top 5 cyber security findings by experts you can’t afford to miss
TRANSCRIPT
Top 5 Cyber Security Findings by Experts You Can’t Afford to Miss
facebook.com/appknox
twitter.com/appknox
IBM X-Force Threat Intelligence Report 20165
42.7%
18%
15.1%
7.7%
5.2%
4.1%
2.9%
2.2%
1.1%
0.7%
Undisclosed
Malware
DDoS
Misconfiguration
Malvertising
SQLi
Phishing
Physical access
Watering hole
Brute force
Most-common Attack Types
Computer Services
Retail
Healthcare
Media and Entertainment
Financial markets
Travel and Transportation
Government
Education
Telecommunications
Non-profit
Professional services
Energy and Utilities
Industrial Products
30.2%
14.7%
9.2%
8.5%
7.7%
7.7%
7.4%
4.8%
4.8%
2.2%
1.8%
0.7%
Most-commonly Attacked Industries
0.4%
The phrase “We take your security very seriously” was an oft-used mantra throughout the year, though it was unfortunately often followed with “but regret to inform you,” as hundreds of millions of individuals discovered their private information had been stolen
Identity Theft Resource Center Data Breach Report
4
The ITRC defines a data breach as an incident in which an individual name plus a Social Security number, driver’s license number, medical record or financialrecord (credit/debit cards included) is potentially put at risk because of exposure. This exposure can occur either electronically or in paper format
Data Breach
Banking/Credit/Financial
No. of breaches Records exposed
Business
Educational
Government
Medical/Healthcare
43
4,382
15
8
40
109,883
302,410
102,828
1,269,890
4
Category
Total 110 1,789,393
(2016 Breaches identified by the ITRC as of 3/1/2016)
In the healthcare industry in particular, unencrypted lost and stolen devices are a big problem
of industries have experienced a PHI breach
The fact that an organization is not in the healthcare industry or isn’t a HIPAA-covered entity doesn’t mean that it’s not at risk of a PHI data breach
Verizon - 2015 Protected Health Information Data Breach Report 3
for half of the population of the United States has been impacted by breaches since 2009PHI
90%
Just one mobile device infected with malware can cost an organization on average $9,485
$21,042 is the average cost to investigate, contain and remediate from a potential financial breach on an employee's mobile device
The root cause of many of today’s data breaches is an employee’s mobile device
Ponemon Institute LLC - The Economic Risk of Confidential Data on Mobile Devices in the Workplace
2
Mobile risk is a real number. Of the 53,844 mobile devices in the average Global 2000 enterprise, 1700 of those devices are infected by malware at any given time
38%In 2015, 38% more security incidents were detected than in 2014
Theft of “hard” intellectual property increased 56% in 2015
While employees remain the most cited source of compromise, incidents attributed to business partners climbed 22%
Many executives are declaring cyber as the risk that will define our generation- Dennis Chesley, Global Risk Consulting Leader, PwC
PwC - The Global State of Information Security® Survey 2016
1
56%
22%