insights from 2016 cyberthreat defense report
TRANSCRIPT
2016 Cyberthreat Defense Report
Mark Bouchard, CISSPCOO, CyberEdge Group
www.cyber-edge.com
800.327.8711
@CyberEdgeGroup
Sponsored inpart by:
Presenters
2
Mark BouchardCOO, CyberEdge Group
Deepak PatelDirector of Security Strategy, Imperva
About The Cyberthreat Defense Report
3
• 26-question online survey conducted in Nov 2015
• IT security decision maker or practitioner• Employed by organization with at least 500
employees• Survey designed to assess:
• Organization’s security posture• Perceptions of cyberthreats and cyberthreat
defenses• Attack surface reduction strategies• Future security plans
Survey Demographics
4
Survey participation by organization employee count• Global participation
• 40% US/Canada• 30% Europe• 20% Asia-Pacific• 10% Latin America
• Representing >19 industries• Mix of management and practitioners• Nearly half from organizations with >5,000
employees
Key Findings
5
Infographic Available Now!• 76% hit by a successful attack in 2015• 62% expecting to get hit again in 2016• Security budgets growing for 74%• Malware and spear phishing continue to
cause headaches• 86% dissatisfied with their current
endpoint anti-malware solution• Many backpedaling on BYOD
Rising Cyberattacks
6
76% were affected by a successful cyberattack in 2015 …
Sinking Expectations
7
… and 62% expect to be victimized again in 2016!
Security Posture by IT Domain
8
Mobile devices are perceived as IT security’s “weakest link,” followed by social media apps and laptops.
Cyberthreat Headaches
9
Cause for Concern
10
Only 30% are confident in their organization’s ability to monitor privileged users.
Inadequate Endpoint Defenses
11
86% are looking to replace or augment their current endpoint anti-malware solution.
Security’s Biggest Obstacles
12
“Low security awareness among employees” is the biggest obstacle for security for the third consecutive year.
Application- and Data-centric Technologies
13
Application security testing leads the way for app/data security in 2016.
Network Security Technologies
14
Threat intelligence services are a top acquisition target for 2016.
Threat Intelligence Practices
15
Blocking more threats remains the dominant use case for threat intelligence services.
The Road Ahead
16
• Board-level attention and healthy/growing budgets are providing a golden opportunity to progress security agendas … good areas for investment include:
• Cloud access security brokers• Social media brokers, too
• Advanced web app protection• Special “flavors” of threat intelligence
• User-centric security• Renewed IAM• User/entity behavior analytics
• Cyberthreat hunting• Proactively find threats• Proactively “war-game” new defense strategies
Report and Infographic Available Now!
17
Connect to www.imperva.com/go/cdr to download the complete report!
© 2016 Imperva, Inc. All rights reserved.
About Imperva
18
© 2016 Imperva, Inc. All rights reserved.19
Imperva Mission
Discoverwhat sensitive data
lives where, and who has what access
rights to it
Protectsensitive data by
monitoring – in real-time – exactly who is
accessing exactly what
Complyby easily documenting
access rights and proving who did and did not access what
© 2016 Imperva, Inc. All rights reserved.20
Web Security
Data Security
Breach Detection
Cloud Security
Breach DetectionUser behavior analytics and machine learning
Web SecurityDDoS Protection and Web Application Protection
Data SecuritySensitive data access monitoring and control
Cloud SecurityVisibility and control of cloud-based apps
Imperva Security