SlideShare uma empresa Scribd logo

2016 Scalar Security Study Roadshow

Scalar Decisions
Scalar Decisions

Presentation from the 2016 Scalar Security Study Roadshow, highlighting the findings from the second annual Scalar Security Study, The Cyber Security Readiness of Canadian Organizations, which examines trends among Canadian organizations in dealing with growing cyber threats.

Tecnologia
1 de 20
Baixar para ler offline
Toronto February  25,   2016 2016  Security  Roadshow
The  2016  Scalar  Security  Study
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   3 Purpose  of  the  Study § How  prepared  are  Canadian   organizations  to  deal  with  cyber  attacks? § How  have  cyber  attacks  changed  over   the  past  year? § What  is  the  cost  of  cyber  attacks  to   Canadian  organizations? § What  are  the  most  effective  ways  to   reduce  cyber  security  risk?
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   4 Study  Scope § 100%  Canadian § 654  qualified  responses § Security-­savvy  respondents § Medium-­to-­large  organization  focused   (25%  >  $1B  revenue) § 18  industries § Global  presence
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   5 Why  Canadian  Data  Matters § US  studies  reveal  individual  breach   costs  in  the  millions § Regulatory  landscape § Different  cyber  attack  profile  in  Canada § Canadian  companies  differ § Size § Culture § Budgets § Access  to  resources
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   6 Only  37% of  organizations  believe  they  are  winning   the  cyber  security  war § Attacker  sophistication  on  the  rise § More  attacks  reported § Greater  losses  of  data § Traditional  defenses  ineffective § Lack  of  advanced  technology § Skill  gap  persists Overall  – Lower  Confidence
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   7 $7  Million Over  the  last  12  months,  cyber  security   compromises  cost  organizations  roughly § Average  40  incidents  per  year § 51%  reported  lost  sensitive  data § Increased  concern  of  cyber  crime § Inside  threats  specifically  concerning § Targeted  attacks  on  the  rise § Severity § Sophistication § Frequency Attacks  on  the  Rise
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Most  Losses  Are  Indirect Breakdown  of  Losses 2015 2014 Cleanup or  remediation $766,667 $676,023 Lost  user  productivity $950,625 $987,191 Disruption to  normal  operations $1,061,818 $1,101,379 Damage  or  theft  of  IT  assets  and  infrastructure $1,638,663 $1,533,989 Damage  to  reputation $2,647,560 $2,586,941 Total $7,065,332 $6,885,523 § Within  each  category  15%-­20%  of   respondents  could  not  estimate  the  cost
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Intellectual  Property  Losses  and  Competitive  Advantage 36% 33% 31%32% 30% 38% 0% 5% 10% 15% 20% 25% 30% 35% 40% Yes,  I  believe  it  has   caused  a  loss  of   competitive  advantage No,  it  hasn't  caused  a   loss  of  competitive   advantage Unsure 2015 2014 § 33%  reported  a   loss  of  IP  in  the   past  24  months § Criminals  were   ranked  as  “most   likely”  to  launch   an  attack § Insider  threats   ranked  very   important
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Intellectual  Property  Losses 59% 43% 33% 30% 19% 7% 65% 46% 30% 33% 15% 8% 0% 10% 20% 30% 40% 50% 60% 70% Gut  feeling Appearance  of  copied  products  or   activities Emergence  of  new  competition Soured  deals  or  business  ventures Compromised  negotiations Other 2014 2015 § Average  between   $5M  and  $6M   annual  losses § Losses  are   supported  by   evidence  of   damage § Criminal  activity   affecting  business   deals
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 70% 26% 4% 77% 20% 3% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Yes No Unsure 2015 2014 § 70%  of  threats   evaded  IDS  or   AV  systems § 82%  of   respondents   reported  threats   that  evaded  AV   systems § Confidence  in   “No”  response?
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 80% 65% 49% 48% 46% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Web-­borne  malware  attacks Rootkits Advanced  persistent  threats   (APTs)/targeted  attacks Spear  phishing Clickjacking § Most  threats  are   considered   ”advanced” § Targeted  attacks   to  gain  access  to   data  (loss  of  IP) § Users  as  targets § High  number   exploits  >  3   months  old
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 38% 54% 8% 0% 10% 20% 30% 40% 50% 60% Yes No Unsure 62% Cannot  confirm  that  they   are  able  to  detect  nor  stop   advanced  threats 46% Unsure  how  to  identify   APTs  as  cause  of  incidents
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 60% 55% 44% 41% 29% 56% 49% 42% 38% 36% 0% 10% 20% 30% 40% 50% 60% 70% IT  downtime Business  interruption Theft  of  personal  information Exfiltration  of  classified  or  sensitive   information Nothing  happened 2014 2015 § Overwhelming   data  that   supports  losses   of  data  and   business   interruption § YET… 29%   believe  “nothing   happened”  as  a   result  of  APTs
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Beyond  Technology 3.54 3.13 2.18 2.00 1.75 3.94 2.89 1.90 1.67 2.05 0.00 0.50 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Insufficient  budget  (money) Lack  of  clear  leadership Lack  of  collaboration  with  other   functions Lack  of  in-­house  expertise Insufficient  personnel 2014 2015 § No  mention  of   technology  (except   lack  of  budget) § 93%-­95%  rank   experience  as   qualifier  for  experts § Collaboration   important  outside   of  IT  function
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Beyond  Technology 25% 33% 37% 23% 31% 40% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% Yes,  fully  aligned Yes,  partially  aligned No,  not  aligned 2015 2014 37% Of  Security  Strategies  NOT   aligned  with  the  business
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   17 § Less  reliance  on  traditional  tools § Leverage  technology  to  achieve   visibility,  understanding  and  control § More  awareness  of  severity  and   frequency  of  attacks § Align  security  strategy  with  business   objectives Attributes  of  High  Performers
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   18 § High  performing  organizations: § More  aware  of  threats § Spend  more  on  security § Measure  ROI  on  investment § Report  more  attacks § Suffer  fewer  losses § Beyond  the  numbers Driving  Successful  Outcomes
©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   19 Study  Conclusions § Conduct  risk  and  vulnerability  assessments  to  understand  probable  attack  vectors § Align  security  strategy  with  business  objectives,  and  secure  sufficient  funding  in   people,  process  and  technology § Invest  in  technologies  that  provide  visibility  understanding  and  control  to  detect   anomalies  in  your  environment § Invest  in  expert  skills  and  specialized  training  for  in-­house  teams;;  or  consider   leveraging  an  external  3rd  party  security  services  firm
Thank  You

Recomendados

Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security Study
Scalar Decisions
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
Scalar Decisions
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
Tracey Ong
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
Scalar Decisions
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
Rahul Neel Mani
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your Decision
Cylance
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
Liberteks
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshare
Scalar Decisions
 

Recomendados

Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security Study
Scalar Decisions
 
The Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian OrganizationsThe Cyber Security Readiness of Canadian Organizations
The Cyber Security Readiness of Canadian Organizations
Scalar Decisions
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
Tracey Ong
 
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
2016 Scalar Security Study: The Cyber Security Readiness of Canadian Organiza...
Scalar Decisions
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
Rahul Neel Mani
 
Embracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your DecisionEmbracing Threat Intelligence and Finding ROI in Your Decision
Embracing Threat Intelligence and Finding ROI in Your Decision
Cylance
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
Liberteks
 
Scalar cloud study2016_slideshare
Scalar cloud study2016_slideshareScalar cloud study2016_slideshare
Scalar cloud study2016_slideshare
Scalar Decisions
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance
Accenture Insurance
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk Management
Priyanka Aash
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
 
Scalar - a brief introduction
Scalar - a brief introductionScalar - a brief introduction
Scalar - a brief introduction
Scalar Decisions
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
Priyanka Aash
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attention
Ramón Gómez de Olea y Bustinza
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreat
Katherine Johnston, CFE
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - Overview
Silicon Valley Bank
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation Report
Silicon Valley Bank
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in CybersecurityMT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
Dell EMC World
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe Security
Rahul Tyagi
 
Cyber-attacks
Cyber-attacksCyber-attacks
Cyber-attacks
The Economist Media Businesses
 
HEMISPHERE SMB Case Study
HEMISPHERE SMB Case StudyHEMISPHERE SMB Case Study
HEMISPHERE SMB Case Study
Carter Schoenberg
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
Priyanka Aash
 
Deliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data SecurityDeliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data Security
SPLICE Software
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers Mindset
CrowdStrike
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Hewlett Packard Enterprise Business Value Exchange
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program Effectiveness
Doug Copley
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIs
Steven Aiello
 
Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015
Scalar Decisions
 
Cloud Perspectives - Ottawa Seminar - Oct 6
Cloud Perspectives - Ottawa Seminar - Oct 6Cloud Perspectives - Ottawa Seminar - Oct 6
Cloud Perspectives - Ottawa Seminar - Oct 6
Scalar Decisions
 

Mais conteúdo relacionado

Mais procurados

2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
Proofpoint
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe Security
Rahul Tyagi
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers Mindset
CrowdStrike
 

Mais procurados (20)

2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk Management
 
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ... 2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
2020 Cost of Insider Threats Global Report with Dr. Larry Ponemon, Chairman ...
 
Scalar - a brief introduction
Scalar - a brief introductionScalar - a brief introduction
Scalar - a brief introduction
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
 
Cyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attentionCyber security: Five leadership issues worthy of board and executive attention
Cyber security: Five leadership issues worthy of board and executive attention
 
MP_OneSheet_VulnThreat
MP_OneSheet_VulnThreatMP_OneSheet_VulnThreat
MP_OneSheet_VulnThreat
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - Overview
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation Report
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in CybersecurityMT118 Risk Intelligence - Making the Right Choices in Cybersecurity
MT118 Risk Intelligence - Making the Right Choices in Cybersecurity
 
How close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe SecurityHow close is your organization to being breached | Safe Security
How close is your organization to being breached | Safe Security
 
Cyber-attacks
Cyber-attacksCyber-attacks
Cyber-attacks
 
HEMISPHERE SMB Case Study
HEMISPHERE SMB Case StudyHEMISPHERE SMB Case Study
HEMISPHERE SMB Case Study
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
 
Deliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data SecurityDeliver the ‘Right’ Customer Experience without Compromising Data Security
Deliver the ‘Right’ Customer Experience without Compromising Data Security
 
State of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers MindsetState of Endpoint Security: The Buyers Mindset
State of Endpoint Security: The Buyers Mindset
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program Effectiveness
 
4 Cyber Security KPIs
4 Cyber Security KPIs4 Cyber Security KPIs
4 Cyber Security KPIs
 

Destaque

Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2
Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2
Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2
Cisco Russia
 
ION Sri Lanka - DANE: The Future of TLS
ION Sri Lanka - DANE: The Future of TLSION Sri Lanka - DANE: The Future of TLS
ION Sri Lanka - DANE: The Future of TLS
Deploy360 Programme (Internet Society)
 
Introduction to ICTA - Org Study Presentation
Introduction to ICTA - Org Study Presentation Introduction to ICTA - Org Study Presentation
Introduction to ICTA - Org Study Presentation
Jackseen Jeyaluck
 
[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime
Challenge:Future
 

Destaque (20)

Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015Cyber Security trends and tactics for 2015
Cyber Security trends and tactics for 2015
 
Cloud Perspectives - Ottawa Seminar - Oct 6
Cloud Perspectives - Ottawa Seminar - Oct 6Cloud Perspectives - Ottawa Seminar - Oct 6
Cloud Perspectives - Ottawa Seminar - Oct 6
 
Keys to success and security in the cloud
Keys to success and security in the cloudKeys to success and security in the cloud
Keys to success and security in the cloud
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...Scalar Case Study: Strong Project Management Helps McMaster University Succes...
Scalar Case Study: Strong Project Management Helps McMaster University Succes...
 
Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2
Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2
Новые решения для сетей предприятий в области коммутации и маршрутизации.Часть 2
 
Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security report
 
The Lanka Gate Initiative
The Lanka Gate InitiativeThe Lanka Gate Initiative
The Lanka Gate Initiative
 
ISOC Sri Lanka Way Forward
ISOC Sri Lanka Way ForwardISOC Sri Lanka Way Forward
ISOC Sri Lanka Way Forward
 
HRM RELATED USE OF ICT IN JUDICIARY
HRM RELATED USE OF ICT IN JUDICIARYHRM RELATED USE OF ICT IN JUDICIARY
HRM RELATED USE OF ICT IN JUDICIARY
 
IGF Sri Lanka
IGF Sri LankaIGF Sri Lanka
IGF Sri Lanka
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
 
ION Sri Lanka - DANE: The Future of TLS
ION Sri Lanka - DANE: The Future of TLSION Sri Lanka - DANE: The Future of TLS
ION Sri Lanka - DANE: The Future of TLS
 
Introduction to ICTA - Org Study Presentation
Introduction to ICTA - Org Study Presentation Introduction to ICTA - Org Study Presentation
Introduction to ICTA - Org Study Presentation
 
[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime[Challenge:Future] Rallying Youth Against Cyber Crime
[Challenge:Future] Rallying Youth Against Cyber Crime
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Scalar Technical session - Network Functions Virtualization leveraging Brocade
Scalar Technical session - Network Functions Virtualization leveraging BrocadeScalar Technical session - Network Functions Virtualization leveraging Brocade
Scalar Technical session - Network Functions Virtualization leveraging Brocade
 
Scalar customer case study: Rainmaker Entertainment
Scalar customer case study: Rainmaker EntertainmentScalar customer case study: Rainmaker Entertainment
Scalar customer case study: Rainmaker Entertainment
 

Semelhante a 2016 Scalar Security Study Roadshow

Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
IBM Security
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
Peggy Lawless
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveySecurity Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Qualys
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Jeremiah Grossman
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
CrowdStrike
 
Payments Card Fraud Challenges in Digital and Online Sales
Payments Card Fraud Challenges in Digital and Online SalesPayments Card Fraud Challenges in Digital and Online Sales
Payments Card Fraud Challenges in Digital and Online Sales
Christopher Uriarte
 
2014 Digital Marketing Landscape Study: The Power of Digital Experiences
2014 Digital Marketing Landscape Study: The Power of Digital Experiences2014 Digital Marketing Landscape Study: The Power of Digital Experiences
2014 Digital Marketing Landscape Study: The Power of Digital Experiences
ion interactive
 

Semelhante a 2016 Scalar Security Study Roadshow (20)

Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune SystemCybersecurity in the Cognitive Era: Priming Your Digital Immune System
Cybersecurity in the Cognitive Era: Priming Your Digital Immune System
 
SolarWinds Federal Cybersecurity Survey 2017: Government Regulations, IT Mode...
SolarWinds Federal Cybersecurity Survey 2017: Government Regulations, IT Mode...SolarWinds Federal Cybersecurity Survey 2017: Government Regulations, IT Mode...
SolarWinds Federal Cybersecurity Survey 2017: Government Regulations, IT Mode...
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveySecurity Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
 
Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security Passwordless is Possible - How to Remove Passwords and Improve Security
Passwordless is Possible - How to Remove Passwords and Improve Security
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
 
P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security ThreatsWebinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security Threats
 
Payments Card Fraud Challenges in Digital and Online Sales
Payments Card Fraud Challenges in Digital and Online SalesPayments Card Fraud Challenges in Digital and Online Sales
Payments Card Fraud Challenges in Digital and Online Sales
 
2018 U.S State of Cybercrime
2018 U.S State of Cybercrime2018 U.S State of Cybercrime
2018 U.S State of Cybercrime
 
ISACA and RSA CSX Presentation from the RSA 2015 Conference
ISACA and RSA CSX Presentation from the RSA 2015 Conference ISACA and RSA CSX Presentation from the RSA 2015 Conference
ISACA and RSA CSX Presentation from the RSA 2015 Conference
 
2014 Digital Marketing Landscape Study: The Power of Digital Experiences
2014 Digital Marketing Landscape Study: The Power of Digital Experiences2014 Digital Marketing Landscape Study: The Power of Digital Experiences
2014 Digital Marketing Landscape Study: The Power of Digital Experiences
 
SolarWinds Federal Cybersecurity Survey 2016
SolarWinds Federal Cybersecurity Survey 2016SolarWinds Federal Cybersecurity Survey 2016
SolarWinds Federal Cybersecurity Survey 2016
 
2018 State of Cyber Resilience - New York
2018 State of Cyber Resilience - New York2018 State of Cyber Resilience - New York
2018 State of Cyber Resilience - New York
 
2017 Scalar Security Study Summary
2017 Scalar Security Study Summary2017 Scalar Security Study Summary
2017 Scalar Security Study Summary
 
Cyber TPRM - the journey ahead
Cyber TPRM - the journey aheadCyber TPRM - the journey ahead
Cyber TPRM - the journey ahead
 

Mais de Scalar Decisions

Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Decisions
 

Mais de Scalar Decisions (18)

La transformation numérique de Scalar
La transformation numérique de ScalarLa transformation numérique de Scalar
La transformation numérique de Scalar
 
Digital Transformation
Digital TransformationDigital Transformation
Digital Transformation
 
Résumé de l’étude sur la sécurité de Scalar 2016
Résumé de l’étude sur la sécurité de Scalar 2016Résumé de l’étude sur la sécurité de Scalar 2016
Résumé de l’étude sur la sécurité de Scalar 2016
 
Optimize IT Infrastructure
Optimize IT InfrastructureOptimize IT Infrastructure
Optimize IT Infrastructure
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Web scale with-nutanix_rev
Web scale with-nutanix_revWeb scale with-nutanix_rev
Web scale with-nutanix_rev
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 
Cloudforms Workshop
Cloudforms WorkshopCloudforms Workshop
Cloudforms Workshop
 
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
 
XtremIO
XtremIOXtremIO
XtremIO
 
Hyperconverged Infrastructure: The Leading Edge of Virtualization
Hyperconverged Infrastructure: The Leading Edge of VirtualizationHyperconverged Infrastructure: The Leading Edge of Virtualization
Hyperconverged Infrastructure: The Leading Edge of Virtualization
 
The road to clustered data ontap.
The road to clustered data ontap.The road to clustered data ontap.
The road to clustered data ontap.
 
Where Technology Meets Medicine: SickKids High Performance Computing Data Centre
Where Technology Meets Medicine: SickKids High Performance Computing Data CentreWhere Technology Meets Medicine: SickKids High Performance Computing Data Centre
Where Technology Meets Medicine: SickKids High Performance Computing Data Centre
 
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am GamesScalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
Scalar Customer Case Study: Toronto 2015 Pan Am/Parapan Am Games
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
Sheridan College: Scalar Customer Case Study
Sheridan College: Scalar Customer Case StudySheridan College: Scalar Customer Case Study
Sheridan College: Scalar Customer Case Study
 
City of Airdrie: Scalar Customer Case Study
City of Airdrie: Scalar Customer Case StudyCity of Airdrie: Scalar Customer Case Study
City of Airdrie: Scalar Customer Case Study
 

Último

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Último (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 

2016 Scalar Security Study Roadshow

  • 1. Toronto February  25,   2016 2016  Security  Roadshow
  • 2. The  2016  Scalar  Security  Study
  • 3. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   3 Purpose  of  the  Study § How  prepared  are  Canadian   organizations  to  deal  with  cyber  attacks? § How  have  cyber  attacks  changed  over   the  past  year? § What  is  the  cost  of  cyber  attacks  to   Canadian  organizations? § What  are  the  most  effective  ways  to   reduce  cyber  security  risk?
  • 4. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   4 Study  Scope § 100%  Canadian § 654  qualified  responses § Security-­savvy  respondents § Medium-­to-­large  organization  focused   (25%  >  $1B  revenue) § 18  industries § Global  presence
  • 5. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   5 Why  Canadian  Data  Matters § US  studies  reveal  individual  breach   costs  in  the  millions § Regulatory  landscape § Different  cyber  attack  profile  in  Canada § Canadian  companies  differ § Size § Culture § Budgets § Access  to  resources
  • 6. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   6 Only  37% of  organizations  believe  they  are  winning   the  cyber  security  war § Attacker  sophistication  on  the  rise § More  attacks  reported § Greater  losses  of  data § Traditional  defenses  ineffective § Lack  of  advanced  technology § Skill  gap  persists Overall  – Lower  Confidence
  • 7. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   7 $7  Million Over  the  last  12  months,  cyber  security   compromises  cost  organizations  roughly § Average  40  incidents  per  year § 51%  reported  lost  sensitive  data § Increased  concern  of  cyber  crime § Inside  threats  specifically  concerning § Targeted  attacks  on  the  rise § Severity § Sophistication § Frequency Attacks  on  the  Rise
  • 8. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Most  Losses  Are  Indirect Breakdown  of  Losses 2015 2014 Cleanup or  remediation $766,667 $676,023 Lost  user  productivity $950,625 $987,191 Disruption to  normal  operations $1,061,818 $1,101,379 Damage  or  theft  of  IT  assets  and  infrastructure $1,638,663 $1,533,989 Damage  to  reputation $2,647,560 $2,586,941 Total $7,065,332 $6,885,523 § Within  each  category  15%-­20%  of   respondents  could  not  estimate  the  cost
  • 9. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Intellectual  Property  Losses  and  Competitive  Advantage 36% 33% 31%32% 30% 38% 0% 5% 10% 15% 20% 25% 30% 35% 40% Yes,  I  believe  it  has   caused  a  loss  of   competitive  advantage No,  it  hasn't  caused  a   loss  of  competitive   advantage Unsure 2015 2014 § 33%  reported  a   loss  of  IP  in  the   past  24  months § Criminals  were   ranked  as  “most   likely”  to  launch   an  attack § Insider  threats   ranked  very   important
  • 10. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Intellectual  Property  Losses 59% 43% 33% 30% 19% 7% 65% 46% 30% 33% 15% 8% 0% 10% 20% 30% 40% 50% 60% 70% Gut  feeling Appearance  of  copied  products  or   activities Emergence  of  new  competition Soured  deals  or  business  ventures Compromised  negotiations Other 2014 2015 § Average  between   $5M  and  $6M   annual  losses § Losses  are   supported  by   evidence  of   damage § Criminal  activity   affecting  business   deals
  • 11. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 70% 26% 4% 77% 20% 3% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Yes No Unsure 2015 2014 § 70%  of  threats   evaded  IDS  or   AV  systems § 82%  of   respondents   reported  threats   that  evaded  AV   systems § Confidence  in   “No”  response?
  • 12. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 80% 65% 49% 48% 46% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Web-­borne  malware  attacks Rootkits Advanced  persistent  threats   (APTs)/targeted  attacks Spear  phishing Clickjacking § Most  threats  are   considered   ”advanced” § Targeted  attacks   to  gain  access  to   data  (loss  of  IP) § Users  as  targets § High  number   exploits  >  3   months  old
  • 13. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 38% 54% 8% 0% 10% 20% 30% 40% 50% 60% Yes No Unsure 62% Cannot  confirm  that  they   are  able  to  detect  nor  stop   advanced  threats 46% Unsure  how  to  identify   APTs  as  cause  of  incidents
  • 14. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Interesting  Data  on  Advanced  Threats 60% 55% 44% 41% 29% 56% 49% 42% 38% 36% 0% 10% 20% 30% 40% 50% 60% 70% IT  downtime Business  interruption Theft  of  personal  information Exfiltration  of  classified  or  sensitive   information Nothing  happened 2014 2015 § Overwhelming   data  that   supports  losses   of  data  and   business   interruption § YET… 29%   believe  “nothing   happened”  as  a   result  of  APTs
  • 15. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Beyond  Technology 3.54 3.13 2.18 2.00 1.75 3.94 2.89 1.90 1.67 2.05 0.00 0.50 1.00 1.50 2.00 2.50 3.00 3.50 4.00 4.50 Insufficient  budget  (money) Lack  of  clear  leadership Lack  of  collaboration  with  other   functions Lack  of  in-­house  expertise Insufficient  personnel 2014 2015 § No  mention  of   technology  (except   lack  of  budget) § 93%-­95%  rank   experience  as   qualifier  for  experts § Collaboration   important  outside   of  IT  function
  • 16. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   Beyond  Technology 25% 33% 37% 23% 31% 40% 0% 5% 10% 15% 20% 25% 30% 35% 40% 45% Yes,  fully  aligned Yes,  partially  aligned No,  not  aligned 2015 2014 37% Of  Security  Strategies  NOT   aligned  with  the  business
  • 17. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   17 § Less  reliance  on  traditional  tools § Leverage  technology  to  achieve   visibility,  understanding  and  control § More  awareness  of  severity  and   frequency  of  attacks § Align  security  strategy  with  business   objectives Attributes  of  High  Performers
  • 18. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   18 § High  performing  organizations: § More  aware  of  threats § Spend  more  on  security § Measure  ROI  on  investment § Report  more  attacks § Suffer  fewer  losses § Beyond  the  numbers Driving  Successful  Outcomes
  • 19. ©  2016  Scalar  Decisions  Inc.  Not  for  distribution  outside  of  intended  audience.   19 Study  Conclusions § Conduct  risk  and  vulnerability  assessments  to  understand  probable  attack  vectors § Align  security  strategy  with  business  objectives,  and  secure  sufficient  funding  in   people,  process  and  technology § Invest  in  technologies  that  provide  visibility  understanding  and  control  to  detect   anomalies  in  your  environment § Invest  in  expert  skills  and  specialized  training  for  in-­house  teams;;  or  consider   leveraging  an  external  3rd  party  security  services  firm