MEASURING TRUST IN PRIVACY AND SECURITY
Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates


Blog

Welcome to my new blog. I look forward to providing interesting content from our latest research studies. Please stay tuned to some very thought provoking research!

New Ponemon Study on Malware Detection & Prevention Released
March 18, 2016, 10:00 am


The State of Malware Detection & Prevention sponsored by Cyphort reveals the difficulty of preventing and detecting malware and advanced threats. The IT function also seems to lack the information and intelligence necessary to update senior executives on cybersecurity risks.

Other key findings include the following:

Companies are ineffective in dealing with malware and advanced threats. Only 39 percent of respondents rate their ability to detect a cyber attack as highly effective, and similarly only 30 percent rate their ability to prevent cyber attacks as highly effective. Respondents also say their organizations are doing poorly in prioritizing alerts and minimizing false positives. As mentioned above, a significant amount time is spent chasing false positives but not prioritizing alerts.

Most respondents say C-level executives aren’t concerned about cyber threats. Respondents admit they do not have the intelligence and necessary information to effectively update senior executives on cyber threats. If they do meet with senior executives, 70 percent of respondents say they report on these risks to C-level executives only on a need-to-know basis (36 percent of respondents) or never (34 percent of respondents).

Sixty-three percent of respondents say their companies had one or more advanced attacks during the past 12 months. On average, it took 170 days to detect an advanced attack, 39 days to contain it and 43 days to remediate it.

The percentage of malware alerts investigated and determined to be false positives. On average, 29 percent of all malware alerts received by their security operations team are investigated and an average of 40 percent are considered to be false positives. Only 18 percent of respondents say their malware detection tool provides a level of risk for each incident.

Do organizations reimage endpoints based on malware detected in the network? More than half (51 percent) of respondents say their organization reimages endpoints based on malware detected in the network. An average of 33 percent of endpoint re-images or remediations are performed without knowing whether it was truly infected. The most effective solutions for the remediation of advanced attacks are network-based sandboxing and network behavior anomaly analysis.

The full report can be found at:  http://go.cyphort.com/Ponemon-Report-Page.html

Warmest wishes,

Dr. Larry Ponemon
Chairman & Founder
Ponemon Institute

Healthcare organizations are in the cross hairs of cyber attackers
February 29, 2016, 12:00 am

The State of Cybersecurity in Healthcare Organizations in 2016, sponsored by ESET, found that on average, healthcare organizations represented in this study have experienced almost one cyber attack per month over the past 12 months. Almost half (48 percent) of respondents say their organizations have experienced an incident involving the loss or exposure of patient information during this same period, but 26 percent of respondents are unsure. 

The Second Annual Study on Exchanging Cyber Threat Intelligence: There Has to Be a Better Way
November 4, 2015, 12:00 am

We are pleased to let you know about our latest study on intelligence sharing. The Second Annual Study on Exchanging Cyber Threat Intelligence: There Has to Be a Better Way reveals interesting trends in how organizations are participating in initiatives or programs for exchanging threat intelligence with peers, industry groups, IT vendors and government. According to the 692 IT and IT security practitioners surveyed, there is more recognition that the exchange of threat intelligence can improve an organization’s security posture and situational awareness. However, concerns about trust in the sources of intelligence and timeliness of the information continue to be a deterrent to participation in such initiatives.

Forty-seven percent of respondents say their organization had a material security breach that involved an attack that compromised the networks or enterprise systems. This attack could have been external (i.e. hacker), internal (i.e. malicious insider) or both. Most respondents (65 percent) say threat intelligence could have prevented or minimized the consequences of the attack.

Following are key research takeaways:

Threat intelligence is essential for a strong security posture. Seventy-five percent of respondents, who are familiar and involved in their company’s cyber threat intelligence activities or process, believe gathering and using threat intelligence is essential to a strong security posture.

Potential liability and lack of trust in sources of intelligence, keep some organizations from participating. Organizations that only partially participate cite potential liability of sharing (62 percent of respondents) and lack of trust in the sources of intelligence (60 percent of respondents). However, more respondents believe there is a benefit to exchanging threat intelligence.

Organizations rely upon peers and security vendors for threat intelligence. Sixty-five percent of respondents say they engage in informal peer-to-peer exchange of information or through a vendor threat exchange service (45 percent of respondents). IT vendors and peers are also considered to provide the most actionable information. Law enforcement or government officials are not often used as a source for threat intelligence.

Threat intelligence needs to be timely and easy to prioritize. Sixty-six percent of respondents who are only somewhat or not satisfied with current approaches say it is because the information is not timely and 46 percent complain the information is not categorized according to threat type or attacker.

Organizations are moving to a centralized program controlled by a dedicated team.  A huge barrier to effective collaboration in the exchange of threat intelligence is the existence of silos. Centralizing control over the exchange of threat intelligence is becoming more prevalent and might address the silo problem.

We hope you will download the full report.

Warmest regards,

 Dr. Larry Ponemon

Advanced Threat Detection with Machine-Generated Intelligence
October 28, 2015, 10:00 am

Companies are losing traction in the fight to identify and prevent advanced persistent threats (APTs) mainly because threat intelligence is often inaccurate or incomplete. The IT security practitioners in our latest study, Advanced Threat Detection with Machine-Generated Intelligence, believe better intelligence could have stopped an average of five security breaches their company had in the past two years. The good news is machine-generated intelligence provided by near-real-time technologies can improve threat detection and the ability to determine baseline or “normal behavior” in order to detect abnormal behavior.  According to participants in our research, machine-generated intelligence solutions will make threat intelligence more actionable and useful.  We hope you will read our latest study sponsored by Prelert, Advanced Threat Detection with Machine-Generated Intelligence, which looks at the state of advanced threat detection in companies, technologies deployed to detect advanced threats and the value of machine-generated intelligence.

Warmest regards,

Dr. Larry Ponemon
 

What You Don’t Know Will Hurt You: A Study of the Risk from Application Access and Usage
September 29, 2015, 12:00 am


Companies and their employees are becoming increasingly dependent upon applications to achieve business goals and increase productivity. However, the proliferation of applications is creating a serious security risk because identifying users’ risky behavior and non-compliance with policies can be nearly impossible. The typical organization now collects and stores a vast amount of customer data. In addition, the large number of employees accessing applications makes it difficult for organizations to keep track of exactly “who’s doing what”. 

What Erodes Trust in Digital Brands?
August 26, 2015, 6:00 am

What Erodes Trust in Digital Brands?

Around the world, IT security practitioners face a common problem: a budget that is inadequate to deal with cyber threats
June 9, 2015, 10:00 am

Around the world, IT security practitioners face a common problem: a budget that is inadequate to deal with cyber threats

Ponemon Institute Releases New Study on the Efforts of Retail Companies and Financial Services to Improve the Time to Detect and Contain Advanced Threats
May 28, 2015, 11:00 am

Ponemon Institute Releases New Study on the Efforts of Retail Companies and Financial Services to Improve the Time to Detect and Contain Advanced Threats

Cost of Data Breach Grows as does Frequency of Attacks
May 27, 2015, 6:00 am

Cost of Data Breach Grows as does Frequency of Attacks 

Criminal Attacks: The New Leading Cause of Data Breach in Healthcare
May 7, 2015, 9:00 am

The Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data, sponsored by ID Experts, shows that, for the first time, criminal attacks are the number-one root cause of healthcare data breaches. 

Records 1 - 10 of 71 — Jump to page First 1 2 3 4 5 6 7 8 Last
Categories
Security (23)
Privacy (22)
global security (1)
Providers (1)