MEASURING TRUST IN PRIVACY AND SECURITY
Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Ponemon Institute is pleased to announce the release of Flipping the Economics of Attacks, sponsored by Palo Alto Networks. In this study, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.

...more


Blog

Welcome to my new blog. I look forward to providing interesting content from our latest research studies. Please stay tuned to some very thought provoking research!

What You Don’t Know Will Hurt You: A Study of the Risk from Application Access and Usage
September 29, 2015, 12:00 am


Companies and their employees are becoming increasingly dependent upon applications to achieve business goals and increase productivity. However, the proliferation of applications is creating a serious security risk because identifying users’ risky behavior and non-compliance with policies can be nearly impossible. The typical organization now collects and stores a vast amount of customer data. In addition, the large number of employees accessing applications makes it difficult for organizations to keep track of exactly “who’s doing what”.

Historically, companies have identified these types of risks through audits and assessments of application access and usage logs. This manual process is resource intensive. It requires significant staff time to correlate and review logs due to the large volume of users and activity. In addition, each application logs user actions differently and at varying levels of granularity with many applications not producing logs at all. These logs typically contain hundreds or thousands of discrete events in obscure technical language. As a consequence, organizations that rely upon logs from applications and devices find it nearly impossible to determine what a user actually did.

We hope you will join us on October 7 when we discuss the findings of What You Don’t Know Will Hurt You: A Study of the Risk from Application Access and Usage, sponsored by ObserveIT. Please register for the event.

 

What Erodes Trust in Digital Brands?
August 26, 2015, 6:00 am

What Erodes Trust in Digital Brands?

Around the world, IT security practitioners face a common problem: a budget that is inadequate to deal with cyber threats
June 9, 2015, 10:00 am

Around the world, IT security practitioners face a common problem: a budget that is inadequate to deal with cyber threats

Ponemon Institute Releases New Study on the Efforts of Retail Companies and Financial Services to Improve the Time to Detect and Contain Advanced Threats
May 28, 2015, 11:00 am

Ponemon Institute Releases New Study on the Efforts of Retail Companies and Financial Services to Improve the Time to Detect and Contain Advanced Threats

Cost of Data Breach Grows as does Frequency of Attacks
May 27, 2015, 6:00 am

Cost of Data Breach Grows as does Frequency of Attacks 

Criminal Attacks: The New Leading Cause of Data Breach in Healthcare
May 7, 2015, 9:00 am

The Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data, sponsored by ID Experts, shows that, for the first time, criminal attacks are the number-one root cause of healthcare data breaches. 

New Ponemon Institute study released: Economic Impact of Mixed Content Warnings on Consumer Behavior
April 27, 2015, 12:40 pm

We have all encountered mixed content warnings that show a visual icon or pop-up that attempts to warn us while visiting a website. A new study by Ponemon Institute, sponsored by Ghostery, recently conducted an experimental study to test consumer reactions to mixed content warnings when browsing secure e-commerce sites. To cut to the chase, the study reveals that consumer attrition resulting from mixed content warnings on web pages is estimated to cost the top 100 Internet retailers in the United States $310 million per annum. We hope you will read the details in the entire report.

http://marketing.ghosterymktg.com

Warmest regards,
Dr. Larry Ponemon
 

A Few Challenges in Calculating Total Cost of a Data Breach Using Insurance Claims Payment Data
April 19, 2015, 1:34 pm

Let me first state that I am a big fan of the Verizon DBIR and have read every one. I also have a great deal of respect for the NetDiligence Cyber Claims Study and like many in the insurance industry, find it extremely valuable. I was, however, taken by surprise when I read the latest Verizon report and saw that their cost of a data breach analysis was based on the NetDiligence data set. Here’s why:

Why Ponemon Institute’s Cost of Data Breach Methodology Is Sound and Endures
April 16, 2015, 5:01 pm

This week, Verizon released its annual 2015 Data Breach Investigations Report. We respect the amount of effort and resources Verizon devotes to its annual report. In the past, Ponemon Institute has reached out to the researchers at Verizon because of what I believe should be a shared and collaborative goal to continuously improve and refine the research being conducted about data breaches and other security incidents. In fact, we were pleased to have Wade Baker from the Verizon DBIR team speak to our Institute’s RIM Council of sponsoring companies and Fellows in December 2012. By the way, Verizon is a sponsoring company of the Institute.

 

Ponemon Institute releases new study on how organizations can leapfrog to a stronger cyber security posture
April 10, 2015, 4:00 pm

Is your company’s security strategy stuck in a rut? Are you concerned that the competition is outpacing you in its ability to deal with increasingly sophisticated and stealthy cyber criminals. Ponemon Institute with sponsorship from Accenture spent several months interviewing senior level IT and IT security practitioners in 247 companies to identify the main factors that contribute to an organization’s improved security posture—or leapfrogging from a level of low to high performance in its security ecosystem.

Records 11 - 20 of 77 — Jump to page First 1 2 3 4 5 6 7 8 Last
Categories
Security (23)
Privacy (22)
global security (1)
Providers (1)