SlideShare a Scribd company logo

The State of Endpoint Security Today

Download as PPTX, PDF
J
Justine Shaffer

Read the results from an independent survey of 2,700 IT decision makers as we examine endpoint security. Get an in-depth look at the state of ransomware and other exploits, including costs, industries most affected, and what's on the horizon to stop attacks.

Technology
1 of 51
The State of Endpoint Security Today January 2018
About This Survey 2 • An independent survey of 2,700 IT decision makers • Commissioned by Sophos • Conducted by Vanson Bourne, a UK-based research house • Interviews conducted in October and November 2017
Demographics 3 2,700 IT decision makers split in the following ways... Respondent country Organization size Organization sector 13501350 100-1,000 employees 1,001-5,000 employees 461 389 338 298 293 276 203 142 82 72 66 80 IT, technology and telecoms Retail, distribution and transport Manufacturing and production Financial services Business and professional services Public sector Energy, oil/gas and utilities Construction and property Media, leisure and entertainment Healthcare products and technologies Private education Other commercial sector 500 300 300 300 300 200 200 200 200 200 US UK France Germany India Canada Mexico Australia Japan South Africa
Ransomware 4
Executive Summary 5 Attacks Target Cost Protections Geography 54% of organizations were hit. Average two hits per organization Median impact per organization ≈ US$133K (£100K) Healthcare was the top target followed by Energy, Professional Services, Retail India was the most-target country, followed by Mexico, U.S., Canada 77% running up-to-date antivirus when hit. 54% do not have anti-ransomware tech
We Live in the Shadow of Ransomware Sophos global research - research results 6 54% 31% 14% 1% Yes No, but we expect to in the future No and we do not expect to Don't know Has your organization been hit by ransomware? 54% Organizations were hit by ransomware in the last year 85% Organizations have either been hit or expect to be hit by ransomware
Unlike Lightning, Ransomware Does Strike Twice Sophos global research - research results 7 Average number of times organizations were hit by ransomware in the last year 2 • On average, affected organizations were hit by ransomware twice in the last year • Multiple adversaries targeting each organization • Attackers are no longer removing previous victims from their target lists
There are No Safe Havens from Ransomware 67% 65% 60% 59% 54% 51% 48% 48% 45% 41% India Mexico US Canada South Africa Germany France Australia UK Japan Hit by ransomware, by country • Every country has suffered significant levels of ransomware attacks • The top targets for ransomware are India, Mexico, U.S., Canada • North America and India are attractive targets due to high levels of GDP, English speakers, and internet users • Japanese organizations are least likely to be hit by ransomware (41%) • Language challenges and uniqueness make Japan a less attractive target
Healthcare is the #1 Victim of Ransomware 9 54% 76% 65% 59% 58% 55% 54% 51% 49% 48% 48% 47% 45% Total Healthcare products and technologies Energy, oil/gas and utilities Business and professional services Retail, distribution and transport IT, technology and telecoms Public sector Manufacturing and production Construction and property Media, leisure and entertainment Other commercial sector Private education Financial services Yes, we have been hit by ransomware in the last 12 months Hit by ransomware, by sector • Healthcare is the industry most likely to fall victim to a ransomware with (76%) hit in the last year • Financial services are least likely to have suffered a breach – but still over 4 in 10 have fallen victim • While both sectors holding high value data, reasons for this difference include: • Healthcare targeted more than financial services • Weaker IT infrastructure perceived as a soft target • Perception that victims are more likely to pay • Healthcare has weaker IT defenses • Aging infrastructure creates security holes • Restricted resources impacts use of security technologies
Traditional Endpoint Protection Alone is Not Enough 10 77% Organizations hit by ransomware were running up-to-date endpoint security at the time of attack Endpoint protection status Total Running up-to-date endpoint protection 77% Not running up-to-date endpoint protection 21% Don’t know 1% Base 1468
54% of Organizations Remain at High Risk of Ransomware 46% 45% 7% 1% 1% 0% 10% 20% 30% 40% 50% Anti-ransomware technology is important on the endpoint and we already have it Anti-ransomware technology is important on the endpoint and we plan to implement it Anti-ransomware technology is important on the endpoint but we don’t have plans to implement it Anti-ransomware technology is not important on the endpoint Don’t know • Almost everyone agrees that having anti- ransomware technology on the endpoint is important (98%) • Despite that, 54% of organizations do not have anti-ransomware technology in place, putting them at greater risk of infection
Level of Investment in Protection Varies by Sector 12 • Energy, oil/gas, and utilities and healthcare are the sectors that have invested most significantly in anti- ransomware technology • High value targets for criminals • Bespoke, very expensive equipment running on old technology (MRI scanners, drills) • Media, public sector and private education are least likely to have invested in anti-ransomware technology. Possible reasons include: • Budget constraints – particularly public sector • Lack of awareness of need • Limited IT resources Average Business and Pro Services Construction / property Energy, oil / gas, utilities Financial services Health IT, tech, telecoms Manu- facturing Media, leisure, entertain Public sector Private education Retail, distribution transport Other Anti-ransomware technology is important on the endpoint and we already have it 46% 47% 46% 53% 52% 53% 44% 46% 38% 39% 35% 46% 51% Anti-ransomware technology is important on the endpoint and we plan to implement it 45% 42% 46% 42% 41% 42% 47% 46% 51% 50% 45% 43% 36%
The Healthcare Conundrum: Biggest Victims, Largest Investors in Prevention 13 • Despite healthcare having the highest propensity to suffer an attack (76%), it is also the sector with the highest level of anti-ransomware protection in place (53%) • Reasons behind this apparent contradiction include: • Cybercriminals perceive healthcare as a soft target, and so disproportionately target this sector • Healthcare organizations often use old technology with weaker defenses, like MRI scanners that only run on old operating systems • Restricted IT resources – people, hardware, software – result in patchy security, so even when one part of healthcare organization has protection, there are still other ways for threats to get in • Not all anti-ransomware protection is the same. They may have anti-ransomware technology but it may not be enough to stop the threats • Healthcare organizations are learning from experience and have chosen to invest in anti- ransomware technology as a result of earlier breaches
Ransomware Comes with a BIG Bill 14 Estimated total cost of ransomware attack (converted from local currency) • Almost evenly split • 51% of businesses reporting cost < US$133,000 • 49% of businesses reporting cost > US$133,000 • The most common cost is between US$13,000 and US$70,000 • Nearly half (46%) incurred costs between US$13,000 and US$133,000 US$133,000 Median cost of a ransomware attack, including downtime, work hours, device cost, network cost, lost opportunities, and ransom payment 3% 5% 10% 15% 16% 21% 25% 5% Between US$6.6 million and US$13.3 million Between US$1.3 million and US$6.6 million Between US$663,000 and US$1.3 million Between US$332,000 and US$663,000 Between US$133,000 and US$332,000 Between US$70,000 and US$133,000 Between US$13,000 and US$70,000 Less than US$13,000
Ransomware Costs the U.S. More than the GDP of Jamaica 15 • Number of 100+ user organizations in USA: 129K (source: US census) • Percentage hit by ransomware in the last year: 60% (source: U.S. respondents to this survey) • Average number of ransomware attacks in last year: 2 (source: U.S. respondents to this survey) • Median cost to rectify a ransomware attack: US$120K (source: U.S. respondents to this survey) Cost of ransomware to U.S. businesses US$18.6 Billion (in 100+ user organizations) GDP of Jamaica US$14 Billion (World Bank)
The Sophos Perspective 16 • Inadequate protection: Despite a series of high-profile ransomware attacks in 2017, organizations are starting 2018 with inadequate protection against ransomware • Antivirus is not anti-ransomware: Not all anti-ransomware technology is the same. Organizations should make sure they have protection with dedicated anti-ransomware capabilities, rather than generic threat prevention, in order to be effectively protected against the #1 malware threat • 3rd party testing of unknown ransomware: To make it easier for organizations to make informed decisions on their anti-ransomware protection, Sophos calls for more independent testing of the efficacy of products in stopping previously unseen ransomware • Upgrade your technology: With a further ransomware surge predicted for 2018* fueled by Ransomware-as-a- Service (RaaS) and amplified by the resurgence of worms, Sophos strongly advises organizations to put in place dedicated anti-ransomware protection with urgency *Sophos Malware Forecast 2018
Sophos Recommendations 17 • You are a target – be prepared o Small, medium, and large companies have all been hit • Get educated o Train your employees via attack simulations. They can be your weakest link or strongest advocate o Investigate advanced technologies. Traditional antivirus and endpoint security will only block known ransomware. You need true anti-ransomware to block zero-day attacks • Upgrade your technology o There have been a lot of advancements in the last couple of years to prevent ransomware via anti-ransomware, anti-exploit, anti-hacker, etc. • Invest now o The cost of the technology is a fraction of the cost of the impact of an attack. You are saving your company a ton of money
Exploits 18
Executive Summary 19 Attacks Understanding Geography 54% of organizations don’t have anti-exploit protection in place 2/3 of IT managers don’t understand what anti- exploit technology is U.S. has greatest understanding of anti- exploit technology
54% of Organizations Remain Highly Vulnerable to Exploits Sophos global research - research results 20 46% 46% 6% 1% 1% Anti-exploit technology is important on the endpoint and we already have it Anti-exploit technology is important on the endpoint and we plan to implement it Anti-exploit technology is important on the endpoint but we don’t have plans to implement it Anti-exploit technology is not important on the endpoint Don’t know • Exploits are the techniques hackers use to take advantage of vulnerabilities in legitimate software • Almost all respondents (98%) agree that having anti-exploit technology on the endpoint is important • Despite this, over half don’t have it in place, leaving them vulnerable to attack
Misunderstanding Abounds Regarding Anti-exploit Technology Sophos global research - research results 21 32% 31% 28% 7% 1% Anti-malware scanner and removal tool Software that prevents exploits that target browsers and applications A security vulnerability scanner that looks for weaknesses Penetration testing toolkits Don't know What is the best description for anti-exploit software • Although 46% claim to have anti-exploit technology, only 31% actually knew what it is • This suggests that significant proportion have a misplaced belief that they are protected from this common attack technique, but are in fact at risk 69% of respondents were unable to identify the correct definition of anti-exploit technology
Understanding of Anti-exploit Software Varies by Country Sophos global research - research results 22 • The U.S. topping the table with 39% defining it correctly compared to 22% in France • Smaller organizations demonstrated a better understanding than larger ones: • 34% in the 100-1,000 user band defined it correctly • 29% in the 1,001-5,000 user band defined it correctly Correctly defined anti-exploit software UK France Germany U.S. Canada Mexico India Australia Japan South Africa 35% 22% 32% 39% 26% 35% 28% 34% 26% 30%
Sophos Recommendations 23 • Take action NOW o Given the widespread use of exploits in today’s attacks and the significant lack of around anti-exploit technology, urgent action is needed to understand how to stop these threats • Education, education, education o If you don’t understand exploits, it’s time to learn. If you think you understand exploits, it’s worth refreshing your knowledge to make sure aware of the latest approaches • Upgrade your technology o To protect against exploit techniques used in malware attacks make sure you have the security solutions in place to stop them
Advanced Threats and Machine Learning 24
Executive Summary 25 Attacks Future Implementation Protections Geography 87% agree: Threats have become more complex 60% plan to add machine learning in the next year India is the most optimistic about machine and deep learning Canada, India, Mexico have highest level of machine learning technology 60% say current cyber defenses are not enough
You Are Not Alone: It’s Getting Harder for Everyone 26 83%87% Stopping malware threats has become harder over the last year Malware threats have become increasingly complex over the last year
All Countries are Suffering – Japan Most of All 27 • While these views are widely held in all geographies surveyed, IT managers in Japan are feeling the greatest challenge. • Conversely, French IT managers are least challenged, although nearly /23(74%) still agree it’s got harder to stop malware. Agree that stopping threats has got harder over the last year Agree that malware threats have got more complex over the last year UK 85% 89% France 74% 79% Germany 77% 87% U.S. 88% 90% Canada 76% 82% Mexico 81% 86% India 89% 88% Australia 85% 84% Japan 92% 97% South Africa 85% 89%
6 in 10 Agree: Standard Defenses are not Enough 28 60% My organization’s current defenses are not totally sufficient to block the cyber threats I’ve seen in the past year
60% Plan to Implement Machine Learning in the Next Year 29 25% 34% 34% 34% 31% 24% 21% 20% 18% 15% 10% 60% 54% 63% 48% 61% 65% 59% 72% 68% 61% 42% Total Canada India South Africa US France Australia Mexico Germany UK Japan We already have it We plan to implement within next 12 months • 25% already have predictive threat prevention technologies, such as machine or deep learning • 60% plan to implement within the next year • Canada, India and South Africa lead with 1/3 (34%) of respondents already using these technologies • Mexico has the most extensive future plans, with 72% planning to implement predictive threat prevention technologies • Japan is most cautious, with just 10% using them and 42% planning to implement these technologies • Average timescales to implement is six months
People are Confused Between Machine and Deep Learning 30 44% 43% 11% 2% Yes, I have full understanding Yes, I have some understanding No, not sure on the difference No, I do not know either term 56% of respondents admit they do not have a full understanding of the difference between machine learning and deep learning
#1 Desired Benefit from Machine Learning: Improved Threat Detection 31 86% 79% 70% 33% 31% 0% Better detection Better prevention Faster performance Fewer false positives Smaller footprint (e.g. hardware takes up less space) There are no benefits The most important benefits organizations want from machine and deep learning
Machine Learning: An Additional, not Replacement Technology 35% 64% 1% It will be a complete replacement It will be an additional technology Don’t know 45% 44% 42% 37% 36% 34% 29% 27% 26% 23% 55% 55% 58% 62% 61% 64% 69% 73% 73% 73% India South Africa Canada US Australia Germany UK Mexico France Japan It will be a complete replacement It will be an additional technology • 64%: additional technology • 35%: complete replacement • India has strongest expectation it will be a complete replacement (45%) • Conversely in Japan 23% see it as a complete replacement
Machine Learning: Yes, it will Live Up to the Hype 33 • 94% believe that machine learning will “live up to the hype” • Over two in ten (21%) went so far as to state that it will solve all of their technology issues • IT managers in India are most optimistic with a full 45% saying it will solve all our technology issues • In contrast, just 9% of Japanese and 10% of German respondents shared this view Average UK France Germany U.S. Canada Mexico India Australia Japan South Africa ML will live up to the hype 94% 90% 96% 94% 97% 97% 98% 99% 89% 79% 93% ML will solve all our technology issues 21% 13% 19% 10% 26% 20% 32% 45% 14% 9% 17%
The Sophos Perspective 34 • Becoming mainstream. Despite machine learning being a relatively new technology, the vast majority of organizations plan to have it in place within the next 12 months • Additional, not replacement. Sophos agrees with the majority of survey respondents – it’s an additional layer of security and not a total replacement for all endpoint defenses • 3rd party testing needed. With the majority of organizations openly admitting they don’t have a full understanding of machine and deep learning, the security industry should take the lead in enabling organizations to make informed decisions on machine and deep learning: • Independent, public testing of security products • Education on the technologies used and the differences between them
Sophos Recommendations 35 • Get educated o Not all technology is the same. Investigate machine and deep learning, understand the differences between the options and what that means for you. • Upgrade your technology – now o Cybercriminals are already using machine learning in their attacks. Ensure your defenses can match them.
Conclusion 36
Key Takeaways from the Survey 37 • IT security remains highly challenging for organizations across the globe. • There’s a growing gap between the knowledge and skills of the attackers (ransomware, exploits) and that of the IT professionals charged with stopping them. This can be addressed by education. • Traditional security solutions are no longer enough to keep organizations ahead of today’s complex threats. • Organizations are aware that they need advanced security technologies, including machine and deep learning, to stop threats. However lack of understanding of the technologies makes it hard for organizations to evaluate them and put the right protection in place. • Sophos calls on the security industry to make it easy for IT managers to understand and evaluate these technologies, through increased open, independent testing, and education.
Further Reading from Sophos 38 • Exploits Intercepted – A very readable guide to what exploits are, how they work, and how to stop them • Exploits Explained – A deep dive into the actual exploits used by hackers today and the protection capabilities that block them • How to Stay Protected against Ransomware – How ransomware works and what steps you can take to protect against it • SophosLabs Deep Learning Page – A range of resources and educational pieces on machine and deep learning • Sophos Intercept X Deep Learning Datasheet – A clear explanation of deep learning and why it consistently outperforms other machine learning models
Ransomware Costs by Country 40
Ransomware Costs: UK 41 Estimated total cost of ransomware attack • 67% incur costs between £10K and £250K • Most common costs £10-£50K and £100-£250K 7% 24% 19% 24% 9% 9% 4% 4% 0% Less than £10,000 Between £10,000 and £50,000 Between £50,000 and £100,000 Between £100,000 and £250,000 Between £250,000 and £500,000 Between £500,000 and £1 million Between £1 million and £5 million Between £5 million and £10 million More than £10 million
Ransomware Costs: Germany 42 • 63% incur costs between €11,200 and €282K • Most common costs €56K and €112K (28%) • No one incurred costs in lowest bracket (below €11,200) 0% 19% 28% 16% 20% 9% 5% 3% 0% Less than 11,200 € Between 11,200 € and 56,000 € Between 56,000 € and 112,000 € Between 112,000 € and 282,000 € Between 282,000 € and 563,000 € Between 563,000 € and 1.2 million € Between 1.2 million € and 5.6 million € Between 5.6 million € and 11.2 million € More than 11.2 million € Estimated total cost of ransomware attack Conversion rate - £1 = 1.12 €
Ransomware Costs: France 43 • France has a broader spread of costs than average • 55% incur costs between €11,200 and €282K • Most common costs €112K and €282K (21%) 8% 15% 19% 21% 18% 9% 8% 1% 0% Less than 11,200 € Between 11,200 € and 56,000 € Between 56,000 € and 112,000 € Between 112,000 € and 282,000 € Between 282,000 € and 563,000 € Between 563,000 € and 1.2 million € Between 1.2 million € and 5.6 million € Between 5.6 million € and 11.2 million € More than 11.2 million € Estimated total cost of ransomware attack Conversion rate - £1 = 1.12 €
Ransomware Costs: U.S. 44 • U.S. has a broader spread of costs than average • 57% incur costs between US$13K and US$332K • Most common costs US$70K and US$133K (23%) 2% 17% 23% 17% 20% 12% 5% 3% 0% Less than US$13,000 Between US$13,000 and US$70,000 Between US$70,000 and US$133,000 Between US$133,000 and US$332,000 Between US$332,000 and US$663,000 Between US$663,000 and US$1.3 million Between US$1.3 million and US$6.6 million Between US$6.6 million and US$13.3 million More than US$13.3 million Estimated total cost of ransomware attack Conversion rate - £1 = US$1.33
Ransomware Costs: Canada 45 • Wide range of costs incurred compared with other countries • 55% incur costs between CA$16K and CA$414K • Most common costs CA$16K and CA83K (22%) Estimated total cost of ransomware attack Conversion rate - £1 = CA$1.66 3% 22% 18% 21% 14% 7% 10% 4% 0% Less than CA$16,000 Between CA$16,000 and CA$83,000 Between CA$83,000 and CA$166,000 Between CA$166,000 and CA$414,000 Between CA$414,000 and CA$829,000 Between CA$829,000 and CA$1.7 million Between CA$1.7 million and CA$8.3 million Between CA$8.3 million and CA$16.6 million More than CA$16.6 million
Ransomware Costs: Mexico 46 • Very clear dominance of cost band 240K MXN and 1.2m MXN (45%) • 75% (three quarters) incur costs between 240K MXN and 6m MXN Estimated total cost of ransomware attack Conversion rate - £1 = 24.24 MXN 13% 45% 18% 13% 2% 5% 2% 2% 0% Less than 240,000 MXN Between 240,000 MXN and 1.2 million MXN Between 1.2 million MXN and 2.4 million MXN Between 2.4 million MXN and 6 million MXN Between 6 million MXN and 12 million MXN Between 12 million MXN and 24 million MXN Between 24 million MXN and 121 million MXN Between 121 million MXN and 242 million MXN More than 242 million MXN
Ransomware Costs: Australia 47 • Most common costs AU$17K and AU$85K (31%) • 64% incur costs between AU$17K and AU$425K Estimated total cost of ransomware attack Conversion rate - £1 = AU$1.7 2% 31% 19% 14% 17% 8% 4% 2% 0% Less than AU$17,000 Between AU$17,000 and AU$85,000 Between AU$85,000 and AU$170,000 Between AU$170,000 and AU$425,000 Between AU$425,000 and AU$850,000 Between AU$850,000 and AU$1.7 million Between AU$1.7 million and AU$8.5 million Between AU$8.5 million and AU$17 million More than AU$17 million
Ransomware Costs: Japan 48 • Very clear dominance of cost band ¥1.5 m and ¥7.5 m (41%) • 78% (over three quarters) incur costs between ¥1.5m and ¥37.5m • This is the highest percentage in this cost band of all countries surveyed Conversion rate - £1 = AU$1.7 Estimated total cost of ransomware attack Conversion rate - £1 = ¥149.80 0% 41% 27% 10% 13% 4% 1% 0% 0% Less than ¥1.5 million Between ¥1.5 million and ¥7.5 million Between ¥7.5 million and ¥15 million Between ¥15 million and ¥37.5 million Between ¥37.5 million and ¥74.9 million Between ¥74.9 million and ¥150 million Between ¥150 million and ¥749 million Between ¥749 million and ¥1.5 billion More than ¥1.5 billion
Ransomware Costs: India 49 • Most common costs between ₹870K and ₹4.3M • 59% incur costs between ₹870K and ₹21.7M Estimated total cost of ransomware attack Conversion rate - £1 = ₹ 86.85 5% 25% 21% 13% 13% 8% 7% 6% 0% Less than 870,000 INR Between 870,000 INR and 4.3 million INR Between 4.3 million INR and 8.7 million INR Between 8.7 million INR and 21.7 million INR Between 21.7 million INR and 43.4 million INR Between 43.4 million INR and 86.8 million INR Between 86.8 million INR and 434 million INR Between 434 million INR and 870 million INR More than 870 million INR
Ransomware Costs: South Africa 50 • Most common costs 180,000 ZAR and 900,000 ZAR (26% • Just under ¼ (23%) incur costs between 9 million and 18 million ZAR Estimated total cost of ransomware attack Conversion rate - £1 = 18.11 ZAR 8% 26% 13% 12% 12% 23% 1% 2% 0% Less than 180,000 ZAR Between 180,000 and 900,000 ZAR Between 900,000 ZAR and 1.8 million ZAR Between 1.8 million ZAR and 4.5 million ZAR Between 4.5 million ZAR and 9 million ZAR Between 9 million ZAR and 18 million ZAR Between 18 million ZAR and 91 million ZAR Between 91 million ZAR and 181 million ZAR More than 181 million ZAR
51 Unmatched next-gen endpoint protection. Introducing incredible upgrades to Sophos Intercept X Get a free trial of Intercept X to test in your own network and see why Gartner has named Sophos as a leader in the Magic Quadrant for Endpoint Protection Platforms. Start Free Trial www.hummingbirdnetworks.com

Recommended

Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaTechBiz Forense Digital
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
2011-10 The Path to Compliance
2011-10 The Path to Compliance 2011-10 The Path to Compliance
2011-10 The Path to Compliance Raleigh ISSA
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Deepa Devadas
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey FireEye, Inc.
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingwardell henley
 

Recommended

Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaTechBiz Forense Digital
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bankshreemala1
 
2011-10 The Path to Compliance
2011-10 The Path to Compliance 2011-10 The Path to Compliance
2011-10 The Path to Compliance Raleigh ISSA
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Gp2 Public Policy Assign8 644 Sp10
Gp2 Public Policy Assign8 644 Sp10Deepa Devadas
 
SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey SANS 2013 Report: Digital Forensics and Incident Response Survey
SANS 2013 Report: Digital Forensics and Incident Response Survey FireEye, Inc.
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
Best practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingBest practices for_implementing_security_awareness_training
Best practices for_implementing_security_awareness_trainingwardell henley
 
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyStephanie Weagle
 
Impacts cloud remote_workforce
Impacts cloud remote_workforceImpacts cloud remote_workforce
Impacts cloud remote_workforceRodrigo Varas
 
Rcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalRcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalPatrick Florer
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Ch&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserCh&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserStephanie Baruk
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA PresentationMarc Crudgington, MBA
 
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 20122011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 2012Symantec
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Oscar Romano
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9seadeloitte
 
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...CMR WORLD TECH
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information SecuritySimoun Ung
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer
 
Redspin Report - Protected Health Information 2010 Breach Report
Redspin Report - Protected Health Information 2010 Breach ReportRedspin Report - Protected Health Information 2010 Breach Report
Redspin Report - Protected Health Information 2010 Breach ReportRedspin, Inc.
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectCompletedannyboi17
 
The State of Ransomware 2020
The State of Ransomware 2020The State of Ransomware 2020
The State of Ransomware 2020Netpluz Asia Pte Ltd
 
2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trendsDImension Data
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence ReportDImension Data
 

More Related Content

What's hot

DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyStephanie Weagle
 
Impacts cloud remote_workforce
Impacts cloud remote_workforceImpacts cloud remote_workforce
Impacts cloud remote_workforceRodrigo Varas
 
Rcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalRcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalPatrick Florer
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhJames Herold
 
Ch&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserCh&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserStephanie Baruk
 
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 20122011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 2012Symantec
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Oscar Romano
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9seadeloitte
 
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...CMR WORLD TECH
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information SecuritySimoun Ung
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer
 
Redspin Report - Protected Health Information 2010 Breach Report
Redspin Report - Protected Health Information 2010 Breach ReportRedspin Report - Protected Health Information 2010 Breach Report
Redspin Report - Protected Health Information 2010 Breach ReportRedspin, Inc.
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectCompletedannyboi17
 

What's hot (20)

DDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero SurveyDDoS Attacks Advancing and Enduring a SANS & Corero Survey
DDoS Attacks Advancing and Enduring a SANS & Corero Survey
 
Impacts cloud remote_workforce
Impacts cloud remote_workforceImpacts cloud remote_workforce
Impacts cloud remote_workforce
 
Rcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_finalRcs triumfant watchful_webinar_final
Rcs triumfant watchful_webinar_final
 
Datto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rhDatto stateofthechannelransomwarereport2016 rh
Datto stateofthechannelransomwarereport2016 rh
 
Ch&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - TeaserCh&Cie - Cyber Security - CIB - Teaser
Ch&Cie - Cyber Security - CIB - Teaser
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 20122011 Annual Study - U.S. Cost of a Data Breach - March 2012
2011 Annual Study - U.S. Cost of a Data Breach - March 2012
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
September 2019 part 9
September 2019 part 9September 2019 part 9
September 2019 part 9
 
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for IT
 
The Evolving Landscape on Information Security
The Evolving Landscape on Information SecurityThe Evolving Landscape on Information Security
The Evolving Landscape on Information Security
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
 
Redspin Report - Protected Health Information 2010 Breach Report
Redspin Report - Protected Health Information 2010 Breach ReportRedspin Report - Protected Health Information 2010 Breach Report
Redspin Report - Protected Health Information 2010 Breach Report
 
ResearchProjectComplete
ResearchProjectCompleteResearchProjectComplete
ResearchProjectComplete
 
The State of Ransomware 2020
The State of Ransomware 2020The State of Ransomware 2020
The State of Ransomware 2020
 

Similar to The State of Endpoint Security Today

2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trendsDImension Data
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence ReportDImension Data
 
Cyber Security Planning 101
Cyber Security Planning 101Cyber Security Planning 101
Cyber Security Planning 101Welch LLP
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response ManagementDon Caeiro
 
Paul Henry’s 2011 Malware Trends
Paul Henry’s 2011 Malware TrendsPaul Henry’s 2011 Malware Trends
Paul Henry’s 2011 Malware TrendsLumension
 
By The Numbers
By The NumbersBy The Numbers
By The Numberskkurm
 
TMT industry Threat Landscape
TMT industry Threat LandscapeTMT industry Threat Landscape
TMT industry Threat LandscapeLoucif Kharouni
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...Citrin Cooperman
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingJoe Nathans
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSPreetiDevidas
 
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...Health IT Conference – iHT2
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Team Finland Future Watch
 
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacksUnderstanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacksMarie Wilcox
 

Similar to The State of Endpoint Security Today (20)

2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends2015 Global Threat Intelligence Report - an analysis of global security trends
2015 Global Threat Intelligence Report - an analysis of global security trends
 
2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report2015 Global Threat Intelligence Report
2015 Global Threat Intelligence Report
 
Cyber Security Planning 101
Cyber Security Planning 101Cyber Security Planning 101
Cyber Security Planning 101
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012
 
Introduction to Incident Response Management
Introduction to Incident Response ManagementIntroduction to Incident Response Management
Introduction to Incident Response Management
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
Project.pptx
Project.pptxProject.pptx
Project.pptx
 
Paul Henry’s 2011 Malware Trends
Paul Henry’s 2011 Malware TrendsPaul Henry’s 2011 Malware Trends
Paul Henry’s 2011 Malware Trends
 
Prof m01
Prof m01Prof m01
Prof m01
 
By The Numbers
By The NumbersBy The Numbers
By The Numbers
 
TMT industry Threat Landscape
TMT industry Threat LandscapeTMT industry Threat Landscape
TMT industry Threat Landscape
 
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
C-Suite Snacks Webinar Series : Under Attack - Preparing Your Company in the ...
 
NextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive BriefingNextLevel Cyber Security Executive Briefing
NextLevel Cyber Security Executive Briefing
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONSIMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
 
2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum2015 Atlanta CHIME Lead Forum
2015 Atlanta CHIME Lead Forum
 
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
CHIME LEAD San Francisco 2015 - Opening Keynote "What is Cyber Security and W...
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa Future Watch: Cybersecurity market in South Africa
Future Watch: Cybersecurity market in South Africa
 
Understanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacksUnderstanding Zero Day Recovery - Your last defence against ransomware attacks
Understanding Zero Day Recovery - Your last defence against ransomware attacks
 

Recently uploaded

Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfngoud9212
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 

Recently uploaded (20)

Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Bluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdfBluetooth Controlled Car with Arduino.pdf
Bluetooth Controlled Car with Arduino.pdf
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 

The State of Endpoint Security Today

  • 1. The State of Endpoint Security Today January 2018
  • 2. About This Survey 2 • An independent survey of 2,700 IT decision makers • Commissioned by Sophos • Conducted by Vanson Bourne, a UK-based research house • Interviews conducted in October and November 2017
  • 3. Demographics 3 2,700 IT decision makers split in the following ways... Respondent country Organization size Organization sector 13501350 100-1,000 employees 1,001-5,000 employees 461 389 338 298 293 276 203 142 82 72 66 80 IT, technology and telecoms Retail, distribution and transport Manufacturing and production Financial services Business and professional services Public sector Energy, oil/gas and utilities Construction and property Media, leisure and entertainment Healthcare products and technologies Private education Other commercial sector 500 300 300 300 300 200 200 200 200 200 US UK France Germany India Canada Mexico Australia Japan South Africa
  • 5. Executive Summary 5 Attacks Target Cost Protections Geography 54% of organizations were hit. Average two hits per organization Median impact per organization ≈ US$133K (£100K) Healthcare was the top target followed by Energy, Professional Services, Retail India was the most-target country, followed by Mexico, U.S., Canada 77% running up-to-date antivirus when hit. 54% do not have anti-ransomware tech
  • 6. We Live in the Shadow of Ransomware Sophos global research - research results 6 54% 31% 14% 1% Yes No, but we expect to in the future No and we do not expect to Don't know Has your organization been hit by ransomware? 54% Organizations were hit by ransomware in the last year 85% Organizations have either been hit or expect to be hit by ransomware
  • 7. Unlike Lightning, Ransomware Does Strike Twice Sophos global research - research results 7 Average number of times organizations were hit by ransomware in the last year 2 • On average, affected organizations were hit by ransomware twice in the last year • Multiple adversaries targeting each organization • Attackers are no longer removing previous victims from their target lists
  • 8. There are No Safe Havens from Ransomware 67% 65% 60% 59% 54% 51% 48% 48% 45% 41% India Mexico US Canada South Africa Germany France Australia UK Japan Hit by ransomware, by country • Every country has suffered significant levels of ransomware attacks • The top targets for ransomware are India, Mexico, U.S., Canada • North America and India are attractive targets due to high levels of GDP, English speakers, and internet users • Japanese organizations are least likely to be hit by ransomware (41%) • Language challenges and uniqueness make Japan a less attractive target
  • 9. Healthcare is the #1 Victim of Ransomware 9 54% 76% 65% 59% 58% 55% 54% 51% 49% 48% 48% 47% 45% Total Healthcare products and technologies Energy, oil/gas and utilities Business and professional services Retail, distribution and transport IT, technology and telecoms Public sector Manufacturing and production Construction and property Media, leisure and entertainment Other commercial sector Private education Financial services Yes, we have been hit by ransomware in the last 12 months Hit by ransomware, by sector • Healthcare is the industry most likely to fall victim to a ransomware with (76%) hit in the last year • Financial services are least likely to have suffered a breach – but still over 4 in 10 have fallen victim • While both sectors holding high value data, reasons for this difference include: • Healthcare targeted more than financial services • Weaker IT infrastructure perceived as a soft target • Perception that victims are more likely to pay • Healthcare has weaker IT defenses • Aging infrastructure creates security holes • Restricted resources impacts use of security technologies
  • 10. Traditional Endpoint Protection Alone is Not Enough 10 77% Organizations hit by ransomware were running up-to-date endpoint security at the time of attack Endpoint protection status Total Running up-to-date endpoint protection 77% Not running up-to-date endpoint protection 21% Don’t know 1% Base 1468
  • 11. 54% of Organizations Remain at High Risk of Ransomware 46% 45% 7% 1% 1% 0% 10% 20% 30% 40% 50% Anti-ransomware technology is important on the endpoint and we already have it Anti-ransomware technology is important on the endpoint and we plan to implement it Anti-ransomware technology is important on the endpoint but we don’t have plans to implement it Anti-ransomware technology is not important on the endpoint Don’t know • Almost everyone agrees that having anti- ransomware technology on the endpoint is important (98%) • Despite that, 54% of organizations do not have anti-ransomware technology in place, putting them at greater risk of infection
  • 12. Level of Investment in Protection Varies by Sector 12 • Energy, oil/gas, and utilities and healthcare are the sectors that have invested most significantly in anti- ransomware technology • High value targets for criminals • Bespoke, very expensive equipment running on old technology (MRI scanners, drills) • Media, public sector and private education are least likely to have invested in anti-ransomware technology. Possible reasons include: • Budget constraints – particularly public sector • Lack of awareness of need • Limited IT resources Average Business and Pro Services Construction / property Energy, oil / gas, utilities Financial services Health IT, tech, telecoms Manu- facturing Media, leisure, entertain Public sector Private education Retail, distribution transport Other Anti-ransomware technology is important on the endpoint and we already have it 46% 47% 46% 53% 52% 53% 44% 46% 38% 39% 35% 46% 51% Anti-ransomware technology is important on the endpoint and we plan to implement it 45% 42% 46% 42% 41% 42% 47% 46% 51% 50% 45% 43% 36%
  • 13. The Healthcare Conundrum: Biggest Victims, Largest Investors in Prevention 13 • Despite healthcare having the highest propensity to suffer an attack (76%), it is also the sector with the highest level of anti-ransomware protection in place (53%) • Reasons behind this apparent contradiction include: • Cybercriminals perceive healthcare as a soft target, and so disproportionately target this sector • Healthcare organizations often use old technology with weaker defenses, like MRI scanners that only run on old operating systems • Restricted IT resources – people, hardware, software – result in patchy security, so even when one part of healthcare organization has protection, there are still other ways for threats to get in • Not all anti-ransomware protection is the same. They may have anti-ransomware technology but it may not be enough to stop the threats • Healthcare organizations are learning from experience and have chosen to invest in anti- ransomware technology as a result of earlier breaches
  • 14. Ransomware Comes with a BIG Bill 14 Estimated total cost of ransomware attack (converted from local currency) • Almost evenly split • 51% of businesses reporting cost < US$133,000 • 49% of businesses reporting cost > US$133,000 • The most common cost is between US$13,000 and US$70,000 • Nearly half (46%) incurred costs between US$13,000 and US$133,000 US$133,000 Median cost of a ransomware attack, including downtime, work hours, device cost, network cost, lost opportunities, and ransom payment 3% 5% 10% 15% 16% 21% 25% 5% Between US$6.6 million and US$13.3 million Between US$1.3 million and US$6.6 million Between US$663,000 and US$1.3 million Between US$332,000 and US$663,000 Between US$133,000 and US$332,000 Between US$70,000 and US$133,000 Between US$13,000 and US$70,000 Less than US$13,000
  • 15. Ransomware Costs the U.S. More than the GDP of Jamaica 15 • Number of 100+ user organizations in USA: 129K (source: US census) • Percentage hit by ransomware in the last year: 60% (source: U.S. respondents to this survey) • Average number of ransomware attacks in last year: 2 (source: U.S. respondents to this survey) • Median cost to rectify a ransomware attack: US$120K (source: U.S. respondents to this survey) Cost of ransomware to U.S. businesses US$18.6 Billion (in 100+ user organizations) GDP of Jamaica US$14 Billion (World Bank)
  • 16. The Sophos Perspective 16 • Inadequate protection: Despite a series of high-profile ransomware attacks in 2017, organizations are starting 2018 with inadequate protection against ransomware • Antivirus is not anti-ransomware: Not all anti-ransomware technology is the same. Organizations should make sure they have protection with dedicated anti-ransomware capabilities, rather than generic threat prevention, in order to be effectively protected against the #1 malware threat • 3rd party testing of unknown ransomware: To make it easier for organizations to make informed decisions on their anti-ransomware protection, Sophos calls for more independent testing of the efficacy of products in stopping previously unseen ransomware • Upgrade your technology: With a further ransomware surge predicted for 2018* fueled by Ransomware-as-a- Service (RaaS) and amplified by the resurgence of worms, Sophos strongly advises organizations to put in place dedicated anti-ransomware protection with urgency *Sophos Malware Forecast 2018
  • 17. Sophos Recommendations 17 • You are a target – be prepared o Small, medium, and large companies have all been hit • Get educated o Train your employees via attack simulations. They can be your weakest link or strongest advocate o Investigate advanced technologies. Traditional antivirus and endpoint security will only block known ransomware. You need true anti-ransomware to block zero-day attacks • Upgrade your technology o There have been a lot of advancements in the last couple of years to prevent ransomware via anti-ransomware, anti-exploit, anti-hacker, etc. • Invest now o The cost of the technology is a fraction of the cost of the impact of an attack. You are saving your company a ton of money
  • 19. Executive Summary 19 Attacks Understanding Geography 54% of organizations don’t have anti-exploit protection in place 2/3 of IT managers don’t understand what anti- exploit technology is U.S. has greatest understanding of anti- exploit technology
  • 20. 54% of Organizations Remain Highly Vulnerable to Exploits Sophos global research - research results 20 46% 46% 6% 1% 1% Anti-exploit technology is important on the endpoint and we already have it Anti-exploit technology is important on the endpoint and we plan to implement it Anti-exploit technology is important on the endpoint but we don’t have plans to implement it Anti-exploit technology is not important on the endpoint Don’t know • Exploits are the techniques hackers use to take advantage of vulnerabilities in legitimate software • Almost all respondents (98%) agree that having anti-exploit technology on the endpoint is important • Despite this, over half don’t have it in place, leaving them vulnerable to attack
  • 21. Misunderstanding Abounds Regarding Anti-exploit Technology Sophos global research - research results 21 32% 31% 28% 7% 1% Anti-malware scanner and removal tool Software that prevents exploits that target browsers and applications A security vulnerability scanner that looks for weaknesses Penetration testing toolkits Don't know What is the best description for anti-exploit software • Although 46% claim to have anti-exploit technology, only 31% actually knew what it is • This suggests that significant proportion have a misplaced belief that they are protected from this common attack technique, but are in fact at risk 69% of respondents were unable to identify the correct definition of anti-exploit technology
  • 22. Understanding of Anti-exploit Software Varies by Country Sophos global research - research results 22 • The U.S. topping the table with 39% defining it correctly compared to 22% in France • Smaller organizations demonstrated a better understanding than larger ones: • 34% in the 100-1,000 user band defined it correctly • 29% in the 1,001-5,000 user band defined it correctly Correctly defined anti-exploit software UK France Germany U.S. Canada Mexico India Australia Japan South Africa 35% 22% 32% 39% 26% 35% 28% 34% 26% 30%
  • 23. Sophos Recommendations 23 • Take action NOW o Given the widespread use of exploits in today’s attacks and the significant lack of around anti-exploit technology, urgent action is needed to understand how to stop these threats • Education, education, education o If you don’t understand exploits, it’s time to learn. If you think you understand exploits, it’s worth refreshing your knowledge to make sure aware of the latest approaches • Upgrade your technology o To protect against exploit techniques used in malware attacks make sure you have the security solutions in place to stop them
  • 25. Executive Summary 25 Attacks Future Implementation Protections Geography 87% agree: Threats have become more complex 60% plan to add machine learning in the next year India is the most optimistic about machine and deep learning Canada, India, Mexico have highest level of machine learning technology 60% say current cyber defenses are not enough
  • 26. You Are Not Alone: It’s Getting Harder for Everyone 26 83%87% Stopping malware threats has become harder over the last year Malware threats have become increasingly complex over the last year
  • 27. All Countries are Suffering – Japan Most of All 27 • While these views are widely held in all geographies surveyed, IT managers in Japan are feeling the greatest challenge. • Conversely, French IT managers are least challenged, although nearly /23(74%) still agree it’s got harder to stop malware. Agree that stopping threats has got harder over the last year Agree that malware threats have got more complex over the last year UK 85% 89% France 74% 79% Germany 77% 87% U.S. 88% 90% Canada 76% 82% Mexico 81% 86% India 89% 88% Australia 85% 84% Japan 92% 97% South Africa 85% 89%
  • 28. 6 in 10 Agree: Standard Defenses are not Enough 28 60% My organization’s current defenses are not totally sufficient to block the cyber threats I’ve seen in the past year
  • 29. 60% Plan to Implement Machine Learning in the Next Year 29 25% 34% 34% 34% 31% 24% 21% 20% 18% 15% 10% 60% 54% 63% 48% 61% 65% 59% 72% 68% 61% 42% Total Canada India South Africa US France Australia Mexico Germany UK Japan We already have it We plan to implement within next 12 months • 25% already have predictive threat prevention technologies, such as machine or deep learning • 60% plan to implement within the next year • Canada, India and South Africa lead with 1/3 (34%) of respondents already using these technologies • Mexico has the most extensive future plans, with 72% planning to implement predictive threat prevention technologies • Japan is most cautious, with just 10% using them and 42% planning to implement these technologies • Average timescales to implement is six months
  • 30. People are Confused Between Machine and Deep Learning 30 44% 43% 11% 2% Yes, I have full understanding Yes, I have some understanding No, not sure on the difference No, I do not know either term 56% of respondents admit they do not have a full understanding of the difference between machine learning and deep learning
  • 31. #1 Desired Benefit from Machine Learning: Improved Threat Detection 31 86% 79% 70% 33% 31% 0% Better detection Better prevention Faster performance Fewer false positives Smaller footprint (e.g. hardware takes up less space) There are no benefits The most important benefits organizations want from machine and deep learning
  • 32. Machine Learning: An Additional, not Replacement Technology 35% 64% 1% It will be a complete replacement It will be an additional technology Don’t know 45% 44% 42% 37% 36% 34% 29% 27% 26% 23% 55% 55% 58% 62% 61% 64% 69% 73% 73% 73% India South Africa Canada US Australia Germany UK Mexico France Japan It will be a complete replacement It will be an additional technology • 64%: additional technology • 35%: complete replacement • India has strongest expectation it will be a complete replacement (45%) • Conversely in Japan 23% see it as a complete replacement
  • 33. Machine Learning: Yes, it will Live Up to the Hype 33 • 94% believe that machine learning will “live up to the hype” • Over two in ten (21%) went so far as to state that it will solve all of their technology issues • IT managers in India are most optimistic with a full 45% saying it will solve all our technology issues • In contrast, just 9% of Japanese and 10% of German respondents shared this view Average UK France Germany U.S. Canada Mexico India Australia Japan South Africa ML will live up to the hype 94% 90% 96% 94% 97% 97% 98% 99% 89% 79% 93% ML will solve all our technology issues 21% 13% 19% 10% 26% 20% 32% 45% 14% 9% 17%
  • 34. The Sophos Perspective 34 • Becoming mainstream. Despite machine learning being a relatively new technology, the vast majority of organizations plan to have it in place within the next 12 months • Additional, not replacement. Sophos agrees with the majority of survey respondents – it’s an additional layer of security and not a total replacement for all endpoint defenses • 3rd party testing needed. With the majority of organizations openly admitting they don’t have a full understanding of machine and deep learning, the security industry should take the lead in enabling organizations to make informed decisions on machine and deep learning: • Independent, public testing of security products • Education on the technologies used and the differences between them
  • 35. Sophos Recommendations 35 • Get educated o Not all technology is the same. Investigate machine and deep learning, understand the differences between the options and what that means for you. • Upgrade your technology – now o Cybercriminals are already using machine learning in their attacks. Ensure your defenses can match them.
  • 37. Key Takeaways from the Survey 37 • IT security remains highly challenging for organizations across the globe. • There’s a growing gap between the knowledge and skills of the attackers (ransomware, exploits) and that of the IT professionals charged with stopping them. This can be addressed by education. • Traditional security solutions are no longer enough to keep organizations ahead of today’s complex threats. • Organizations are aware that they need advanced security technologies, including machine and deep learning, to stop threats. However lack of understanding of the technologies makes it hard for organizations to evaluate them and put the right protection in place. • Sophos calls on the security industry to make it easy for IT managers to understand and evaluate these technologies, through increased open, independent testing, and education.
  • 38. Further Reading from Sophos 38 • Exploits Intercepted – A very readable guide to what exploits are, how they work, and how to stop them • Exploits Explained – A deep dive into the actual exploits used by hackers today and the protection capabilities that block them • How to Stay Protected against Ransomware – How ransomware works and what steps you can take to protect against it • SophosLabs Deep Learning Page – A range of resources and educational pieces on machine and deep learning • Sophos Intercept X Deep Learning Datasheet – A clear explanation of deep learning and why it consistently outperforms other machine learning models
  • 39.
  • 40. Ransomware Costs by Country 40
  • 41. Ransomware Costs: UK 41 Estimated total cost of ransomware attack • 67% incur costs between £10K and £250K • Most common costs £10-£50K and £100-£250K 7% 24% 19% 24% 9% 9% 4% 4% 0% Less than £10,000 Between £10,000 and £50,000 Between £50,000 and £100,000 Between £100,000 and £250,000 Between £250,000 and £500,000 Between £500,000 and £1 million Between £1 million and £5 million Between £5 million and £10 million More than £10 million
  • 42. Ransomware Costs: Germany 42 • 63% incur costs between €11,200 and €282K • Most common costs €56K and €112K (28%) • No one incurred costs in lowest bracket (below €11,200) 0% 19% 28% 16% 20% 9% 5% 3% 0% Less than 11,200 € Between 11,200 € and 56,000 € Between 56,000 € and 112,000 € Between 112,000 € and 282,000 € Between 282,000 € and 563,000 € Between 563,000 € and 1.2 million € Between 1.2 million € and 5.6 million € Between 5.6 million € and 11.2 million € More than 11.2 million € Estimated total cost of ransomware attack Conversion rate - £1 = 1.12 €
  • 43. Ransomware Costs: France 43 • France has a broader spread of costs than average • 55% incur costs between €11,200 and €282K • Most common costs €112K and €282K (21%) 8% 15% 19% 21% 18% 9% 8% 1% 0% Less than 11,200 € Between 11,200 € and 56,000 € Between 56,000 € and 112,000 € Between 112,000 € and 282,000 € Between 282,000 € and 563,000 € Between 563,000 € and 1.2 million € Between 1.2 million € and 5.6 million € Between 5.6 million € and 11.2 million € More than 11.2 million € Estimated total cost of ransomware attack Conversion rate - £1 = 1.12 €
  • 44. Ransomware Costs: U.S. 44 • U.S. has a broader spread of costs than average • 57% incur costs between US$13K and US$332K • Most common costs US$70K and US$133K (23%) 2% 17% 23% 17% 20% 12% 5% 3% 0% Less than US$13,000 Between US$13,000 and US$70,000 Between US$70,000 and US$133,000 Between US$133,000 and US$332,000 Between US$332,000 and US$663,000 Between US$663,000 and US$1.3 million Between US$1.3 million and US$6.6 million Between US$6.6 million and US$13.3 million More than US$13.3 million Estimated total cost of ransomware attack Conversion rate - £1 = US$1.33
  • 45. Ransomware Costs: Canada 45 • Wide range of costs incurred compared with other countries • 55% incur costs between CA$16K and CA$414K • Most common costs CA$16K and CA83K (22%) Estimated total cost of ransomware attack Conversion rate - £1 = CA$1.66 3% 22% 18% 21% 14% 7% 10% 4% 0% Less than CA$16,000 Between CA$16,000 and CA$83,000 Between CA$83,000 and CA$166,000 Between CA$166,000 and CA$414,000 Between CA$414,000 and CA$829,000 Between CA$829,000 and CA$1.7 million Between CA$1.7 million and CA$8.3 million Between CA$8.3 million and CA$16.6 million More than CA$16.6 million
  • 46. Ransomware Costs: Mexico 46 • Very clear dominance of cost band 240K MXN and 1.2m MXN (45%) • 75% (three quarters) incur costs between 240K MXN and 6m MXN Estimated total cost of ransomware attack Conversion rate - £1 = 24.24 MXN 13% 45% 18% 13% 2% 5% 2% 2% 0% Less than 240,000 MXN Between 240,000 MXN and 1.2 million MXN Between 1.2 million MXN and 2.4 million MXN Between 2.4 million MXN and 6 million MXN Between 6 million MXN and 12 million MXN Between 12 million MXN and 24 million MXN Between 24 million MXN and 121 million MXN Between 121 million MXN and 242 million MXN More than 242 million MXN
  • 47. Ransomware Costs: Australia 47 • Most common costs AU$17K and AU$85K (31%) • 64% incur costs between AU$17K and AU$425K Estimated total cost of ransomware attack Conversion rate - £1 = AU$1.7 2% 31% 19% 14% 17% 8% 4% 2% 0% Less than AU$17,000 Between AU$17,000 and AU$85,000 Between AU$85,000 and AU$170,000 Between AU$170,000 and AU$425,000 Between AU$425,000 and AU$850,000 Between AU$850,000 and AU$1.7 million Between AU$1.7 million and AU$8.5 million Between AU$8.5 million and AU$17 million More than AU$17 million
  • 48. Ransomware Costs: Japan 48 • Very clear dominance of cost band ¥1.5 m and ¥7.5 m (41%) • 78% (over three quarters) incur costs between ¥1.5m and ¥37.5m • This is the highest percentage in this cost band of all countries surveyed Conversion rate - £1 = AU$1.7 Estimated total cost of ransomware attack Conversion rate - £1 = ¥149.80 0% 41% 27% 10% 13% 4% 1% 0% 0% Less than ¥1.5 million Between ¥1.5 million and ¥7.5 million Between ¥7.5 million and ¥15 million Between ¥15 million and ¥37.5 million Between ¥37.5 million and ¥74.9 million Between ¥74.9 million and ¥150 million Between ¥150 million and ¥749 million Between ¥749 million and ¥1.5 billion More than ¥1.5 billion
  • 49. Ransomware Costs: India 49 • Most common costs between ₹870K and ₹4.3M • 59% incur costs between ₹870K and ₹21.7M Estimated total cost of ransomware attack Conversion rate - £1 = ₹ 86.85 5% 25% 21% 13% 13% 8% 7% 6% 0% Less than 870,000 INR Between 870,000 INR and 4.3 million INR Between 4.3 million INR and 8.7 million INR Between 8.7 million INR and 21.7 million INR Between 21.7 million INR and 43.4 million INR Between 43.4 million INR and 86.8 million INR Between 86.8 million INR and 434 million INR Between 434 million INR and 870 million INR More than 870 million INR
  • 50. Ransomware Costs: South Africa 50 • Most common costs 180,000 ZAR and 900,000 ZAR (26% • Just under ¼ (23%) incur costs between 9 million and 18 million ZAR Estimated total cost of ransomware attack Conversion rate - £1 = 18.11 ZAR 8% 26% 13% 12% 12% 23% 1% 2% 0% Less than 180,000 ZAR Between 180,000 and 900,000 ZAR Between 900,000 ZAR and 1.8 million ZAR Between 1.8 million ZAR and 4.5 million ZAR Between 4.5 million ZAR and 9 million ZAR Between 9 million ZAR and 18 million ZAR Between 18 million ZAR and 91 million ZAR Between 91 million ZAR and 181 million ZAR More than 181 million ZAR
  • 51. 51 Unmatched next-gen endpoint protection. Introducing incredible upgrades to Sophos Intercept X Get a free trial of Intercept X to test in your own network and see why Gartner has named Sophos as a leader in the Magic Quadrant for Endpoint Protection Platforms. Start Free Trial www.hummingbirdnetworks.com

Editor's Notes

  1. In the last year, has your organisation been hit by ransomware? Asked to all respondents (2,700)
  2. In the last year, has your organization been hit by ransomware? Asked to all respondents (2,700)
  3. In the last year, has your organisation been hit by ransomware? Asked to all respondents (2,700)
  4. In the last year, has your organisation been hit by ransomware? Asked to all respondents (2,700)
  5. Was your organisation running up-to-date endpoint protection when you were last impacted by a ransomware attack? Asked to all respondents whose organisation has been hit by ransomware in the last year (1468)
  6. “How important is incorporating specific anti-ransomware technology into your organisation’s endpoint protection?”, asked to all respondents (2,700)
  7. How important is incorporating specific anti-ransomware technology into your organization’s endpoint protection? Asked to all respondents (2,700)
  8. “What was the approximate cost to your organization to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organization has been hit by ransomware in the last year (1,468)
  9. Number of 100+ user organizations in USA: 129K (source: US census) 60% hit by ransomware in the last year (source: U.S. respondents to this survey) Average number of attacks: 2 (source: U.S. respondents to this survey) Median cost to rectify a ransomware attack: US$120K (source: U.S. respondents to this survey) 129,000 x 0.6 x 2 x US$120,000 = US$18,576,000,000 GDP of Jamaica = US$14,027,000,000 (source: World Bank) GDP data: World Bank https://en.wikipedia.org/wiki/List_of_countries_by_GDP_(nominal) US organization data https://www.census.gov/epcd/susb/2008/us/US--.HTML
  10. How important is incorporating anti-exploit technology into your organisation’s endpoint protection?”, asked to all respondents (2,700)
  11. “In your opinion, which of the following terms best describes ‘anti-exploit’ software?”, asked to all respondents (2,700)
  12. “In your opinion, which of the following terms best describes ‘anti-exploit’ software?”, asked to all respondents (2,700)
  13. Stopping malware threats has become harder over the last year Malware threats have become increasingly complex over the last year asked to all respondents (2,700)
  14. Stopping malware threats has become harder over the last year Malware threats have become increasingly complex over the last year asked to all respondents (2,700)
  15. My organization’s current defenses are not totally sufficient to block the cyber threats I have seen in the past year asked to all respondents (2,700)
  16. What are your organization’s plans to incorporate predictive threat prevention technologies (provided through technologies like machine and deep learning) to stay ahead of complex malware attacks? asked to all respondents (2,700)
  17. Do you understand the difference between machine learning and deep learning?”, asked to all respondents (2,700)
  18. Figure 33: “What are the most important benefits your organisation is looking for when it comes to predictive threat prevention technologies provided through machine and deep learning?”, asked to respondents whose organisation is using or planning to use prevention technologies, showing a combination of responses ranked first, second, or third (2,349)
  19. Q1. Does your organization see machine and deep learning as an additional detection technology for your endpoints or as a complete replacement for antivirus?”, asked to respondents whose organisation is using or planning to use prevention technologies (2,349) Q2. Does your organization see machine and deep learning as an additional detection technology for your endpoints or as a complete replacement for antivirus?”, split by country, excluding those who said “Don’t know”, asked to respondents whose organisation is using or planning to use prevention technologies (2,349)
  20. Figure 33: “What are the most important benefits your organisation is looking for when it comes to predictive threat prevention technologies provided through machine and deep learning?”, asked to respondents whose organisation is using or planning to use prevention technologies, showing a combination of responses ranked first, second, or third (2,349)
  21. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  22. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  23. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  24. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  25. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  26. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  27. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  28. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  29. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)
  30. “What was the approximate cost to your organisation to rectify the impacts of the most recent ransomware attack (considering downtime, people time, device cost, network cost, lost opportunity, ransom paid etc.…)?”, not showing “Don’t know” responses, asked to respondents whose organisation has been hit by ransomware in the last year (1,468)