Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 1 2009 Security Mega Trends Survey Independently conducted by Ponemon Institute.

Published byClyde Dixon Modified over 9 years ago

Similar presentations

Presentation on theme: "Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 1 2009 Security Mega Trends Survey Independently conducted by Ponemon Institute."— Presentation transcript:

1 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 1 2009 Security Mega Trends Survey Independently conducted by Ponemon Institute LLC

2 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 2 Ponemon Institute LLC The Institute is dedicated to advancing responsible information management practices that positively affect privacy and data protection in business and government. The Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations. Ponemon Institute is a full member of CASRO (Council of American Survey Research Organizations. Dr. Ponemon serves as CASRO’s chairman of Government & Public Affairs Committee of the Board. The Institute has assembled more than 50 leading multinational corporations called the RIM Council, which focuses the development and execution of ethical principles for the collection and use of personal data about people and households. The majority of active participants are privacy or information security leaders.

3 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 3 About the Study We asked respondents in IT operations and IT security to consider how eight Security Mega Trends affect their organizations today and during the next 12 to 24 months. Based on pre-survey interviews with IT experts, we selected the following eight Mega Trends: cloud computing, virtualization, mobility and mobile devices, cyber crime, outsourcing to third parties, data breaches and the risk of identity theft, peer-to-peer file sharing and Web 2.0 We learned what survey respondents believe to be the biggest threats to a company’s sensitive and confidential data over the next 12 to 24 months.

4 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 4 Security Mega Trends Mega Trend 1: Cloud computing Cloud computing refers to solutions owned by third-parties on data center locations outside the end-user company’s IT infrastructure. The demand for cloud computing is expanding quickly, especially as the cost of remote connectivity decreases. Mega Trend 2: Virtualization Allows end-users to access multiple secure networks from a single computer, wherein the PC or laptop essentially acts as a hardware authentication token. With one computer, the end-user is able to gain access to separate virtual devices or machines. Virtualization makes server and operating system deployments more flexible and improves the use of storage and systems resources. Mega Trend 3: Mobility Organizations are dependent upon a mobile workforce with access to information no matter where they work or travel. Typically, employees use the following: laptops, VPNs, PDAs, cell phones and memory sticks.

5 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 5 Security Mega Trends Mega Trend 4: The external threat of organized cyber criminal syndicates Cyber crime usually describes criminal activity in which the computer or network is an essential part of the illegal criminal activity. This term also is used to include traditional crimes in which computers or networks are used to enable the illicit activity. Mega Trend 5: Outsourcing to third parties Organizations outsource sensitive and confidential customer and employee data to vendors and other third parties to reduce processing costs and improve operating efficiencies. Mega Trend 6: Data breaches involving personal information are increasing The Federal Trade Commission reports that the number one consumer complaint is the theft of identity. It addition to potential fines, organizations risk the loss of customer confidence and trust.

6 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 6 Security Mega Trends Mega Trend 7: Peer-to-peer file sharing P2P file sharing networks allow a group of computers to connect with each other and directly access files from one another's hard drives. P2P file- sharing networks can cause inadvertent transfers and disclosures of documents that reside on an organization’s computers and laptops. Mega Trend 8: Web 2.0 Web 2.0 refers to a plethora of Internet tools that enhance information sharing and collaboration among users. These concepts have led to the evolution of web-based communities and hosted services, such as social networking sites, wikis and blogs.

7 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 7 And, the biggest threats are: For the IT operations practitioner the biggest threats are: Outsourcing sensitive data to third parties Cyber Crime A mobile workforce For the IT security practitioner the biggest threats are: Data breaches Access to cloud computing Outsourcing sensitive data to third parties

8 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 8 IT Operations Mega trend risk rating today and 12 to 24 months in the future

9 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 9 IT Security Mega trend risk rating today and 12 to 24 months in the future

10 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 10 Two Samples Our study utilized two separate sampling frames (panels) built from conference, association and professional certification lists. Web-based survey responses were captured on a secure extranet platform. We utilized two separate samples of U.S. participants: –IT operations: 825 (5.7% response) –IT security: 577 (5.0% response) Less than 1% rejection rate because of reliability failures. Respondents in both groups were asked to complete the same survey instrument. Margin of error is ≤ 3% on all adjective or yes/no responses for both samples Sample descriptionIT OperationsIT Security Total sampling frames14,51811,506 Bounce-back3,9572,109 Total returns915658 Rejected surveys9081 Final sample825577 Response rate5.7%5.0%

11 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 11 Mega Trends Comparison of IT Operations and IT Security Samples – Current Outlook

12 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 12 Mega Trends Comparison of IT Operations and IT Security Samples – Future Outlook

13 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 13 Mega Trend: Outsourcing Causes Data Breach

14 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 14 Cyber Crime Experience

15 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 15 Mega Trend: Cyber Crime Will Increase

16 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 16 Most Risky Mobile Devices

17 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 17 Mega Trend: Mobile Workforce Increases Security Risk

18 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 18 Confidence in the Ability to Prevent Data Loss

19 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 19 Mega Trend: Data Breach on the Rise

20 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 20 Security Risks Due to Data Breach

21 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 21 Mega Trend: P2P File Sharing Causes Security Risk

22 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 22 Mega Trend: Web 2.0 Use Increases Security Risk

23 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 23 Mega Trend: Virtualization

24 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 24 Recommendations In our study, IT operations and security practitioners ranked the mega trends they believe pose a high or very high risk to sensitive and confidential information. To address these risks, we recommend the following: –Create and enforce policies that ensure access to private data files is restricted to authorized parties only. –Secure corporate endpoints to protect against data leakage and malware. –Make sure third parties who have access to your sensitive and confidential information take appropriate security precautions. –Train employees and contractors to understand their responsibility in the protection of data assets. –Ensure that mobile devices are encrypted and that employees understand the organizations’ policies with respect to downloading sensitive information and working remotely. –Understand precautions that should be taken when traveling with laptops, PDAs and other data bearing devices.

25 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 25 Samples’ Organizational Characteristics

26 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 26 Samples’ Combined Industry Distribution

27 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 27 Sample Characteristics The mean experience level for the IT operations sample is 8.9 years and for the IT security sample is 9.4 years. Table 2 What organizational level of respondentsIT OperationsIT Security Senior Executive1%0% Vice President2% Director21%24% Manager24%26% Associate/Staff/Technician45%39% Consultant4%6% Other2%3% Total100%

28 Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 28 Table 3a Geographic locationPct% Northeast20% Mid-Atlantic19% Midwest19% Southeast13% Southwest14% Pacific17% Total 100% Table 3b. Organizational headcountPct%. Less than 500 people2% 500 to 1,000 people4% 1,001 to 5,000 people12% 5,001 to 25,000 people29% 25,001 to 75,000 people34% More than 75,000 people19% Total 100% Sample Characteristics 60% of respondents are male and 40% female.

Download ppt "Sponsored by Lumension Ponemon Institute© Private & Confidential Document Page 1 2009 Security Mega Trends Survey Independently conducted by Ponemon Institute."

Similar presentations

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Mobile Devices and Wireless Tracy Jackson Liz Nenni Matt Hinson Chris Eiben.

Mobile Devices and Wireless Tracy Jackson Liz Nenni Matt Hinson Chris Eiben.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Which server is right for you? Get in Contact with us 021- 671 2170

Which server is right for you? Get in Contact with us
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
The New World of Security for Business Travellers Anurag Lal Senior Vice President Strategic Services & Business Development Wi-Fi Business Development.

The New World of Security for Business Travellers Anurag Lal Senior Vice President Strategic Services & Business Development Wi-Fi Business Development.
Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.

Supervisor : Mr. Hadi Salimi Advanced Topics in Information Systems Mazandaran University of Science and Technology February 4, 2011 Survey on Cloud Computing.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
Cloud Computing Will Crowley Monica Lopez Jaimie Morrison.

Cloud Computing Will Crowley Monica Lopez Jaimie Morrison.
1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.

1. 2 New Computing Models, and What They Mean to the Small and Mid Sized Business Consumer How your business can make practical decisions between “The.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 1: Exploring the Network Introduction to Networks.
Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Office 365: Efficient Cloud Solutions Wednesday March 12, 9AM Chaz Vossburg / Gabe Laushbaugh.

Similar presentations

Ads by Google