SlideShare a Scribd company logo

Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary

Hewlett Packard Enterprise Business Value Exchange
Hewlett Packard Enterprise Business Value Exchange

Survey and Executive Summary Produced by MIT Technology Review Custom in Partnership with Hewlett Packard Enterprise Security Services and FireEye Inc.

Technology
1 of 8
Download to read offline
Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 1 IN THIS REPORT 1 Introduction Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary 2 Survey Highlights Issue 1: Security Challenges 3 Issue 2: Security Threats 4 Issue 3: Attack Frequency 5 Issue 4: Breach Preparedness 6 Issue 5: Risk Management Strategies 7 Issue 6: Breach Impact 8 Methodology and Participant Profile Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary No question about it: Information security—or, more precisely, the lack of it—is firmly on the radar for business and information-technology leaders in organizations of all sizes and in every sector. Many executives and managers fear that their companies are ill-prepared to prevent, detect, and effectively respond to various types of cyberattacks, and a shortage of in-house security expertise remains of widespread concern. Those are among the initial findings of the Cybersecurity Challenges, Risks, Trends, and Impacts Survey, conducted by MIT Technology Review Custom in February 2016. About 225 business and IT executives, directors, managers, and other leaders participated in the online survey, which was commissioned by Hewlett Packard Enterprise Security Services and FireEye Inc. While the research team continues to analyze survey results, themes about several key issues have already emerged. Among them: • Few survey respondents are fully confident in their ability to respond to security threats. For instance, only about 6 percent of those surveyed believe their organi- zations are “extremely well prepared” to respond to a security breach involving a major loss of information. • Many struggle to hire and retain highly qualified security specialists. “Lack of in-house expertise” ranks as the single greatest information-security challenge, cited by more than one-third of participants. • Most lack information risk-management strategies. While many expect to develop them, roughly 25 percent either have no plans to do so—or simply don’t know whether their organizations have, or eventually will have, such strategies. • Most see multiple security threats on the rise. Areas of greatest concern include threats related to mobile computing, email- or Web-based attacks, and the vulner- abilities created by the bring-your-own-device (BYOD)/bring-your-own apps (BYOA) workplace trends. • A majority report experiencing either more or as many data attacks today as in 2014. Only 7 percent report fewer attacks now than two years ago. • Participants call “lost time and productivity” the most negative effect of recent breaches. Other impacts include remediation time and necessary expenditures on consultants and additional technologies. Additional findings will be released later in 2016. Meanwhile, please read on for a few preliminary survey highlights. Survey and Executive Summary Produced by MIT Technology Review Custom in Partnership with Hewlett Packard Enterprise Security Services and FireEye Inc.
2 Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM Survey Highlights Following are initial survey results for several key issues: security challenges and threats, attack frequency, preparedness levels, information risk management strategies, and breach impact. Issue 1: Security Challenges For more than a third of survey participants, lack of in-house expertise ranks as the top information- security headache. What are your organization’s top information security challenges?* 39+34+27+23+21+20+20+18+16+13+9+2039+34+27+23+21+20+20+18+16+13+9+20Lack of in-house expertise Inadequate enabling technologies Insufficient funding Evasion of existing preventive security controls Difficulty in locating right security talent Inadequate forensic capabilities Loss of sensitive or confidential data (non-mobile sources) Lack of accountability Loss of mobile devices containing sensitive/ confidential data Poor leadership Third-party vetting failure Other *Multiple responses allowed. All percentages have been rounded. 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% SecurityChallenges
Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 3 Issue 2: Security Threats Participants perceive mobile computing as the biggest current threat to information security, but several other factors rank close behind. Where do you see the most growth in security threats?* 43+42+42+41+28+23+22+21+19+843+42+42+41+28+23+22+21+19+8Mobile computing Employee mobile- device or application use (BYOD/BYOA) Attacks via email Attacks via Web Cloud migration process Attacks via social media New app implementation/app development process Nation-on-nation breaches Data sovereignty Other *Multiple responses allowed. All percentages have been rounded. 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% SecurityThreats
4 Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 34+31+24+7+434+31+24+7+4 Issue 3: Attack Frequency For more than a third of survey participants, data attacks are clearly on the rise today, but nearly as many don’t know for sure whether they’re experiencing more or fewer attacks than they did two years ago. About a quarter of survey participants see no change, while a few report being “under constant attack.” Only a handful say data attacks have decreased. Across your organization, do you feel that you are experiencing more, fewer, or the same number of data attacks today compared with two years ago?* *All percentages have been rounded. More data attacks than two years ago 34% Don't know 31% Same number of attacks as two years ago 24% Fewer data attacks than two years ago 7% We’re under constant attack these days 4% AttackFrequency
Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 5 Issue 4: Breach Preparedness Only a handful of survey participants feel their organizations are “extremely well prepared” to respond to a security breach involving serious information loss. On a scale of 1 to 5, how prepared is your organization to respond to an incident involving a material loss of information? BreachPreparedness 18+23+31+22+618+23+31+22+6 Inadequately prepared 1 Somewhat inadequately prepared 2 Somewhat prepared 3 Well prepared 4 Extremely well prepared 5
6 Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM Issue 5: Risk Management Strategies Roughly 40 percent of participants have information risk management strategies, and nearly as many are either developing such strategies or plan to do so. However, others either don’t know whether their organizations have such strategies—or don’t expect to develop them. Does your organization have an information risk management strategy?* 39+21+16+14+1039+21+16+14+10Yes No; one in development No; plan to develop one No; no plans to develop one Don’t know *All percentages have been rounded. 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% RiskManagementStrategies
Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 7 422524161612121086524265422524161612121086524265Issue 6: Breach Impact Security incidents impact organizations in a variety of ways, from remediation expenses to lost custom- ers to brand-value damage. While about a quarter of survey participants report “no significant impact” and about as many say they don’t know whether they’ve been affected, the rest indicate that they have experienced one or more breach-related impacts in the past two years. How have security breaches impacted your organization in the past two years?* *Multiple responses allowed. All percentages have been rounded. Lost time and productivity Remediation time Cost of purchased technologies Cost of outside consultants/technologies Short-term damage to reputation, brand, image Lost revenues Cost of notification Out-of-pocket costs to prevent harm to victims Lost customers Regulatory fines and lawsuits Long-term damage to reputation, brand, image None/no significant impact Don’t know Other 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% BreachImpact
Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 8 About MIT Technology Review Custom Built on more than 115 years of excellence in technology journalism, MIT Technology Review Custom is the arm of global media company MIT Technology Review that creates and distributes custom content. Our turnkey solutions include everything from writing, editing, and design expertise to multiple options for promotional support. Working closely with clients, our expert custom-editorial staff develops a range of high-quality, relevant content, delivering it to users when and where they want it—in digital, print, online, or in-person experiences. Everything is customized to fit clients’ content marketing goals and position them as thought leaders aligned with the authority on technology that matters. Copyright © 2016, MIT Technology Review. All rights reserved. www.technologyreview.com/media Methodology and Participant Profile: MIT Technology Review Custom conducted an online survey of IT and business executives and managers across a broad range of industries in February 2016. About 225 qualified participants—primarily from North America, the United Kingdom, Western Europe, India, China, Latin America, and the Asia-Pacific region—completed the 31-question survey. Additional findings will be released in mid-March 2016. Methodologyand ParticipantProfile

Recommended

Customer Experience in the Age of the Internet of Things
Customer Experience in the Age of the Internet of ThingsCustomer Experience in the Age of the Internet of Things
Customer Experience in the Age of the Internet of Things
Hewlett Packard Enterprise Business Value Exchange
 
Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...
Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...
Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...
Hewlett Packard Enterprise Business Value Exchange
 
The Path to Self-Disruption
The Path to Self-DisruptionThe Path to Self-Disruption
The Path to Self-Disruption
Hewlett Packard Enterprise Business Value Exchange
 
Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...
Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...
Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...
Hewlett Packard Enterprise Business Value Exchange
 
EFMA & HP: Evolution of the Workplace in Financial Services
EFMA & HP: Evolution of the Workplace in Financial ServicesEFMA & HP: Evolution of the Workplace in Financial Services
EFMA & HP: Evolution of the Workplace in Financial Services
Hewlett Packard Enterprise Business Value Exchange
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the Best
Hewlett Packard Enterprise Business Value Exchange
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
Hewlett Packard Enterprise Business Value Exchange
 
To Accelerate IT Innovation, Think like a Rocket Scientist
To Accelerate IT Innovation, Think like a Rocket ScientistTo Accelerate IT Innovation, Think like a Rocket Scientist
To Accelerate IT Innovation, Think like a Rocket Scientist
Hewlett Packard Enterprise Business Value Exchange
 

Recommended

Customer Experience in the Age of the Internet of Things
Customer Experience in the Age of the Internet of ThingsCustomer Experience in the Age of the Internet of Things
Customer Experience in the Age of the Internet of Things
Hewlett Packard Enterprise Business Value Exchange
 
Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...
Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...
Cape to Cape Challenge Reveals Potentials: Big Data Analytics for the Car of ...
Hewlett Packard Enterprise Business Value Exchange
 
The Path to Self-Disruption
The Path to Self-DisruptionThe Path to Self-Disruption
The Path to Self-Disruption
Hewlett Packard Enterprise Business Value Exchange
 
Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...
Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...
Forrester Survey Reveals Rising Customer Expectations & Improving Efficiency ...
Hewlett Packard Enterprise Business Value Exchange
 
EFMA & HP: Evolution of the Workplace in Financial Services
EFMA & HP: Evolution of the Workplace in Financial ServicesEFMA & HP: Evolution of the Workplace in Financial Services
EFMA & HP: Evolution of the Workplace in Financial Services
Hewlett Packard Enterprise Business Value Exchange
 
Plan for the Worst; Fight for the Best
Plan for the Worst; Fight for the BestPlan for the Worst; Fight for the Best
Plan for the Worst; Fight for the Best
Hewlett Packard Enterprise Business Value Exchange
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
Hewlett Packard Enterprise Business Value Exchange
 
To Accelerate IT Innovation, Think like a Rocket Scientist
To Accelerate IT Innovation, Think like a Rocket ScientistTo Accelerate IT Innovation, Think like a Rocket Scientist
To Accelerate IT Innovation, Think like a Rocket Scientist
Hewlett Packard Enterprise Business Value Exchange
 
Technology rethink for next generation loyalty programmes
Technology rethink for next generation loyalty programmesTechnology rethink for next generation loyalty programmes
Technology rethink for next generation loyalty programmes
Hewlett Packard Enterprise Business Value Exchange
 
Can customer experience thrive in the age of the io t
Can customer experience thrive in the age of the io tCan customer experience thrive in the age of the io t
Can customer experience thrive in the age of the io t
Hewlett Packard Enterprise Business Value Exchange
 
Hp pultik 1000x1000_out_en
Hp pultik 1000x1000_out_enHp pultik 1000x1000_out_en
Hp pultik 1000x1000_out_en
Hewlett Packard Enterprise Business Value Exchange
 
Game-Changers: CIOs on Digital Transformation
Game-Changers: CIOs on Digital TransformationGame-Changers: CIOs on Digital Transformation
Game-Changers: CIOs on Digital Transformation
Hewlett Packard Enterprise Business Value Exchange
 
Realize the Full Value
Realize the Full ValueRealize the Full Value
Realize the Full Value
Hewlett Packard Enterprise Business Value Exchange
 
Connecting the manufacturing industry
Connecting the manufacturing industryConnecting the manufacturing industry
Connecting the manufacturing industry
Hewlett Packard Enterprise Business Value Exchange
 
Manufacturing Forum 2016
Manufacturing Forum 2016Manufacturing Forum 2016
Manufacturing Forum 2016
Hewlett Packard Enterprise Business Value Exchange
 
Getting to your hybrid future
Getting to your hybrid futureGetting to your hybrid future
Getting to your hybrid future
Hewlett Packard Enterprise Business Value Exchange
 
Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Connected Manufacturing Brochure Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Business Value Exchange
 
FSI Key Propositions
FSI Key PropositionsFSI Key Propositions
FSI Key Propositions
Hewlett Packard Enterprise Business Value Exchange
 
Happy Employees Lead to Happy Customers
Happy Employees Lead to Happy CustomersHappy Employees Lead to Happy Customers
Happy Employees Lead to Happy Customers
Hewlett Packard Enterprise Business Value Exchange
 
How to Deliver Value "Beyond the Pill"
How to Deliver Value "Beyond the Pill"How to Deliver Value "Beyond the Pill"
How to Deliver Value "Beyond the Pill"
Hewlett Packard Enterprise Business Value Exchange
 
The Path to Self-Disruption
The Path to Self-DisruptionThe Path to Self-Disruption
The Path to Self-Disruption
Hewlett Packard Enterprise Business Value Exchange
 
HPE Security Report 2016
HPE Security Report 2016HPE Security Report 2016
HPE Security Report 2016
Hewlett Packard Enterprise Business Value Exchange
 
Realising Potential - The Dandelion Program
Realising Potential - The Dandelion ProgramRealising Potential - The Dandelion Program
Realising Potential - The Dandelion Program
Hewlett Packard Enterprise Business Value Exchange
 
FinTech Innovation Model 2015
FinTech Innovation Model 2015FinTech Innovation Model 2015
FinTech Innovation Model 2015
Hewlett Packard Enterprise Business Value Exchange
 
Time for co-operation
Time for co-operationTime for co-operation
Time for co-operation
Hewlett Packard Enterprise Business Value Exchange
 
Awareness is only the first step
Awareness is only the first stepAwareness is only the first step
Awareness is only the first step
Hewlett Packard Enterprise Business Value Exchange
 
Time for co-operation
Time for co-operationTime for co-operation
Time for co-operation
Hewlett Packard Enterprise Business Value Exchange
 
Personalize the Travel Experience - and Gain Insights
Personalize the Travel Experience - and Gain Insights Personalize the Travel Experience - and Gain Insights
Personalize the Travel Experience - and Gain Insights
Hewlett Packard Enterprise Business Value Exchange
 
BVEx Research: Open Data Unlocked
BVEx Research: Open Data UnlockedBVEx Research: Open Data Unlocked
BVEx Research: Open Data Unlocked
Hewlett Packard Enterprise Business Value Exchange
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Hewlett Packard Enterprise Business Value Exchange
 

More Related Content

Viewers also liked

Viewers also liked (6)

Technology rethink for next generation loyalty programmes
Technology rethink for next generation loyalty programmesTechnology rethink for next generation loyalty programmes
Technology rethink for next generation loyalty programmes
 
Can customer experience thrive in the age of the io t
Can customer experience thrive in the age of the io tCan customer experience thrive in the age of the io t
Can customer experience thrive in the age of the io t
 
Hp pultik 1000x1000_out_en
Hp pultik 1000x1000_out_enHp pultik 1000x1000_out_en
Hp pultik 1000x1000_out_en
 
Game-Changers: CIOs on Digital Transformation
Game-Changers: CIOs on Digital TransformationGame-Changers: CIOs on Digital Transformation
Game-Changers: CIOs on Digital Transformation
 
Realize the Full Value
Realize the Full ValueRealize the Full Value
Realize the Full Value
 
Connecting the manufacturing industry
Connecting the manufacturing industryConnecting the manufacturing industry
Connecting the manufacturing industry
 

More from Hewlett Packard Enterprise Business Value Exchange

More from Hewlett Packard Enterprise Business Value Exchange (20)

Manufacturing Forum 2016
Manufacturing Forum 2016Manufacturing Forum 2016
Manufacturing Forum 2016
 
Getting to your hybrid future
Getting to your hybrid futureGetting to your hybrid future
Getting to your hybrid future
 
Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Connected Manufacturing Brochure Hewlett Packard Enterprise Connected Manufacturing Brochure
Hewlett Packard Enterprise Connected Manufacturing Brochure
 
FSI Key Propositions
FSI Key PropositionsFSI Key Propositions
FSI Key Propositions
 
Happy Employees Lead to Happy Customers
Happy Employees Lead to Happy CustomersHappy Employees Lead to Happy Customers
Happy Employees Lead to Happy Customers
 
How to Deliver Value "Beyond the Pill"
How to Deliver Value "Beyond the Pill"How to Deliver Value "Beyond the Pill"
How to Deliver Value "Beyond the Pill"
 
The Path to Self-Disruption
The Path to Self-DisruptionThe Path to Self-Disruption
The Path to Self-Disruption
 
HPE Security Report 2016
HPE Security Report 2016HPE Security Report 2016
HPE Security Report 2016
 
Realising Potential - The Dandelion Program
Realising Potential - The Dandelion ProgramRealising Potential - The Dandelion Program
Realising Potential - The Dandelion Program
 
FinTech Innovation Model 2015
FinTech Innovation Model 2015FinTech Innovation Model 2015
FinTech Innovation Model 2015
 
Time for co-operation
Time for co-operationTime for co-operation
Time for co-operation
 
Awareness is only the first step
Awareness is only the first stepAwareness is only the first step
Awareness is only the first step
 
Time for co-operation
Time for co-operationTime for co-operation
Time for co-operation
 
Personalize the Travel Experience - and Gain Insights
Personalize the Travel Experience - and Gain Insights Personalize the Travel Experience - and Gain Insights
Personalize the Travel Experience - and Gain Insights
 
BVEx Research: Open Data Unlocked
BVEx Research: Open Data UnlockedBVEx Research: Open Data Unlocked
BVEx Research: Open Data Unlocked
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
Vanilla. Vanilla. Vanilla. Strawberry. The New Imperative in Retail Banking.
Vanilla. Vanilla. Vanilla. Strawberry. The New Imperative in Retail Banking.Vanilla. Vanilla. Vanilla. Strawberry. The New Imperative in Retail Banking.
Vanilla. Vanilla. Vanilla. Strawberry. The New Imperative in Retail Banking.
 
HP Event Recap: Successful IT Governance
HP Event Recap: Successful IT GovernanceHP Event Recap: Successful IT Governance
HP Event Recap: Successful IT Governance
 
HP Event Recap: Transformation Time for Telcos
HP Event Recap: Transformation Time for TelcosHP Event Recap: Transformation Time for Telcos
HP Event Recap: Transformation Time for Telcos
 
Partner for Innovation and Growth!
Partner for Innovation and Growth!Partner for Innovation and Growth!
Partner for Innovation and Growth!
 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 

Recently uploaded (20)

Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 

Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary

  • 1. Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 1 IN THIS REPORT 1 Introduction Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary 2 Survey Highlights Issue 1: Security Challenges 3 Issue 2: Security Threats 4 Issue 3: Attack Frequency 5 Issue 4: Breach Preparedness 6 Issue 5: Risk Management Strategies 7 Issue 6: Breach Impact 8 Methodology and Participant Profile Cybersecurity Challenges, Risks, Trends, and Impacts: Survey Executive Summary No question about it: Information security—or, more precisely, the lack of it—is firmly on the radar for business and information-technology leaders in organizations of all sizes and in every sector. Many executives and managers fear that their companies are ill-prepared to prevent, detect, and effectively respond to various types of cyberattacks, and a shortage of in-house security expertise remains of widespread concern. Those are among the initial findings of the Cybersecurity Challenges, Risks, Trends, and Impacts Survey, conducted by MIT Technology Review Custom in February 2016. About 225 business and IT executives, directors, managers, and other leaders participated in the online survey, which was commissioned by Hewlett Packard Enterprise Security Services and FireEye Inc. While the research team continues to analyze survey results, themes about several key issues have already emerged. Among them: • Few survey respondents are fully confident in their ability to respond to security threats. For instance, only about 6 percent of those surveyed believe their organi- zations are “extremely well prepared” to respond to a security breach involving a major loss of information. • Many struggle to hire and retain highly qualified security specialists. “Lack of in-house expertise” ranks as the single greatest information-security challenge, cited by more than one-third of participants. • Most lack information risk-management strategies. While many expect to develop them, roughly 25 percent either have no plans to do so—or simply don’t know whether their organizations have, or eventually will have, such strategies. • Most see multiple security threats on the rise. Areas of greatest concern include threats related to mobile computing, email- or Web-based attacks, and the vulner- abilities created by the bring-your-own-device (BYOD)/bring-your-own apps (BYOA) workplace trends. • A majority report experiencing either more or as many data attacks today as in 2014. Only 7 percent report fewer attacks now than two years ago. • Participants call “lost time and productivity” the most negative effect of recent breaches. Other impacts include remediation time and necessary expenditures on consultants and additional technologies. Additional findings will be released later in 2016. Meanwhile, please read on for a few preliminary survey highlights. Survey and Executive Summary Produced by MIT Technology Review Custom in Partnership with Hewlett Packard Enterprise Security Services and FireEye Inc.
  • 2. 2 Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM Survey Highlights Following are initial survey results for several key issues: security challenges and threats, attack frequency, preparedness levels, information risk management strategies, and breach impact. Issue 1: Security Challenges For more than a third of survey participants, lack of in-house expertise ranks as the top information- security headache. What are your organization’s top information security challenges?* 39+34+27+23+21+20+20+18+16+13+9+2039+34+27+23+21+20+20+18+16+13+9+20Lack of in-house expertise Inadequate enabling technologies Insufficient funding Evasion of existing preventive security controls Difficulty in locating right security talent Inadequate forensic capabilities Loss of sensitive or confidential data (non-mobile sources) Lack of accountability Loss of mobile devices containing sensitive/ confidential data Poor leadership Third-party vetting failure Other *Multiple responses allowed. All percentages have been rounded. 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% SecurityChallenges
  • 3. Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 3 Issue 2: Security Threats Participants perceive mobile computing as the biggest current threat to information security, but several other factors rank close behind. Where do you see the most growth in security threats?* 43+42+42+41+28+23+22+21+19+843+42+42+41+28+23+22+21+19+8Mobile computing Employee mobile- device or application use (BYOD/BYOA) Attacks via email Attacks via Web Cloud migration process Attacks via social media New app implementation/app development process Nation-on-nation breaches Data sovereignty Other *Multiple responses allowed. All percentages have been rounded. 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% SecurityThreats
  • 4. 4 Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 34+31+24+7+434+31+24+7+4 Issue 3: Attack Frequency For more than a third of survey participants, data attacks are clearly on the rise today, but nearly as many don’t know for sure whether they’re experiencing more or fewer attacks than they did two years ago. About a quarter of survey participants see no change, while a few report being “under constant attack.” Only a handful say data attacks have decreased. Across your organization, do you feel that you are experiencing more, fewer, or the same number of data attacks today compared with two years ago?* *All percentages have been rounded. More data attacks than two years ago 34% Don't know 31% Same number of attacks as two years ago 24% Fewer data attacks than two years ago 7% We’re under constant attack these days 4% AttackFrequency
  • 5. Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 5 Issue 4: Breach Preparedness Only a handful of survey participants feel their organizations are “extremely well prepared” to respond to a security breach involving serious information loss. On a scale of 1 to 5, how prepared is your organization to respond to an incident involving a material loss of information? BreachPreparedness 18+23+31+22+618+23+31+22+6 Inadequately prepared 1 Somewhat inadequately prepared 2 Somewhat prepared 3 Well prepared 4 Extremely well prepared 5
  • 6. 6 Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM Issue 5: Risk Management Strategies Roughly 40 percent of participants have information risk management strategies, and nearly as many are either developing such strategies or plan to do so. However, others either don’t know whether their organizations have such strategies—or don’t expect to develop them. Does your organization have an information risk management strategy?* 39+21+16+14+1039+21+16+14+10Yes No; one in development No; plan to develop one No; no plans to develop one Don’t know *All percentages have been rounded. 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% RiskManagementStrategies
  • 7. Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 7 422524161612121086524265422524161612121086524265Issue 6: Breach Impact Security incidents impact organizations in a variety of ways, from remediation expenses to lost custom- ers to brand-value damage. While about a quarter of survey participants report “no significant impact” and about as many say they don’t know whether they’ve been affected, the rest indicate that they have experienced one or more breach-related impacts in the past two years. How have security breaches impacted your organization in the past two years?* *Multiple responses allowed. All percentages have been rounded. Lost time and productivity Remediation time Cost of purchased technologies Cost of outside consultants/technologies Short-term damage to reputation, brand, image Lost revenues Cost of notification Out-of-pocket costs to prevent harm to victims Lost customers Regulatory fines and lawsuits Long-term damage to reputation, brand, image None/no significant impact Don’t know Other 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% BreachImpact
  • 8. Cybersecurity Survey: Executive Summary MIT TECHNOLOGY REVIEW CUSTOM 8 About MIT Technology Review Custom Built on more than 115 years of excellence in technology journalism, MIT Technology Review Custom is the arm of global media company MIT Technology Review that creates and distributes custom content. Our turnkey solutions include everything from writing, editing, and design expertise to multiple options for promotional support. Working closely with clients, our expert custom-editorial staff develops a range of high-quality, relevant content, delivering it to users when and where they want it—in digital, print, online, or in-person experiences. Everything is customized to fit clients’ content marketing goals and position them as thought leaders aligned with the authority on technology that matters. Copyright © 2016, MIT Technology Review. All rights reserved. www.technologyreview.com/media Methodology and Participant Profile: MIT Technology Review Custom conducted an online survey of IT and business executives and managers across a broad range of industries in February 2016. About 225 qualified participants—primarily from North America, the United Kingdom, Western Europe, India, China, Latin America, and the Asia-Pacific region—completed the 31-question survey. Additional findings will be released in mid-March 2016. Methodologyand ParticipantProfile