations over the next three years. Respondents were asked to rate cyber threats to their organizations from 1 = low risk to 5 = high risk. Today, based on their rating, only 22% of respondents say cyber warfare is a high risk. However, over the next three years, 51% of respondents say it will be a high risk. Today, 43% of respondents rate the risk of breaches involving high-value information as very high and 71% of respondents say the risk will be very high over the next three years. 5. Despite the growing cyber threat, cybersecurity is not considered a strategic priority. IT security practitioners need to make the case that a strong cybersecurity posture protects organizations as they innovate and make important changes to their operations. Only 36% of respondents say their senior leadership believes cybersecurity is a strategic priority, which, in turn, affects funding for investment in technologies and personnel. Based on other Ponemon Institute research, a business with a strong cybersecurity posture can support innovation and lower costs to respond to data breaches and cyber crime, as determined by the deployment of specific practices and technologies. 6. Boards of directors are not engaged in the oversight of their organization s cybersecurity strategy. 68% of respondents say their boards of directors are not being briefed on what their organizations are doing to prevent or mitigate the consequences of a cyberattack. 7. Companies will have to spend more to achieve regulatory compliance and respond to class action lawsuits and tort litigation. Regulations that will have a high cost impact include federal laws regulating data protection and privacy, global data protection laws (such as the EU s General Data Protection Regulation 1 ), state laws regulating data protection and privacy and mandates on critical infrastructure protection. Due to the continuing occurrence of data breaches, respondents predict their organization will be faced with costly class-action lawsuits and tort litigation. Following are the global megatrends that predict improvements in the state of cybersecurity over the next three years. As the threat landscape worsens, organizations will increasingly rely upon the expertise of the CISO. Over the next three years, 72% of respondents believe their responsibilities will not be limited to the IT function and will evolve in importance and span of control. Cybersecurity governance practices are expected to improve. 66% of respondents say they expect their senior IT security leaders to require frequent audits and assessments of the effectiveness of their cybersecurity policies and procedures to protect their most sensitive and confidential data assets. 60% of respondents say their boards of directors are expected to become more involved in overseeing the IT security function. 1 The European Union s General Data Protection Regulation (GDPR) goes into effect on May 25, This new regulation will have a material impact on the ways organization collect, use, store and protect sensitive information. Page 2

4 Many respondents are optimistic they will be promoted to a better position with greater authority and responsibility. 52% of respondents are positive that they will stay in their organization and advance to a position with greater authority and responsibilities, an increase from 45% of respondents in the previous study. 36% of respondents say they have no plans to change jobs, a slight increase from 34% of respondents in Companies will invest in enabling security technologies and managed security service providers as part of their cybersecurity strategy. Technologies expected to increase in importance are artificial intelligence, threat intelligence feeds and analytics in cyber defense. It is predicted that more companies will invest in big data analytics, threat intelligence sharing and the engagement of managed service providers (60%, 56% and 52% of respondents, respectively). Companies are expected to improve collaboration and reduce the complexity of business and IT operations. Companies will be more successful in reducing the complexity of their business and IT operations. Organizational barriers such as a lack of cybersecurity leadership and a lack of collaboration among the various functions are expected to improve. Part 2. Sampling of key findings In this section, we provide a deeper analysis of key megatrends that will affect the cybersecurity posture of organizations. The complete detailed findings including regional analysis and methodology for the entire study are available for review at Raytheon.com/cybertrends2018 Let s dive into two specific key megatrend predictions: The future state of cybersecurity The changing threat landscape The future state of cybersecurity IT security practitioners are more pessimistic about their ability to protect their organizations from cyber threats. As shown in Figure 1, in 2015, 59% of respondents believed that their organization s cybersecurity posture would improve and only 11% said it would decline. In this year s study, 54% of respondents expect their cybersecurity posture to stay the same (35%) or decline (19%). As discussed later in the report, the lack of suitable technologies and inability to hire and retain expert staff are the two factors most respondents see as barriers to a stronger cybersecurity posture. Page 3

5 Figure 1. Will your organization s cybersecurity posture improve in the next three years? 70% 59% 60% 50% 46% 40% 30% 20% 10% 35% 30% 19% 11% 0% Improve Stay at about the same level Decline To improve cybersecurity posture over the next three years, companies should invest in enabling technologies and staffing. This year, improvements in technology and staffing are considered most supportive of a strong cybersecurity posture (47% and 45% of respondents, respectively), according to Figure 2. In contrast, respondents in 2015 were more concerned about the need to increase funding, improve cyber intelligence and minimize employee-related risks (47%, 47% and 36% of respondents, respectively). Figure 2. Success factors that can strengthen your organization s cybersecurity posture in the next three years More than one response allowed Improvement in technologies Improvement in staffing Increase in funding Cyber intelligence improvements Improvement in threat sharing Reduction in the compliance burden Ability to minimize employee-related risk Reduction in complexity Increase in C-level support Cybersecurity leadership Other 1% 0% 10% 19% 16% 17% 19% 23% 22% 21% 25% 27% 30% 34% 33% 36% 41% 40% 47% 45% 47% 47% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% 50% Page 4

6 Over the next three years, companies that do not have suitable technologies and expert staff, as shown in Figure 3, could face a decline in their cybersecurity posture (both 53% of respondents). In the previous study, decline was also attributed to the inability of having skilled security professionals. However, a lack of actionable intelligence and employee-related risks was a concern. This may indicate that respondents in this year s study see improvements in these two areas. Figure 3. Factors that could cause a decline in your organization s cybersecurity posture in the next three years More than one response allowed Lack of suitable technologies Inability to hire and retain expert staff Lack of actionable intelligence Lack of funding Increase in compliance burden Increase in complexity and external applications hosting Inability to minimize employee-related risk Lack of C-level support Lack of cybersecurity leadership 11% 33% 45% 38% 44% 37% 34% 33% 19% 31% 31% 25% 43% 19% 29% 22% 53% 53% 0% 10% 20% 30% 40% 50% 60% IT security practitioners need to make the case that a strong cybersecurity posture protects organizations as they innovate and make important changes to their operations. According to Figure 4, only 36% of respondents say their senior leadership believes cybersecurity is a strategic priority. Based on other Ponemon Institute research, business innovation and lower costs to respond to data breaches and cyber crime can be supported by a strong cybersecurity posture, as determined by the deployment of specific practices and technologies. Furthermore, only 32% of respondents say their boards of directors are being briefed on organizations cybersecurity strategy, an increase from 22% of respondents in Page 5

7 Figure 4. Is cybersecurity a strategic priority? Yes responses Does your organization s senior leadership view cybersecurity as a strategic priority? 36% 34% Has your organization s Board of Directors been briefed on the organization s cybersecurity strategy in the past 12 months? 22% 32% 0% 5% 10% 15% 20% 25% 30% 35% 40% The changing threat landscape Cyber threats and the availability of enabling technologies will continue to have the greatest impact on the overall state of an organization s cybersecurity. As shown in Figure 5, compliance costs are expected to have a lower impact, conversely while organizational factors such as the integration of third parties into internal networks and the inability to recruit and retain qualified ITS personnel are predicted to have a bigger impact on the overall state of cybersecurity. Figure 5. Cyber threats continue to impact the overall state of cybersecurity 100 points in total, allocated according to the impact of the megatrend Cyber threats Enabling technologies Human factors Organizational factors Disruptive technologies Compliance costs Page 6

8 The risk of cyber extortion and data breaches that affect shareholder value will increase in frequency. As shown in Figure 6, CISOs will face a greater risk of cyber extortion, such as ransomware (67% of respondents) and data breaches or cybersecurity exploits that will seriously diminish their organization s shareholder value (66% of respondents). 60% of respondents predict nation-state attacks against government and commercial organizations will worsen and could potentially lead to a cyber war. Only 41% of respondents say their organizations will be able to minimize IoT risks by requiring the integration of security into the devices we build or use in the workplace. Figure 6. Predictions about cyber threats Strongly agree and Agree responses combined The risk of cyber extortion (such as ransomware) will increase in frequency and payout 67% My organization will experience a data breach or cybersecurity exploit that will seriously diminish our shareholder value 66% Nation-state attacks against government and commercial organizations will worsen and potentially lead to a cyber war 60% My organization will be able to minimize IoT (IoT) risks by requiring the integration of security into the devices we build or use in the workplace 41% 0% 10% 20% 30% 40% 50% 60% 70% 80% Cyber extortion threats will increase in frequency. Respondents were asked to rate how specific cyber threats will increase in frequency from a scale of 1 = low frequency to 5 = high frequency. Table 1 presents the cyber threats that are expected to increase significantly in the next three years. Today, 19% of respondents rate cyber extortion as very frequent, but over the next three years, 42% of respondents say this threat will be very frequent. Nation-state attacks and attacks against industrial controls and SCADA will become a more frequent and serious threat to both public and private-sector companies. Table 1. Megatrends: Frequency of cyber threats Cyber threats Today Future Difference Cyber extortion 19% 42% 23% Nation-state attacks 26% 45% 19% Attacks against industrial controls and SCADA 40% 54% 13% Compromised third parties 50% 58% 8% DDoS attacks 61% 69% 8% Android malware/targeted attacks 35% 42% 6% Clickjacking 19% 24% 5% Compromised supply chain 32% 36% 5% Page 7

9 Cyber warfare and cyber terrorism and breaches involving high-value information will have the greatest impact on organizations over the next three years. Respondents were asked to rate cyber threats from 1 = low risk to 5 = high risk. Table 2 shows the cyber threats that pose the greatest threat today and how they are expected to increase over three years. Today, 22% of respondents say cyber warfare is a high risk, but, over the next three years, 51% of respondents say it will impact their organization and the risk will be very high (a difference of 29%). Today, 43% of respondents rate the risk of breaches involving high-value information as very high, and, over the next three years, 71% of respondents say these breaches will increase in the risk they pose to organizations. Table 2. Megatrends: Cyber threats with the greatest risk Cyber threats Today Future Difference Cyber warfare or cyber terrorism 22% 51% 29% Breaches involving high-value information 43% 71% 29% Nation-state attackers 30% 58% 28% Breaches that damage critical infrastructure 37% 64% 28% Breaches that disrupt business and IT processes 41% 62% 21% Emergence of cyber syndicates 42% 60% 18% Stealth and sophistication of cyber attackers 43% 55% 12% Emergence of hacktivism 27% 36% 10% Breaches involving large volumes of data 46% 53% 7% Malicious or criminal insiders 36% 38% 1% Negligent or incompetent employees 31% 29% -3% Evolution in the use of enabling technologies and practices Companies will need to be prepared to deal with privacy and data security regulations that resemble GDPR. As Figure 7 demonstrates, 66% of respondents believe that, whether or not they operate in the EU, they will need to be prepared to comply with regulations that resemble the GDPR. More companies will invest in big data analytics, threat intelligence sharing and the engagement of managed service providers (60%, 56% and 52% of respondents, respectively). Figure 7. Predictions about technologies and practices Strongly agree and Agree responses combined The U.S. and other countries will adopt privacy and data security regulations that will resemble the European Union s (EU) General Data Protection Regulation (GDPR) 66% My organization will increase its investment in big data analytics for cyber defense 60% Sharing of threat intelligence will become a more valuable tool in our organization s security arsenal 56% My organization will increasingly rely upon managed service providers to help improve its security posture 52% 0% 10% 20% 30% 40% 50% 60% 70% Page 8

10 More companies will be hiring managed security services (MSS) to address the lack of skilled in-house staff. As discussed previously, more companies are predicted to engage MSS providers. As shown in Figure 8, almost all companies represented in this research believe these services will become an important part of the overall IT security strategy (80% of respondents). Figure 8. Predictions about the importance of MSS Essential, Very important and Important responses combined How important will your MSS be to your organization s overall IT security strategy in the next three years? 80% How important is MSS to your organization s overall IT security strategy today? 68% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Artificial intelligence in cyber defense will increase in importance. Respondents were asked to rank the importance of specific technologies today and in three years on a scale of 1 = low importance to 5 = high importance. Table 3 shows the technologies rated high in importance today and those rated high in importance in three years. Consistent with previous findings in this report, artificial intelligence in cyber defense, threat intelligence feeds and analytics in cyber defense will increase in importance. Table 3. Megatrends: Technologies that will increase in importance Enabling security technologies Today Future Difference Artificial intelligence in cyber defense 31% 71% 40% Threat intelligence feeds 44% 73% 29% Analytics in cyber defense 33% 59% 26% Block chain technologies 28% 46% 18% Unified threat management (UTM) 31% 44% 13% Next generation firewalls (NGFW) 33% 44% 11% Identity & access management 70% 81% 11% Forensics (automated tools) 23% 33% 10% Incident response tools 45% 55% 10% Page 9

11 The changing threat landscape Disruptive technologies, such as the IoT and acceptance of virtual technologies, will pose the greatest cyber risk over the next three years. Respondents were asked to rate the risk of disruptive technologies in Table 4 and how they would impact their organization from 1 = low risk to 5 = high risk. Disruptive technologies that can increase the possibility of a security incident are the IoT, acceptance of virtual currencies, use of artificial intelligence, big data analytics, use of drones and use of cloud services (SaaS). However, participants predict their ability to minimize the risks created by employees use of personal devices, employees use of insecure connectivity (such as Wi-Fi), organizations use of digital identities and organizations use of document collaboration tools will improve. Table 4. Megatrends: The impact of disruptive technologies on cyber risk Disruptive technologies Today Future Difference Participation in the IoT 38% 63% 25% Acceptance of virtual currencies 16% 36% 20% Use of artificial intelligence 18% 37% 19% Use of big data analytics 22% 34% 12% Use of drones 21% 33% 12% Use of cloud services (SaaS) 26% 34% 8% Use of mobile payments 23% 28% 5% Use of personal mobile apps 38% 43% 5% Use of IT virtualization technologies 37% 35% -2% Use of cloud infrastructure (IaaS) 27% 25% -2% Use of social media in the workplace 28% 26% -2% Use of personal devices (BYOD) 35% 26% -9% Use of insecure connectivity (such as Wi-Fi) 37% 27% -10% Use of digital identities 47% 32% -15% Use of document collaboration tools 58% 35% -23% Page 10

12 Respondents predict that a data breach caused by an unsecured IoT device is likely. Figure 9 reveals that 82% of respondents say it is very likely, likely and somewhat likely that their organization will experience a data breach caused by an unsecured IoT device in the workplace; 80% believe this type of data breach could be catastrophic. Figure 9. An IoT data breach is likely and it could be catastrophic Very likely, Likely and Somewhat likely responses combined How likely will your organization experience the loss or theft of data caused by an unsecured IoT device or application over the next three years? 82% Likelihood a security incident related to an unsecured IoT device or application could be catastrophic 80% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Companies will be spending more to achieve compliance. Respondents were asked to rate various regulations and requirements on a scale from 1 = low cost burden to 5 = high cost burden. Table 5 shows the regulations that are costly today and will remain costly over the next three years. Regulations that will have a high cost impact are federal laws regulating data protection and privacy, global data protection laws (including GDPR), state laws regulating data protection and privacy, class action and tort litigation and mandates on critical infrastructure protection. Those that will have less of a cost impact are self-regulatory programs such as PCI or NIST. Companies also will be in a better position to manage the costs of e-discovery requirements, cybersecurity governance practices and national cyber defense strategies. Table 5. Megatrends: The compliance cost burden Compliance Today Future Difference Federal laws regulating data protection and privacy 40% 60% 20% Global data protection laws (including GDPR) 47% 67% 20% State laws regulating data protection and privacy 40% 55% 15% Class action and tort litigation 31% 45% 14% Mandates on critical infrastructure protection 18% 25% 7% Self-regulatory programs (such as PCI or NIST) 31% 34% 3% E-Discovery requirements 18% 15% -3% Cybersecurity governance 36% 26% -10% National cyber defense strategies 27% 11% -15% Page 11

13 Risks created by organizational factors are expected to mainly decrease. Respondents were asked to rate the risk of organizational factors from 1 = low risk to 5 = high risk. Table 6 shows the organizational factors that pose a high risk today and predictions of those that will be a high risk over the next three years. The integration of third parties into internal networks and applications and the inability to recruit and retain qualified IT security personnel will create greater risks. However, there are positive indications that companies are becoming much better at reducing organizational barriers. Improvements will be made in reducing the complexity of business and IT operations, ability to budget for cyber defense and ability to integrate disparate technologies. Organizational risks such as the lack of cybersecurity leadership and silos and lack of collaboration are expected to improve. Table 6. Megatrends: Organizational risks Organizational factors Today Future Difference Integration of third parties into internal networks and applications 43% 59% 16% Inability to recruit and retain qualified ITS personnel 48% 62% 13% No participation in threat sharing 32% 37% 5% Inability to secure access rights to data, systems and physical spaces 42% 39% -4% Inability to integrate necessary data sources for actionable cyber intelligence 43% 36% -6% Silos and the lack of collaboration 50% 38% -12% Growth of unstructured data assets 53% 39% -14% Inability to convince leadership to make cybersecurity a priority 38% 22% -15% Lack of cybersecurity leadership 51% 35% -16% Inability to integrate disparate technologies 53% 35% -18% Lack of funding to support cyber defense 58% 38% -20% Complexity of business and IT operations 69% 32% -38% Page 12

Future State of IT Security A Survey of IT Security Executives

Future State of IT Security A Survey of IT Security Executives Future State of IT Security A Survey of IT Security Executives In Partnership with RSA Conference Independently conducted by Ponemon Institute LLC Publication Date: February 2012 Ponemon Institute Research

More information

Uncovering the Risk of SAP Cyber Breaches

Uncovering the Risk of SAP Cyber Breaches Uncovering the Risk of SAP Cyber Breaches Research sponsored by Onapsis Independently Conducted by Ponemon Institute LLC February 2016 1 Part 1. Introduction Uncovering the Risks of SAP Cyber Breaches

More information

The Cost of Denial-of-Services Attacks

The Cost of Denial-of-Services Attacks The Cost of Denial-of-Services Attacks Sponsored by Akamai Technologies Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report The Cost of Denial-of-Service

More information

Sponsored by Raytheon. Don t Wait: The Evolution of Proactive Threat Hunting Executive Summary

Sponsored by Raytheon. Don t Wait: The Evolution of Proactive Threat Hunting Executive Summary Don t Wait: The Evolution of Proactive Threat Hunting Executive Summary Sponsored by Raytheon Independently conducted by Ponemon Institute LLC Publication Date: June 2016 Connect with us: #DontWaitHunt

More information

Run the business. Not the risks.

Run the business. Not the risks. Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.

More information

Data Protection Risks & Regulations in the Global Economy

Data Protection Risks & Regulations in the Global Economy Data Protection Risks & Regulations in the Global Economy Sponsored by Experian Data Breach Resolution Independently conducted by Ponemon Institute LLC Publication Date: June 2017 Ponemon Institute Research

More information

2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)

2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) 2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) Sponsored by Keeper Security Independently conducted by Ponemon Institute LLC Publication Date: June 2016 Ponemon Institute Research

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update)

ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) ICBA Summary of FFIEC Cybersecurity Assessment Tool (May 2017 Update) June 2017 INSERT YEAR HERE Contact Information: Jeremy Dalpiaz AVP, Cyber and Data Security Policy Jeremy.Dalpiaz@icba.org ICBA Summary

More information

Building a Resilient Security Posture for Effective Breach Prevention

Building a Resilient Security Posture for Effective Breach Prevention SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.

More information

CYBER INSURANCE: MANAGING THE RISK

CYBER INSURANCE: MANAGING THE RISK CYBER INSURANCE: MANAGING THE RISK LEON FOUCHE PARTNER & NATIONAL CYBERSECURITY LEAD BDO AUSTRALIA MEMBER OF THE GLOBAL CYBERSECURITY LEADERSHIP GROUP ii CYBER INSURANCE: MANAGING THE RISK There s no doubt

More information

GDPR Update and ENISA guidelines

GDPR Update and ENISA guidelines GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure

More information

Cyber Resilience - Protecting your Business 1

Cyber Resilience - Protecting your Business 1 Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience - Protecting your Business 1 2 Cyber Resilience - Protecting your Business Cyber Resilience

More information

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic

More information

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation IBM X-Force 2012 & CISO Survey Cyber Security Threat Landscape 1 2012 IBM Corporation IBM X-Force 2011 Trend and Risk Report Highlights The mission of the IBM X-Force research and development team is to:

More information

European Union Agency for Network and Information Security

European Union Agency for Network and Information Security Critical Information Infrastructure Protection in the EU Evangelos Ouzounis Head of Secure Infrastructure and Services Regional Cybersecurity Forum Sofia, Bulgaria 29 th November 2016 European Union Agency

More information

Cyber Attacks & Breaches It s not if, it s When

Cyber Attacks & Breaches It s not if, it s When ` Cyber Attacks & Breaches It s not if, it s When IMRI Team Aliso Viejo, CA Trusted Leader with Solution Oriented Results Since 1992 Data Center/Cloud Computing/Consolidation/Operations 15 facilities,

More information

The Impact of Cybersecurity, Data Privacy and Social Media

The Impact of Cybersecurity, Data Privacy and Social Media Doing Business in a Connected World The Impact of Cybersecurity, Data Privacy and Social Media Security Incident tprevention and Response: Customizing i a Formula for Results Joseph hm. Ah Asher Marcus

More information

Copyright 2016 EMC Corporation. All rights reserved.

Copyright 2016 EMC Corporation. All rights reserved. 1 BUILDING BUSINESS RESILIENCY Isolated Recovery Services NAZIR VELLANI (ERNST & YOUNG) & DAVID EDBORG (EMC GLOBAL SERVICES) 2 PRESENTERS Nazir Vellani (EY) Senior Manager Tel: +1 214 596 8985 Email: nazir.vellani@ey.com

More information

To Audit Your IAM Program

To Audit Your IAM Program Top Five Reasons To Audit Your IAM Program Best-in-class organizations are auditing their IAM programs - are you? focal-point.com Introduction Stolen credentials are the bread and butter of today s hacker.

More information

AT&T Endpoint Security

AT&T Endpoint Security AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction

More information

Cybersecurity and the Board of Directors

Cybersecurity and the Board of Directors Cybersecurity and the Board of Directors Key Findings from BITS/FSR Meetings OVERVIEW Board directors are increasingly required to engage in cybersecurity risk management yet some may need better education

More information

KEY FINDINGS INTERACTIVE GUIDE. Uncovering Hidden Threats within Encrypted Traffic

KEY FINDINGS INTERACTIVE GUIDE. Uncovering Hidden Threats within Encrypted Traffic KEY FINDINGS INTERACTIVE GUIDE Uncovering Hidden Threats within Encrypted Traffic Introduction In a study commissioned by A10 Networks, Ponemon surveyed 1,023 IT and IT security practitioners in North

More information

PROFILE: ACCESS DATA

PROFILE: ACCESS DATA COMPANY PROFILE PROFILE: ACCESS DATA MARCH 2011 AccessData Group provides digital investigations and litigation support software and services for corporations, law firms, law enforcement, government agencies

More information

Securing a Dynamic Infrastructure. IT Virtualization new challenges

Securing a Dynamic Infrastructure. IT Virtualization new challenges Christian Fahlke GMT Channel Leader Internet Security Systems IBM Central & Eastern Europe, Middle East and Africa (CEEMEA) May 20th, 2009 Securing a Dynamic Infrastructure IT Virtualization new challenges

More information

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Service SM Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution Product Protecting sensitive data is critical to being

More information

Cybersecurity, safety and resilience - Airline perspective

Cybersecurity, safety and resilience - Airline perspective Arab Civil Aviation Commission - ACAC/ICAO MID GNSS Workshop Cybersecurity, safety and resilience - Airline perspective Rabat, November, 2017 Presented by Adlen LOUKIL, Ph.D CEO, Resys-consultants Advisory,

More information

The State of Cybersecurity in Healthcare Organizations in 2016

The State of Cybersecurity in Healthcare Organizations in 2016 THE STATE OF CYBERSECURITY IN HEALTHCARE ORGANIZATIONS IN 2016 The State of Cybersecurity in Healthcare Organizations in 2016 Independently conducted by Ponemon Institute LLC Sponsored by ESET Publication

More information

Top 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)

Top 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted) ESG Lab Review Sophos Security Heartbeat Date: January 2016 Author: Tony Palmer, Sr. ESG Lab Analyst; and Jack Poller, ESG Lab Analyst Abstract: This report examines the key attributes of Sophos synchronized

More information

CHALLENGES GOVERNANCE INTEGRATION SECURITY

CHALLENGES GOVERNANCE INTEGRATION SECURITY CLOUD SERVICES The adoption and migration to the cloud is rooted in the need for speed and flexibility in creating and managing services. These benefits are often impacted by the difficulty of enterprises

More information

Big Data Cybersecurity Analytics Research Report Sponsored by Cloudera

Big Data Cybersecurity Analytics Research Report Sponsored by Cloudera Big Data Cybersecurity Analytics Research Report! Sponsored by Cloudera Independently conducted by Ponemon Institute LLC Publication Date: August 2016 Ponemon Institute Research Report Part 1. Introduction

More information

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 www.pwc.com RIMS Perk Session 2015 - Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015 Los Angeles RIMS Agenda Introductions What is Cybersecurity? Crown jewels The bad

More information

HEALTH CARE AND CYBER SECURITY:

HEALTH CARE AND CYBER SECURITY: HEALTH CARE AND CYBER SECURITY: Increasing Threats Require Increased Capabilities kpmg.com 1 HEALTH CARE AND CYBER SECURITY EXECUTIVE SUMMARY Four-fifths of executives at healthcare providers and payers

More information

OWASP CISO Survey Report 2015 Tactical Insights for Managers

OWASP CISO Survey Report 2015 Tactical Insights for Managers OWASP CISO Survey Report 2015 Tactical Insights for Managers Disclaimer The views and opinions expressed in this presentation are those of the author and not of any organisation. Everything I say is my

More information

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank

Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Credit Union Cyber Crisis: Gaining Awareness and Combatting Cyber Threats Without Breaking the Bank Introduction The 6,331 credit unions in the United States face a unique challenge when it comes to cybersecurity.

More information

SRM Service Guide. Smart Security. Smart Compliance. Service Guide

SRM Service Guide. Smart Security. Smart Compliance. Service Guide SRM Service Guide Smart Security. Smart Compliance. Service Guide Copyright Security Risk Management Limited Smart Security. Smart Compliance. Introduction Security Risk Management s (SRM) specialists

More information

Security and Privacy Governance Program Guidelines

Security and Privacy Governance Program Guidelines Security and Privacy Governance Program Guidelines Effective Security and Privacy Programs start with attention to Governance. Governance refers to the roles and responsibilities that are established by

More information

Understanding Federal Cybersecurity Strategies. Best Practices For Agencies In a World of Expanding Risk

Understanding Federal Cybersecurity Strategies. Best Practices For Agencies In a World of Expanding Risk Understanding Federal Cybersecurity Strategies Best Practices For Agencies In a World of Expanding Risk Executive summary Are you confident in your agency s cybersecurity? Do you think you are detecting

More information

Best Practices in Securing a Multicloud World

Best Practices in Securing a Multicloud World Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers

More information

Security in India: Enabling a New Connected Era

Security in India: Enabling a New Connected Era White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile

More information

AUDIT UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY. Report No Issue Date: 8 January 2014

AUDIT UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY. Report No Issue Date: 8 January 2014 UNITED NATIONS DEVELOPMENT PROGRAMME AUDIT OF UNITED NATIONS VOLUNTEERS PROGRAMME INFORMATION AND COMMUNICATION TECHNOLOGY Report No. 1173 Issue Date: 8 January 2014 Table of Contents Executive Summary

More information

Modern Database Architectures Demand Modern Data Security Measures

Modern Database Architectures Demand Modern Data Security Measures Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing

More information

GRC SURVEY RESULT Please indicate your profession

GRC SURVEY RESULT Please indicate your profession COPENHAGEN?=! CO?=! MPLIANCE T o p i c a l a n d T i m e l y Riskability GRC Controllers Governance, Risk & Compliance COPENHAGEN?=! CHARTER Bribery, Fraud & Corruption GRC SURVEY RESULT. Please indicate

More information

RSA NetWitness Suite Respond in Minutes, Not Months

RSA NetWitness Suite Respond in Minutes, Not Months RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations

More information

Never a dull moment. Media Conference «Clarity on Cyber Security» 24 May 2016

Never a dull moment. Media Conference «Clarity on Cyber Security» 24 May 2016 Never a dull moment Media Conference «Clarity on Cyber Security» 24 May 2016 1 Introduction 2 Why this study? 3 Methodology of the survey Online survey with 43 questions 60 participants from C-Level 35

More information

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report Nationwide Cyber Security Review: Summary Report ii Nationwide Cyber Security Review: Summary Report Acknowledgments The Multi-State Information Sharing

More information

CLOSING IN FEDERAL ENDPOINT SECURITY

CLOSING IN FEDERAL ENDPOINT SECURITY CLOSING IN FEDERAL ENDPOINT SECURITY More than half of agency IT officials worry about cyberattacks involving endpoint devices as a means of accessing agency networks. Yet many aren t taking advantage

More information

The value of visibility. Cybersecurity risk management examination

The value of visibility. Cybersecurity risk management examination The value of visibility Cybersecurity risk management examination Welcome to the "new normal" Cyberattacks are inevitable. In fact, it s no longer a question of if a breach will occur but when. Cybercriminals

More information

Data security: How a proactive C-suite can reduce cyber-risk for the enterprise

Data security: How a proactive C-suite can reduce cyber-risk for the enterprise A report from The Economist Intelligence Unit Data security: How a proactive C-suite can reduce cyber-risk for the enterprise The number one technology issue in the C-suite today is cyber-security. 1 And

More information

Cybersecurity Auditing in an Unsecure World

Cybersecurity Auditing in an Unsecure World About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity

More information

EU Innovation Investments: The Challenges met by Innovation Infrastructures Today in Europe

EU Innovation Investments: The Challenges met by Innovation Infrastructures Today in Europe EU Innovation Investments: The Challenges met by Innovation Infrastructures Today in Europe Ronan Burgess Acting Head of Unit A1 Photonics Directorate A - Components and Systems DG CONNECT, European Commission

More information

ACHIEVING FIFTH GENERATION CYBER SECURITY

ACHIEVING FIFTH GENERATION CYBER SECURITY ACHIEVING FIFTH GENERATION CYBER SECURITY A Survey Research Report of IT and Security Professionals MARCH 2018 INTRODUCTION The pursuit of the highest level of cyber security is a top priority for IT and

More information

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Cyber Security and Inside Threats: Turning Policies into Practices Presented by Ingrid Fredeen and Pamela Passman Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0 Presented By Ingrid Fredeen, J.D.

More information

COST OF CYBER CRIME STUDY

COST OF CYBER CRIME STUDY 2017 COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE Independently conducted by Ponemon Institute LLC and jointly developed by Accenture EXECUTIVE SUMMARY Average

More information

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines

New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services Cybersecurity Regulation Compliance and Certification Deadlines New York Department of Financial Services ( DFS ) Regulation 23 NYCRR 500 requires that entities

More information

RSA Cybersecurity Poverty Index

RSA Cybersecurity Poverty Index RSA Cybersecurity Poverty Index 2016 RSA Cybersecurity Poverty Index Overview Welcome to RSA s second annual Cybersecurity Poverty Index. The RSA Cybersecurity Poverty Index is the result of an annual

More information

2017 Cost of Data Breach Study

2017 Cost of Data Breach Study 2017 Cost of Data Breach Study South Africa Benchmark research sponsored by IBM Security Independently conducted by Ponemon Institute LLC June 2017 Ponemon Institute Research Report 2017 Cost of Data Breach

More information

U.S. Customs and Border Protection Cybersecurity Strategy

U.S. Customs and Border Protection Cybersecurity Strategy 42% U.S. Customs and Border Protection Cybersecurity Strategy Enabling the Mission Through Secure Technology 19% 42% 19% 42% 41% 9% 19% 1% Table of Contents Message from the Commissioner Executive Summary

More information

Cyber Security. June 2015

Cyber Security. June 2015 Cyber Security June 2015 Table of contents Section Pages Introduction and methodology 3 Key findings 4 Respondent profile 5-9 Cyber security practices 10-25 Resources for monitoring cyber security events

More information

Hacking and Cyber Espionage

Hacking and Cyber Espionage Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge

More information

Cyber Security and Cyber Fraud

Cyber Security and Cyber Fraud Cyber Security and Cyber Fraud Remarks by Andrew Ross Director, Payments and Cyber Security Canadian Bankers Association for Senate Standing Committee on Banking, Trade, and Commerce October 26, 2017 Ottawa

More information

DHS Cybersecurity: Services for State and Local Officials. February 2017

DHS Cybersecurity: Services for State and Local Officials. February 2017 DHS Cybersecurity: Services for State and Local Officials February 2017 Department of Established in March of 2003 and combined 22 different Federal departments and agencies into a unified, integrated

More information

Best Practices in ICS Security for System Operators

Best Practices in ICS Security for System Operators Best Practices in ICS Security for System Operators Introduction Industrial automation and control systems have become increasingly connected to internal and external networks. This exposure has resulted

More information

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire Expert Reference Series of White Papers Cisco Completes the Security Picture with Sourcefire 1-800-COURSES www.globalknowledge.com Cisco Completes the Security Picture with Sourcefire Rich Hummel, CCNA,

More information

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017

DHS Cybersecurity. Election Infrastructure as Critical Infrastructure. June 2017 DHS Cybersecurity Election Infrastructure as Critical Infrastructure June 2017 Department of Homeland Security Safeguard the American People, Our Homeland, and Our Values Homeland Security Missions 1.

More information

Current skills gap for capable CTI analysts: Training for forensics & analysis

Current skills gap for capable CTI analysts: Training for forensics & analysis Current skills gap for capable CTI analysts: Training for forensics & analysis WORKSHOP CTI EU Bonding EU Cyber Threat Intelligence 30-31 October, Link Campus University, Rome, Italy Ing. Selene Giupponi

More information

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.

More information

Effective Cyber Incident Response in Insurance Companies

Effective Cyber Incident Response in Insurance Companies August 2017 Effective Cyber Incident Response in Insurance Companies An article by Raj K. Chaudhary, CRISC, CGEIT; Troy M. La Huis; and Lucas J. Morris, CISSP Audit / Tax / Advisory / Risk / Performance

More information

CISO as Change Agent: Getting to Yes

CISO as Change Agent: Getting to Yes SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch

More information

IDC FutureScape: Worldwide Security Products and Services 2017 Predictions

IDC FutureScape: Worldwide Security Products and Services 2017 Predictions IDC FutureScape: Worldwide Security Products and Services 2017 Predictions Sean Pike, Program Vice President, Robert Ayoub, Research Director IDC Web Conference December, 7, 2016 Logistics Submit any questions

More information

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments Today s PCI compliance landscape is one of continuing change and scrutiny. Given the number

More information

Cyber risk in advanced manufacturing

Cyber risk in advanced manufacturing Cyber risk in advanced manufacturing Contents 1 2 3 4 5 6 7 8 9 10 11 Executive summary 3 Executive and board-level engagement 14 Talent and human capital 22 Protecting intellectual property 30 Inherent

More information

RESOLVING HIGH-TECH'S SECURITY CHALLENGE

RESOLVING HIGH-TECH'S SECURITY CHALLENGE RESOLVING HIGH-TECH'S SECURITY CHALLENGE CONFIDENCE MASKS VULNERABILITY: ASSESSING CYBERSECURITY PERCEPTIONS Steeped in innovation and cutting-edge technology, the high-tech sector attracts serious attention

More information

Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties

Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties Cybersecurity: Pre-Breach Preparedness and Post-Breach Duties Thursday, October 5, 2017 Presented by: Gerrit Nel, Senior Manager, Cyber Security, KPMG Sunny Handa, Partner, Montreal Cathy Beagan Flood,

More information

Optimisation drives digital transformation

Optimisation drives digital transformation January 2017 Executive summary Forward-thinking business leaders are challenging their organisations to achieve transformation by harnessing digital technologies with organisational, operational, and business

More information

COMPLIANCE, THE PRIVACY BY DESIGN APPROACH TO PROTECT PERSONAL DATA. European Union General Data Protection Regulation (GDPR)

COMPLIANCE, THE PRIVACY BY DESIGN APPROACH TO PROTECT PERSONAL DATA. European Union General Data Protection Regulation (GDPR) COMPLIANCE, THE PRIVACY BY DESIGN APPROACH TO PROTECT PERSONAL DATA European Union General Data Protection Regulation CONTENTS Executive summary 3 The GDPR and its impact 4 New challenges with protecting

More information

WHITE PAPER. Title. Managed Services for SAS Technology

WHITE PAPER. Title. Managed Services for SAS Technology WHITE PAPER Hosted Title Managed Services for SAS Technology ii Contents Performance... 1 Optimal storage and sizing...1 Secure, no-hassle access...2 Dedicated computing infrastructure...2 Early and pre-emptive

More information

Webcast title in Verdana Regular

Webcast title in Verdana Regular Medical devices and the Internet of Things: A threelayer defense against cyber threats Webcast title in Verdana Regular The Dbriefs Industries series Veronica Lim, Principal, Deloitte & Touche LLP Russell

More information

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response

Cyber Incident Response. Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response Cyber Incident Response Prepare for the inevitable. Respond to evolving threats. Recover rapidly. Cyber Incident Response 1 2 Today, no Canadian business is immune from a potential attack. It s no longer

More information

A Framework for Managing Crime and Fraud

A Framework for Managing Crime and Fraud A Framework for Managing Crime and Fraud ASIS International Asia Pacific Security Forum & Exhibition Macau, December 4, 2013 Torsten Wolf, CPP Head of Group Security Operations Agenda Introduction Economic

More information

SIEM: Five Requirements that Solve the Bigger Business Issues

SIEM: Five Requirements that Solve the Bigger Business Issues SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered

More information

Gladiator Hosted Network Solutions Raising the Bar on Risk and Compliance: Hosted Network Services and your Cloud Service Provider.

Gladiator Hosted Network Solutions Raising the Bar on Risk and Compliance: Hosted Network Services and your Cloud Service Provider. Gladiator Hosted Network Solutions Raising the Bar on Risk and Compliance: Hosted Network Services and your Cloud Service Provider. Presenter(s): Ray Kline - Gladiator Sales Engineering Jenny Roland-Vlach

More information

GLOBAL ENCRYPTION TRENDS STUDY

GLOBAL ENCRYPTION TRENDS STUDY GLOBAL ENCRYPTION TRENDS STUDY April 2017 EXECUTIVE SUMMARY EXECUTIVE SUMMARY Ponemon Institute is pleased to present the findings of the 2017 Global Encryption Trends Study, sponsored by Thales e-security.

More information

THE CONVERGENCE OF PHYSICAL AND LOGICAL ACCESS: WHAT IT REALLY MEANS FOR AN ORGANIZATION S SECURITY

THE CONVERGENCE OF PHYSICAL AND LOGICAL ACCESS: WHAT IT REALLY MEANS FOR AN ORGANIZATION S SECURITY THE CONVERGENCE OF PHYSICAL AND LOGICAL ACCESS: WHAT IT REALLY MEANS FOR AN ORGANIZATION S SECURITY FOR MANY SECURITY PROFESSIONALS, recent high-profile data breaches have shifted attention to external

More information

NCSF Foundation Certification

NCSF Foundation Certification NCSF Foundation Certification Overview This ACQUIROS accredited training program is targeted at IT and Cybersecurity professionals looking to become certified on how to operationalize the NIST Cybersecurity

More information

Cyber Security Technologies

Cyber Security Technologies 1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales

More information

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help WHITE PAPER The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help ii Contents Personal Data Defined... 1 Why the GDPR Is Such a Big Deal... 2 Are You Ready?...

More information

SD-WAN. Enabling the Enterprise to Overcome Barriers to Digital Transformation. An IDC InfoBrief Sponsored by Comcast

SD-WAN. Enabling the Enterprise to Overcome Barriers to Digital Transformation. An IDC InfoBrief Sponsored by Comcast SD-WAN Enabling the Enterprise to Overcome Barriers to Digital Transformation An IDC InfoBrief Sponsored by Comcast SD-WAN Is Emerging as an Important Driver of Business Results The increasing need for

More information

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY: June 2013 Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information can be easily transported and lost, while the

More information

Enhancing the cyber security &

Enhancing the cyber security & Enhancing the cyber security & resilience of transport infrastructure in Europe European Union Agency for Network and Information Security Securing Europe s Information society 2 Positioning ENISA activities

More information

The 2017 State of Endpoint Security Risk

The 2017 State of Endpoint Security Risk The 2017 State of Endpoint Security Risk Attacks are evolving. As a result, today s organizations are struggling to secure their endpoints, and paying a steep cost for each successful attack. To discover

More information

THE 2017 STATE OF CYBERSECURITY METRICS ANNUAL REPORT

THE 2017 STATE OF CYBERSECURITY METRICS ANNUAL REPORT THE 2017 STATE OF CYBERSECURITY METRICS ANNUAL REPORT Groundbreaking Security Measurement Index benchmark survey examines the disturbing lack of cybersecurity metrics worldwide Most companies failing at

More information

Bored with Your Board s Involvement with Privacy/Security Program?

Bored with Your Board s Involvement with Privacy/Security Program? Bored with Your Board s Involvement with Privacy/Security Program? Marti Arvin, Cynergistek Joseph A. Dickinson, Tucker Ellis March 28, 2017 1 Initial Exercise: CISO Board Update Board of Directors/Trustees

More information

Cisco Start. IT solutions designed to propel your business

Cisco Start. IT solutions designed to propel your business Cisco Start IT solutions designed to propel your business Small and medium-sized businesses (SMBs) typically have very limited resources to invest in new technologies. With every IT investment made, they

More information

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY:

THE IMPACT OF MOBILE DEVICES ON INFORMATION SECURITY: October Sponsored by Introduction Mobile devices cause ongoing concern for IT teams responsible for information security. Sensitive corporate information is easily transported outside of managed environments,

More information

The NIS Directive and Cybersecurity in

The NIS Directive and Cybersecurity in The NIS Directive and Cybersecurity in ehealth Dr. Athanasios Drougkas Officer in NIS Belgian Hospitals Meeting on Security Brussels 13 th October European Union Agency For Network And Information Security

More information

SIEM Solutions from McAfee

SIEM Solutions from McAfee SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an

More information

CISM Certified Information Security Manager

CISM Certified Information Security Manager CISM Certified Information Security Manager Firebrand Custom Designed Courseware Logistics Start Time Breaks End Time Fire escapes Instructor Introductions Introduction to Information Security Management

More information

Checklist: Credit Union Information Security and Privacy Policies

Checklist: Credit Union Information Security and Privacy Policies Checklist: Credit Union Information Security and Privacy Policies Acceptable Use Access Control and Password Management Background Check Backup and Recovery Bank Secrecy Act/Anti-Money Laundering/OFAC

More information

ISO/IEC Safeguarding Personal Information in the Cloud. Whitepaper

ISO/IEC Safeguarding Personal Information in the Cloud. Whitepaper ISO/IEC 27018 Safeguarding Personal Information in the Cloud Whitepaper The ISO/IEC 27018 standard ISO/IEC 27001 only goes so far. To deal with the additional concerns associated with the processing of

More information