[May 19, 2015] |
|
New Ponemon Institute Survey Reveals Time to Identify Advanced Threats is 98 Days for Financial Services Firms, 197 Days for Retail
Financial Services and Retail organizations agree, advanced threats are
the most serious security challenge facing their organizations. Despite
the concern, both industries struggle to identify these attacks once
they are inside their network, according to a new Ponemon Institute (News - Alert)
Survey, sponsored by Arbor
Networks, a leading provider of DDoS and advanced threat protection
solutions for enterprise and service provider networks.
This Smart News Release features multimedia. View the full release here:
http://www.businesswire.com/news/home/20150519005417/en/
Known as 'dwell' time, the time it takes to identify these attacks is 98
days for Financial Services firms, and 197 days for Retail. Despite
these results, 58 percent of Financial Services and 71 percent of Retail
organizations said they are not optimistic about their ability to
improve these results in the coming year. This is alarming considering
the number of attacks targeting their networks. Within Financial
Services, 83 percent experienced more than 50 attacks per month, while
44 percent of Retail firms did.
"The big takeaway from our research is that more investment is needed in
both security operations staff and in security tools, which can help
companies efficiently and accurately detect and respond to security
incidents," said Dr. Larry Ponemon, chairman and founder, Ponemon
Institute. "The time to detect an advanced threat is far too long;
attackers are getting in and staying long enough that the damage caused
is often irreparable."
"It's time to find a better balance between technology solutions,
usability, workflow and the people who use them. As security vendors, we
need to help our customers so they can adapt to this new cyber security
reality that balances the threats with the people who fight them every
day," said Matthew Moynahan, president of Arbor Networks (News - Alert).
Overview In the wake of high profile mega breaches, the
Ponemon Institute surveyed Financial Services and Retail firms in North
America and Europe, Middle East and Africa (EMEA) to better understand
how they are dealing with attacks targeting their organizations. The
survey asked how these organizations manage the explosion in advanced
threats and distributed denial of service (DDoS) attacks targeting their
infrastructure; how effective (or not) their IT investments are; and how
they are adapting incident response procedures and integrating threat
intelligence for better visibility, insight and context.
Key Findings Among Financial Services Firms
Advanced Threats
-
71 percent view technologies that provide intelligence about networks
and traffic as most promising at stopping or minimizing advance
threats during the seven phases of the Kill Chain
-
45 percent have implemented incident response procedures
-
43 percent have established threat sharing with other companies or
government entities
DDoS Attacks
-
55 percent consider DDoS attacks as an advanced threat
-
48 percent 'Strongl Agree' or 'Agree' that they are effective in
containing DDoS attacks
-
45 percent have established threat sharing with other companies or
government entities to minimize or contain the impact of DDoS attacks
Budgets & Staffing
-
Budgets are allocated 40 percent towards Technology; 37 percent to
Staffing and 20 percent to Managed Services
Key Findings Among Retail Firms
Advanced Threats
-
64 percent view technologies that provide intelligence about networks
and traffic as most promising at stopping or minimizing advance
threats during the seven phases of the Kill Chain
-
34 percent have implemented incident response procedures
-
17 percent have established threat sharing with other companies or
government entities
DDoS Attacks
-
50 percent consider DDoS attacks as an advanced threat
-
39 percent firms 'Strongly Agree' or 'Agree' that they are effective
in containing DDoS attacks
-
13 percent have established threat sharing with other companies or
government entities to minimize or contain the impact of DDoS attacks
Budgets & Staffing
-
Budgets are allocated 34 percent towards Technology; 27 percent to
Staffing and 34 percent to Managed Services.
Research Methodology
-
Financial Services Organizations surveyed include 844 IT and IT
security practitioners in North America and in 14 countries in Europe,
Middle East & Africa (EMEA)
-
Retail organizations surveyed include 675 IT and IT security
practitioners in North America and in 14 countries in Europe, Middle
East & Africa (EMEA)
-
In both cases, only IT practitioners who are familiar with their
companies' defense against cyber security attacks and have
responsibility for directing cyber security activities within the
company were selected to participate
Supporting Resources:
About Ponemon Institute Ponemon Institute is dedicated to
advancing responsible information and privacy management practices in
business and government. To achieve this objective, the Institute
conducts independent research, educates leaders from the private and
public sectors and verifies the privacy and data protection practices of
organizations in a variety of industries.
About Arbor Networks Arbor Networks, Inc. helps secure the
world's largest enterprise and service provider networks from DDoS
attacks and advanced threats. Arbor is the world's leading provider of
DDoS protection in the enterprise, carrier and mobile market segments,
according to Infonetics Research (News - Alert). Arbor's advanced threat solutions
deliver complete network visibility through a combination of packet
capture and NetFlow technology, enabling the rapid detection and
mitigation of malware and malicious insiders. Arbor also delivers market
leading analytics for dynamic incident response, historical analysis,
visualization and forensics. Arbor strives to be a "force multiplier,"
making network and security teams the experts. Our goal is to provide a
richer picture into networks and more security context - so customers
can solve problems faster and reduce the risk to their business.
To learn more about Arbor products and services, please visit our
website at arbornetworks.com.
Arbor's research, analysis and insight, together with data from the
ATLAS global threat intelligence system, can be found at the ATLAS
Threat Portal.
Trademark Notice: Arbor Networks, the Arbor Networks logo, Peakflow,
ArbOS, Pravail, Cloud Signaling, Arbor Cloud, ATLAS, We see things
others can't.TM and Arbor Networks. Smart.
Available. Secure. are all trademarks of Arbor Networks, Inc. All other
brands may be the trademarks of their respective owners.
View source version on businesswire.com: http://www.businesswire.com/news/home/20150519005417/en/
[ Back To Homepage ]
|