Together with IDG Research, we surveyed hundreds of large businesses to gain a better understanding of what organizations, particularly those in financial services, are doing in response to changes to federal guidelines regarding application and network security. This study investigates the impact of stricter regulations on businesses, how respondents perceive those changes, and how organizations are changing protocols to remain in compliance.
We’ve found that respondents from hundreds of large businesses have invested in new technologies, created security protocols, and even allocated additional budgets and headcount to remain compliant with these new codes.
Visit here: http://www.radware.com/social/idg-2014/ to download the full report.
How New Cyber Security Federal Regulations Are Impacting Application & Network Security
1. How New Cyber Security Federal Regulations Are Impacting Application and Network Security
MARKETING RESEARCH
EMPLOYEE ENGAGEMENT
A WORLD OF INSIGHTS
Research by Radware and IDG
2. A WORLD OF INSIGHTS
Survey Goals
Gain a better understanding of what organizations, particularly those in financial services, are doing in response to changes to federal guidelines regarding application and network security.
This study investigates the impact of stricter regulations on businesses, how respondents perceive those changes, and how organizations are changing protocols to remain in compliance.
2
METHODOLOGY & RESEARCH OBJECTIVES
3. A WORLD OF INSIGHTS
Sample
Method
Field Work
This survey was fielded from July 30, 2014 to
August 5, 2014
Total Respondents
250 US-based qualified completes
3
Collection
Online Questionnaire
Number of Questions
19 (excluding screeners and demographics)
Audience
To complete the survey, respondents were required to have an IT manager title or higher at an organization where total global annual sales met or exceeded $500 million. Additionally, respondents had to be involved with, or have knowledge of, their organizations’ enterprise application portfolio and network security initiatives.
METHODOLOGY & RESEARCH OBJECTIVES
4. A WORLD OF INSIGHTS
Total Respondents
Organization Size
250
10,000+ employees
42%
1,000 - 9,999 employees
50%
Less than 1,000 employees
8%
Job Title Breakdown
Top Represented Industries
60%
7%
6%
4%
4%
4%
3%
Financial services (banking, accounting,
tax, etc.)
Computer related products or services
Recruit target
Manufacturing, Production, Distribution
Healthcare, Medical, Biotech,
Pharmaceuticals
Retail, Wholesale
Business services, Consulting
Telecommunications, Internet/Cloud
Service Provider
4
* A more detailed respondent profile is appended to this report.
Global Annual Sales
$5 billion+
46%
$1 billion - $4.9 billion
41%
$500M - $999.9M
14%
RESPONDENT PROFILE
41%
8%
13%
18%
20%
CIO/CTO
CSO/CISO
EVP, Senior VP, VP
Director
Manager/Supervisor
5. 99% of respondents claim to be very or somewhat familiar with new federal guidelines, although a substantial number, both in financial services and other verticals, are still unaware about many specific regulations.
KEY FINDINGS
A WORLD OF INSIGHTS
5
6. 6
Although the majority of respondents claim to be very familiar with new federal guidelines, a large number are still unaware about specific regulations
A WORLD OF INSIGHTS
Q1: Within your industry/organization, how familiar are you with new or revised federal guidelines (or industry association regulations) regarding application and network security (e.g. cyber-attack mitigation, DoS/DDOS attacks) released over the past 12-18 months?
Q2. More specifically, of which of the following new or revised federal guidelines (or industry association regulations) regarding application and network security (released over the past 12-18 months) are you aware?
Total Base: 250; Financial Services Base: 150; Non-Financial Services Base: 100
71%
28%
0%
67%
32%
1%
77%
22%
0%
Very familiar
Somewhat
familiar
Not at all familiar
FAMILIARITY WITH NEW FEDERAL GUIDELINES (GENERAL)
62%
59%
56%
51%
58%
3%
64%
63%
59%
58%
65%
1%
60%
52%
51%
41%
46%
7%
National Institute of Standards and
Technology (NIST) Cyber Security
Framework
FFEIC Joint Statement Distributed
Denial-of-Service (DDoS) Cyber-
Attacks, Risk Mitigation, and Additional
Resources (US) Driver
Securities and Exchange Commission
Cyber Exams (US) Driver
Office of the Controller of Currency
(OCC) (US) Guidance Driver
National Credit Union Administration
(NCUA) Risk Alert (US) Driver
None of the above
Total Financial Services Non-Financial Services
FAMILIARITY WITH NEW FEDERAL GUIDELINES (SPECIFIC)
7. The financial services industry has felt the affects of these changes more so than have other verticals, particularly with regards to productivity loss, business disruption, and revenue loss.
KEY FINDINGS
A WORLD OF INSIGHTS
7
8. CONSEQUENCES OF NEW FEDERAL GUIDELINES
A WORLD OF INSIGHTS
8
Financial services is acutely impacted by new or revised federal guidelines, particularly in terms of business disruption and revenue loss
Q3: Has your organization experienced any of the following consequences as a result of recent - new or revised - federal guidelines (or industry association regulations) regarding application and network security?
Total Base: 250; Financial Services Base: 150; Non-Financial Services Base: 100
49%
48%
48%
36%
17%
54%
57%
58%
40%
11%
41%
34%
32%
31%
26%
Productivity loss
Business disruption
Revenue loss
Penalties/fines
None of the above
Total
Financial Services
Non Financial Services
9. Despite these adverse consequences, 87% of respondents agree that the current regulatory changes are very important or critical to keeping their companies and industries secure.
KEY FINDINGS
A WORLD OF INSIGHTS
9
10. 10
In addition to revenue loss, higher OPEX and CAPEX as a result of new federal regulations are also affecting bottom line results; despite these adverse consequences, respondents largely believe these regulations are very or critically important
A WORLD OF INSIGHTS
IMPACT OF NEW FEDERAL REGULATIONS TO ASPECTS OF BUSINESS
Q4: What has been the impact of these recent - new or revised - federal guidelines (or industry association regulations) on the following aspects of your business?
Q5: How important do you believe recent - new or revised - federal guidelines (or industry association regulation changes) to application and network security policies/requirements are to keeping your company/industry secure?
Total Base: 250
27%
30%
31%
35%
35%
36%
36%
40%
42%
48%
46%
41%
40%
41%
40%
38%
41%
38%
16%
19%
22%
21%
19%
20%
20%
15%
16%
8%
5%
6%
4%
5%
4%
6%
4%
4%
Hiring practices
Application development cycles
Procurement cycles for third-party apps
Application development costs
Application performance
Personnel costs
User experience
IT operational expenses (OpEx)
IT capital expenditures (CapEx) (i.e., data
center upgrades/investments)
Significant
Moderate
Minimal
No Impact
18%
69%
11%
1%
0%
PERCEIVED IMPORTANCE OF NEW FEDERAL REGULATIONS
11. Wait! There’s More.
Download the Full Report to Gain Insights About:
•Top strategic and tactical approaches to new regulations and guidelines
•How organizations will approach compliance with future new/revised guidelines and regulations
•Types of attacks that cause the most harm to the business
•How businesses are leveraging the cloud to mitigate DDoS attacks
http://www.radware.com/social/idg-2014
A WORLD OF INSIGHTS
11