MEASURING TRUST IN PRIVACY AND SECURITY
Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates


Blog

Welcome to my new blog. I look forward to providing interesting content from our latest research studies. Please stay tuned to some very thought provoking research!

Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations
February 12, 2014, 2:00 pm

What does a security team tell the CEO and board when a cyber attacker robs the company’s IP or shuts down the networks? CISOs face job insecurity because of the difficulty in being able to gather the threat intelligence quickly enough to know the “who,” “what,” “where,” “how” and “why” to respond and resolve an attack. The study reveals that many reports to senior management about a cyber attack are modified, filtered or watered down because the CISO does not have accurate and actionable threat intelligence.  What needs to be done? The consensus among the IT security practitioners surveyed is that they need the time and tools to discover and understand the nature of attacks faster with greater precision. To learn more about the current state of cyber attack responsiveness, we hope you will read Threat Intelligence & Incident Response: A Study of U.S. & EMEA Organizations sponsored by AccessData. For a copy of the full report, please click here.

The Impact of IT Transformation on Enterprise Computing
February 4, 2014, 3:30 pm

We are pleased to present the findings of The Impact of IT Transformation on Enterprise Computing sponsored by the Logicalis Corporation and HP.  The objective of this research is to better understand how the different stages of IT transformation can affect an organization, the challenges to advancing through each stage and how successful progression can improve an organization’s IT effectiveness, including IT security. (Click to download study)

Cyber Security Incident Response: Are We as Prepared as We Think?
January 21, 2014, 3:00 pm

Why is the CEO the last to know if the company had a cyber attack? According to the IT experts in our latest study, only 20 percent say they have regular communication with their senior leadership about threats and only 14 percent say the C-suite takes part in incident response. We hope you will read our latest study, Cyber Security Incident Response: Are We as Prepared as We Think? Sponsored by Lancope, IT experts share their insights about the state of incident response. The report can be found at: http://www.lancope.com/ponemon-incident-response/

2013 Survey on Medical Identity Theft
September 11, 2013, 11:00 pm

We are pleased to announce the release of our 2013 Survey on Medical Identity Theft. This is the fourth year of the study and as in previous years we find that medical identity theft continues to be a costly and potentially life-threatening crime. However, unlike other forms of identity theft, the thief is most likely to be someone the victim knows very well. In this study of more than 700 victims of this fraud, most cases of identity theft result not from a data breach but from the sharing of personal identification credentials with family and friends. Or, family members take the victim’s credentials without permission.


We believe that individuals, healthcare organizations and government working together can reduce the risk of medical identity theft. First, individuals need to be aware of the negative consequences of sharing their credentials despite possible good intentions. They should also take the time to read their medical records and explanation of benefits statements to ensure that their information is correct. Second, healthcare organizations and government should improve their authentication procedures to prevent imposters from obtaining medical services and products.
Sponsored by the Medical Identity Fraud Alliance (MIFA), with support from ID Experts, the report can be found at http://medidfraud.org/2013-survey-on-medical-identity-theft.

Live Threat Intelligence Impact Report 2013
August 23, 2013, 2:16 pm

Slow and weak threat intelligence can keep companies from defending against security compromises, breaches and exploits. According to the findings, if actionable intelligence about cyber attacks is available within 60 seconds before a compromise, the average cost of an exploit could be reduced an average of 40 percent. To learn more about the value of immediate threat intelligence, the current state of threat intelligence and the propensity of organizations to invest in live intelligence solutions, please listen to a webcast featuring Dr. Larry Ponemon and Jeff Harrell of Norse discussing the highlights of the research study, Live Threat Intelligence Impact Report 2013. To listen to the webinar and download a copy of the study, click here

Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age
August 22, 2013, 12:00 am

We are pleased to announce the release of a new study, Managing Cyber Security as a Business Risk: Cyber Insurance in the Digital Age. With the increasing cost and volume of data breaches, cyber security is quickly moving from being considered by business leaders as a purely technical issue to a larger business risk. This shift has spurred increased interest in cyber insurance to mitigate the cost of these issues. For the full report, please click here.

Live Threat Intelligence Impact Report 2013
July 26, 2013, 10:00 am

We are pleased to announce the release of a new study, Live Threat Intelligence Impact Report 2013, that reveals the facts behind the impact that weak intelligence can have on organizations and why the ability to quickly gather, analyze and use actionable intelligence is essential to cyber defense. According to the study sponsored by Norse, the companies that seem to be most successful in thwarting compromises to networks and enterprise systems say the optimal age of actionable intelligence is no longer than 4.6 minutes. To learn more about the value of immediate and live intelligence, we hope you will read the full report. To access click here.

The Risk of Regulated Data on Mobile Devices & in the Cloud
June 27, 2013, 9:00 am

We are pleased to announce the release of a new Ponemon Institute study sponsored by WatchDox. If you ever worry about an employee downloading confidential, regulated data on their own personal mobile device you need to read our report. To obtain a copy click here.

The State of Risk Based Security Management
June 25, 2013, 9:00 am

 

Ponemon Institute and Tripwire continue to study the state of risk-based security management. This annual study is conducted to understand the level of maturity of RBSM. In this year's study, we are especially interested in understanding the communication barriers that may be hindering companies ability to advance to more robust programs. One question that focuses on these barriers is whether RBSM an art or a science. To find out what our survey respondents think click here. Access the research: The Second Annual Study on the State of Risk-based Security Management

 

Security of Cloud Computing Users 2013 Study
March 5, 2013, 9:00 am

 

Today we are releasing a very interesting follow up study on how organizations are improving--or not--their cloud security practices. The Security of Cloud Computing Users study shows that when it comes to cloud computing the glass may be half full or half empty because only half or less of respondents have positive perceptions about how their organizations are adopting cloud security best practices and creating confidence in cloud services used within their organization. A significant finding is that only 50 percent of respondents are engaging their security team (always or most of the time) in determining the use of cloud services. We hope you will read the complete report to learn about changes in cloud computing security. Access the full Ponemon Research: 2013 Security of Cloud Computing Users Study
Highlights: View key takeaways in this infographic

Records 31 - 40 of 77 — Jump to page First 1 2 3 4 5 6 7 8 Last
Categories
Security (23)
Privacy (22)
global security (1)
Providers (1)