Upload
idgenterprise
View
367
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Insiders or Outsiders? Viruses or phishing attacks? It doesn’t seem to matter as organizations continue to be hit from all directions when it comes to cybersecurity, according to the 2015 U.S. State of Cybercrime survey, recently conducted by CSO, PwC, the U.S. Secret Service, and the CERT Division of Software Engineering Institute at Carnegie Mellon University.The below infographic illustrates the results from this year’s survey including a deep dive into the origins, effects and causes of cybercrime.For more information on the survey or to see a .pdf of the results, please contact Sue Yanovitch at [email protected]
Citation preview
CSOs Uphill Battle Against Cybercrime Continues
Concern about cybersecurity is only growing
of organizations have experienced a cybersecurity event in the past 12 months.
79%
Estimated financial loss from cybersecurity events forenterprise organizations (1,000+ employees) was an average of
$471,000of enterprise organizations say they could not estimate the financial impact after detecting a security incident.
69%
76%59%
were more concerned about cybersecurity
threats in 2014.
are more concerned about cybersecurity
threats today.
Firewalls SPAM Filtering Network-based Anti-virus
Electronic Access Control System
Complex Passwords
*****
say from the time an intrusion began to the time it was discovered, was less than 1 day.
Just 23%
discovered it in less than 1 week. 49%
either still do not have securitypolicies and procedures in place or don't know or don't if they do.
1in10
Some CSOs Starting to Find Ally with Government
received a cyber-threat briefing or visit from agovernment agency/law enforcement in the past12 months.
26%of those participating in the briefings from government agencies say it improved ability to defend themselves from cybercrimes.
71%}25%
25%
Participate in Information Sharing and Analysis Center activities
Dont know
50%Participate in programs designed to share security information.
CYBERCRIMERemains a Clear and Present
DANGER
Most Eective Technologies in Detecting/Countering Security Events:
*****
Security Incident Frequency Continues to Intensify
On average, there were
security incidents per organization in the last 12 months; an increase from 135 on average last year.
163Enterprises fared worse, averaging
incidents in the last 12 months. Almost 1 event each day!
305
identified third-party vendors as the biggest risk to their supply chain/business ecosystem.62%(45%) of enterprises saw an increase in
cybersecurity events from this year to last.
Nearly Half
of all organizations saw an increase in cybersecurity events within the organization in the last12 months.
26%
Who are Biggest Culprits? Insiders or Outsiders?Top 3 known cybersecurity attacks of last 12 months:
Virus, worms, or othermalicious code introduced
to organization
Phishing attacks Spyware implanted
of cybersecurity events are from outsiders
77%On average,
33%
30% 37%
Cybercrimes more costly/damaging when caused by:
Dont know/Not sure
InsiderOutsiders
Top mechanisms used by INSIDERS in committing cybercrimes last 12 months:
Social engineering
Compromised an account
Download information to home computer
Laptops
of the time, unintentionally exposed private information comes from insiders.
52%unintentionally coming from outsiders.
Only 15%
Source: 2015 U.S. State of Cybercrime Survey from CSO, PwC, U.S. Secret Service, and CERT Division of Software Engineering Institute at Carnegie Mellon University
More than 500 U.S. executives, security expertsresponded to the 2015 U.S. State of Cybercrime Survey.
} of phishing attacks originate from outsiders.
55%believe they have the expertise to address additional cyber risks as a result of new technologies primarily from the SMAC stack (Social, Mobile, Analytics, Cloud)
78%
To learn more about cybercrime and the results of this study, please contact Sue Yanovitch, VP Marketing, IDG Enterprise at: [email protected]
To learn more about CSO and sponsorship opportunities please visit www.IDGEnterprise.com