Top 5 Cyber Security Findings by Experts You Can’t Afford to Miss

facebook.com/appknox

twitter.com/appknox

IBM X-Force Threat Intelligence Report 20165

42.7%

18%

15.1%

7.7%

5.2%

4.1%

2.9%

2.2%

1.1%

0.7%

Undisclosed

Malware

DDoS

Misconfiguration

Malvertising

SQLi

Phishing

Physical access

Watering hole

Brute force

Most-common Attack Types

Computer Services

Retail

Healthcare

Media and Entertainment

Financial markets

Travel and Transportation

Government

Education

Telecommunications

Non-profit

Professional services

Energy and Utilities

Industrial Products

30.2%

14.7%

9.2%

8.5%

7.7%

7.7%

7.4%

4.8%

4.8%

2.2%

1.8%

0.7%

Most-commonly Attacked Industries

0.4%

The phrase “We take your security very seriously” was an oft-used mantra throughout the year, though it was unfortunately often followed with “but regret to inform you,” as hundreds of millions of individuals discovered their private information had been stolen

Identity Theft Resource Center Data Breach Report

4

The ITRC defines a data breach as an incident in which an individual name plus a Social Security number, driver’s license number, medical record or financialrecord (credit/debit cards included) is potentially put at risk because of exposure. This exposure can occur either electronically or in paper format

Data Breach

Banking/Credit/Financial

No. of breaches Records exposed

Business

Educational

Government

Medical/Healthcare

43

4,382

15

8

40

109,883

302,410

102,828

1,269,890

4

Category

Total 110 1,789,393

(2016 Breaches identified by the ITRC as of 3/1/2016)

In the healthcare industry in particular, unencrypted lost and stolen devices are a big problem

of industries have experienced a PHI breach

The fact that an organization is not in the healthcare industry or isn’t a HIPAA-covered entity doesn’t mean that it’s not at risk of a PHI data breach

Verizon - 2015 Protected Health Information Data Breach Report 3

for half of the population of the United States has been impacted by breaches since 2009PHI

90%

Just one mobile device infected with malware can cost an organization on average $9,485

$21,042 is the average cost to investigate, contain and remediate from a potential financial breach on an employee's mobile device

The root cause of many of today’s data breaches is an employee’s mobile device

Ponemon Institute LLC - The Economic Risk of Confidential Data on Mobile Devices in the Workplace

2

Mobile risk is a real number. Of the 53,844 mobile devices in the average Global 2000 enterprise, 1700 of those devices are infected by malware at any given time

38%In 2015, 38% more security incidents were detected than in 2014

Theft of “hard” intellectual property increased 56% in 2015

While employees remain the most cited source of compromise, incidents attributed to business partners climbed 22%

Many executives are declaring cyber as the risk that will define our generation- Dennis Chesley, Global Risk Consulting Leader, PwC

PwC - The Global State of Information Security® Survey 2016

1

56%

22%