The ThreatTrack Security "10 Signs We’re in for More Data Breaches" slideshow offers a glimpse of what top executives and front-line cybersecurity professionals think of today’s threat landscape and the challenges they face – all of which underscores that the status quo will do nothing more than create a welcoming environment for even more data breaches.
2. Under Constant Barrage
Defending against data breaches has never
been more challenging, and the stakes
have never been higher.
The ThreatTrack Security Labs processes
more than 200,000 new malicious threats
daily, underscoring the increasing velocity
and staggering rate at which cybercriminals
are creating new threats and unleashing
new variants to evade detection.
200,000+
new malware threats
are created every day
3. Executive Anxiety
When ThreatTrack Security conducted a
study of U.S. enterprise CEOs, CFOs,
CIOs and CISOs, the results painted a
picture of overwhelmed corporate leaders
who lacked confidence in their cyber-
security readiness, and expressed
resignation when it came to their ability to
defend against APTs and other advanced
threats used in data breaches.
ThreatTrack Security; Enterprise Executives Lack
Confidence About Cybersecurity, 2013
Of top enterprise executives:
69% concerned they are vulnerable to
advanced malware threats
66% unsure if they have been targeted
by an APT
47% do not use advanced malware analysis
in their cyber defense
4. S.O.S. From the Frontlines
ThreatTrack Security’s research with
security professionals within U.S.
enterprises responsible for malware
analysis revealed that this critical line of
data breach defense is understaffed and
outgunned in their daily battle against
internal and external threats.
ThreatTrack Security; Malware Analysts Have the
Tools They Need, But Challenges Remain, 2013
Enterprise malware analysts ID biggest challenges
67% concerned about complexity of malware
67% struggle with volume of malware they face
40% do not have enough skilled staff
35% lack access to advanced malware analysis tools
5. Self-Inflicted Wounds
Despite increased awareness and
employee education, cybersecurity
professionals within U.S. enterprises
continue to struggle with senior leadership’s
risky online behavior, opening the door to
stolen credentials and access to an
organization’s most sensitive data – all of
which is preventable.
ThreatTrack Security; Malware Analysts Have the
Tools They Need, But Challenges Remain, 2013
Cybersecurity pros report having to remove
malware from senior executives’ PCs because:
56%
Clicking on a malicious
link in a phishing email
45%
Allowing a family member to
use a company-owned device
40%
Visiting an infected
pornographic website
6. Data Breaches Costlier
and More Sophisticated
When you consider the costs associated
with loss of competitiveness, eroded
customer trust, government fines and
litigation, one breach may be all it takes to
put many businesses out of business.
* Verizon; 2013 Data Breach Investigations Report
** Ponemon Institute; 2013 Cost of Data Breach
Study: Global Analysis
40% of data breaches
involve malware*
92% of data breaches perpetrated by outsiders*
$3.03 million is the average cost of
lost business due to a data breach**
7. Data Breaches
Go Undetected
Time is not on your side, and breaches go
too long without being detected.
How are breaches discover? Only 10% of
data breaches are discovered by accident.
Most are discovered through the use of
forensic investigative tools like a malware
analysis sandbox, 28%; DLP solution, 19%;
or through law enforcement
notification, 15%.**
*Verizon; 2013 Data Breach Investigations Report
** Ponemon Institute; The Post Breach Boom, 2013
66%
of data breaches
take months to
be discovered*
8. Data Breaches
Go Unreported
Today’s data breach headlines may only be
scratching the surface, with too many data
breaches going unreported. According to
ThreatTrack Security research, the largest
companies are even more likely to have
had an unreported breach, with 66% of
malware analysts with the largest
enterprises reporting undisclosed data
breaches.
ThreatTrack Security; Malware Analysts Have the
Tools They Need, But Challenges Remain, 2013
57%
of enterprise malware analysts
have investigated or addressed
a data breach that was
never disclosed
9. Cybersecurity Under Funded
Research consistently shows that
cybersecurity pros lack resources, and the
numbers back that up. IT budgets are
rising, but security remains only a small
fraction despite growing awareness of data
breaches and the long-term risk they pose
to organizations of all sizes.
PwC; Global State of Information Security Survey
2014
Information security remains at
less than 4% of overall IT spending
Security < 4%
10. Untrusting Consumers
Months before Target’s data breach was
disclosed, consumers already lacked
confidence in U.S. enterprises’ ability to
keep their data secure. ThreatTrack
Security research uncovered deep mistrust
of enterprise cybersecurity and anxiety over
the vulnerability of their personal data.
ThreatTrack Security; Enterprise Executives Lack
Confidence About Cybersecurity, 2013
Of consumers:
71% say companies that hold their data do
not do enough to protect it
75% believe companies will be attacked and
their data will be stolen
47% reported being notified their
information had been compromised
11. Government’s Role Unclear
Many organizations rely on regulatory
compliance standards for the foundation of
their cybersecurity and data breach
defense strategy. While some cybersecurity
pros support government guidance, the
public remains skeptical of its involvement.
Meanwhile, others are conflicted about the
most recent government security
framework and guidance initiatives.
* ThreatTrack Security; Despite Adequate Security
Guidance From The Government, Defense
Contractors Say They Remain Vulnerable To Cyber-
Attack, 2014
** ThreatTrack Security; Enterprise Executives Lack
Confidence About Cybersecurity, 2013
88% of cybersecurity pros
say the government provides
strong guidance for securing
sensitive information*
70% of consumers are
skeptical of government
mandating security standards
to private companies**
12. Prevent Data Breaches
with ThreatTrack Security
ThreatTrack Security specializes in helping
organizations identify and stop Advanced
Persistent Threats (APTs), targeted attacks
and other sophisticated malware designed
to evade the traditional cyber-defenses
deployed by enterprises and government
agencies around the world.
The company develops advanced
cybersecurity solutions that
Expose, Analyze and Eliminate the
world’s most sophisticated malware. Learn
more at www.ThreatTrackSecurity.com.