Today we released a new study entitled the Risk of Insider Fraud: Second Annual Study . The research reveals that the number of employee-related incidents of fraud continues to remain high. However, only 44 percent of IT and IT security practitioners say their organization views the prevention of insider fraud as a top security priority and this perception has declined since we first conducted this study in 2011. Contributing to the insider risk is BYOD, employee access of enterprise systems from remote locations and lack of security protocols over edge devices. Some suggestions to address these risks include making training and awareness an important component of a security initiative and monitoring access privileges. These privileges also need to be appropriate for the employees’ role and responsibility. We hope you will read the full report that discusses the challenges organizations face in minimizing the risk of the malicious and negligent insider. To find out more, visit http://www.attachmate.com/assets/Ponemon_2012_Report.pdf

Data breaches have become a fact of life for organizations of all sizes, in every industry and in many parts of the globe. While many organizations anticipate that at some point a non-malicious or malicious data breach will occur, the focus of this study is to understand the steps organizations are taking to deal with the aftermath of a breach or what we call the Post Breach Boom. Sponsored by Solera Networks, we conducted The Post Breach Boom study to understand the differences between non-malicious and malicious data breaches and what lessons are to be learned from the investigation and forensics activities organizations conduct following the loss or theft of sensitive and confidential information. The majority of respondents in this study believe it is critical that a thorough post-breach analysis and forensic investigation be conducted following either a non-malicious or malicious security breach. To download the report, please click http://pages.soleranetworks.com/ponemon.html

One of our latest studies is the Efficacy of Emerging Network Security Technologies our objective is to learn about organizations’ use and perceptions about emerging network security technologies and their ability to address serious security threats.  The emerging technologies examined in this study include next generation firewalls, intrusion prevention systems with reputation feeds and web application firewalls. Some interesting findings include:  Securing web traffic is by far the most significant network security concern for the majority of organizations. However, the majority of respondents say network security technologies fall short of vendors’ promises. Almost half (48 percent) of respondents agree that emerging network security technologies are not effective in minimizing attacks that aim to bring down web applications or curtail gratuitous Internet traffic. To read a copy of the report please click http://www.juniper.net/us/en/dm/spotlight

Some staggering numbers

Every Global 2000 enterprise faces a total exposure of almost U.S. $400 million over 24 months due to new and evolving attacks on failed cryptographic key and digital certificate management. And adjusting for probability established by survey participants, we found every enterprise risks losing $35 million.
This findings cap our First Annual Cost of Failed Trust Report: Trusts and Attacks, which quantifies, for the first time, the financial impact of impact of new threats and attacks on our ability to control trust.

Complete study is available - http://www.venafi.com/ponemon-institute-first-annual-cost-of-failed-trust-report/?ls=mb&cid=70150000000KIkw

Do we still care about privacy? According to our annual study on privacy trust, more and more of us do care. Our biggest privacy concerns are the fear of identity theft and government intrusions into our personal lives. 

Could BYOD increase the risks of a healthcare data breach and medical identity theft? The third annual study on Patient Privacy and Data Security reveals the explosion of mobile devices used in healthcare organizations.

Sponsored by Lumension, the 2013 State of the Endpoint is our third annual study that tracks endpoint risk in organizations, the resources to address the risk and the technologies deployed to manage threats.

We are very pleased to introduce the Edelman Privacy Risk Index developed in collaboration with Ponemon Institute.  The Index provides a high level risk coefficient specified for various sized business organizations. The Index is derived from Meta analysis of Ponemon research involving more than 6,400 individuals located in 29 countries.  Here is the link to the online calculator:  http://www.edelman.com/privacy-risks/