12 Things You Should Know About Cyber-Defenses

 
 
By Karen A. Frenkel  |  Posted 08-12-2014 Email Print this article Print
 
 
 
 
 
 
 
 
 
  • Previous
    Vast Majority of IT Firms Victimized
    Next

    Vast Majority of IT Firms Victimized

    96% of IT organizations surveyed experienced "significant" IT security incidents in 2013. Only 33%, however, are "highly confident" that their organizations will improve their less mature security controls.
  • Previous
    Threats More Complex and Challenging
    Next

    Threats More Complex and Challenging

    43% of respondents see problem prevention, identification, diagnosis and remediation as more challenging than in 2012. The problem? Increased operational complexity and the current threat landscape.
  • Previous
    Multiple Security Incidents
    Next

    Multiple Security Incidents

    17% of organizations had five or more significant security incidents in the past 12 months. 39% had two or more significant incidents.
  • Previous
    Top Four Security Incidents
    Next

    Top Four Security Incidents

    The leading security incidents were phishing, compliance policy violations, unsanctioned device and application use and unauthorized data access.
  • Previous
    The Most-Cited Security Issues
    Next

    The Most-Cited Security Issues

    The top five security issues were: Malware and advanced threats, Application and wireless security, Network resource access, Unsanctioned application and personal mobile device use, Data leakage
  • Previous
    Control Practices That Need Improvement
    Next

    Control Practices That Need Improvement

    The following five were cited as relatively immature practices: Personal mobile device usage, Perimeter threats, Inventory management and endpoint compliance, Virtualization security, Rogue device and application security
  • Previous
    Low Expectations for Adherence to Policy
    Next

    Low Expectations for Adherence to Policy

    61% of respondents cite low to no confidence in adherence to policies concerning network device intelligence, maintaining configuration standards and defenses on devices, and ensuring virtual machine and remote devices.
  • Previous
    Malware and APTs Are Top Priorities
    Next

    Malware and APTs Are Top Priorities

    Malware and advanced persistent threats are leading priorities for all industries and regions, but companies are less likely to invest further resources to reduce perimeter threats.
  • Previous
    Significant Compliance Policy Violations
    Next

    Significant Compliance Policy Violations

    Compliance policy violations that consumed a lot of time occurred 2.6 times in the last year, on average. More violations occurred in the U.S., compared to the U.K.
  • Previous
    Most Prone to Phishing Attacks?
    Next

    Most Prone to Phishing Attacks?

    Manufacturing, education, and finance sectors are more prone to phishing, whereas the health-care sector is more likely to suffer from compliance policy violations.
  • Previous
    The Problems of Financial Institutions
    Next

    The Problems of Financial Institutions

    Overall, financial institutions, compared to other sectors, found problem remediation more challenging. They were also subjected to more phishing attacks, compliance policy violations, unsanctioned application use and data leakage.
  • Previous
    The Impact of BYOD
    Next

    The Impact of BYOD

    78% of respondents say BYOD is having an impact on governance, risk and compliance. In general, the retail sector is more progressive on BYOD security, but Europeans cite data wiping and encryption as having a higher impact on governance, risk and compliance than others.
 

Virtually all IT organizations experienced a significant IT security incident in 2013 and most of them know some of their security measures are immature or ineffective, but only one-third are confident their less-mature security controls will soon improve. These findings are from a new report, "2014 Cyber Defense Maturity Report," from ForeScout, a network security firm. Survey respondents included 1,600 IT information security decision-makers in U.S. or European companies with more than 500 employees, and spanned five industry sectors. Conducted during May and June of this year, the ForeScout study reflects security threats and the extent of defense maturity in organizations in finance, manufacturing, health-care, retail and education sectors. "The findings provide a useful snapshot of the state of exposures, controls and investment across global regions and industries," says Scott Gordon, chief marketing officer at ForeScout. "The independent research clearly validates the need for continuous monitoring, intelligence and mitigation capabilities." For more about the report (registration required), click here

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date