SlideShare a Scribd company logo

Telindus cybersecurity survey_report_2019

V
ValentinGarcia32

Telindus cybersecurity survey_report_2019

Technology
1 of 1
Download to read offline
000100 IDENTIFICATION DIVISION. 000200 PROGRAM-ID. HELLOWORLD. 000300 000400* 000500 ENVIRONMENT DIVISION. 000600 CONFIGURATION SECTION. 000700 SOURCE-COMPUTER. RM-COBOL. 000800 OBJECT-COMPUTER. RM-COBOL. 000900 001000 DATA DIVISION. 001100 FILE SECTION. Morethan500people Between100&500people Lessthan100people 36% 27% 37% 41 respondents Public 29% Finance 32% Industry & Services 39% Morethan500people Between100&500people Lessthan100people36% 27% 37% 41 respondents Public 29% Finance 32% Industry & Services 39% ECONOMIC SECTORS COMPANY SIZE 37% 27% Morethan500people Between100&500people Lessthan100people 36% 54% AFTER12MONTHS 63% 39%57% 43% 46% 31% 61%37% Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% Containment Eradication Recovery Post-incident Comm. & PR 69% 1 23 37% 27% 56% Ope Morethan500people Between100&500people Lessthan100people 36% AFTER12MONTHS 34% Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% 1 23 37% 27% Morethan500people Between100&500people Lessthan100people 36% AFTER12MONTHS 63% 39% 61%37% Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% Post-incident Comm. & PR 1 23 84% of respondents faced social engineering attacks Main causes of incidents Luxembourg-based companies reveal how they manage their cybersecurity incidents… Let’s review the main pitfalls to avoid and the good practices you should implement to preserve your business! Impacts of a security breach “Integrating cybersecurity into business decisions is the key to an effective strategy„ EXPERT ADVICE telindus.lu 48% of respondents faced human errors What are the obstacles for information sharing? ABOUT CYBERSECURITY INCIDENTS 78% of companies report they had to manage at least one incident over the past year Public 83% Finance 54% Industry & Services 94% 19% of respondents faced external technical attacks and hacking Self-assessment of level of confidence in respondent’s own capabilities “Confidence in detection capabilities is currently low. However a shift is expected to occur soon as the improvement of detection capabilities is listed as the 2nd most important priority for the coming year„ Lessthan100people 36% 44% 49% 57% 54% 63% 39% 56% 51% 43% 57% 43% 46% 31% 61%37% Preparation Detection Analysis Containment Eradication Recovery Post-incident Comm. & PR 69% “Knowing and monitoring your vulnerabilities is the first step towards remediation. They have to be identified before attackers discover and use them against you„ EXPERT ADVICE ARE ALL MEANS USED TO DETECT INCIDENTS? ‘’Financialimpactsanddirectlossofrevenuearethethirdmost important concerns for the financial and industrial sectors.’’ Financial impacts are unknown to 17% of respondents. 44% 56% 22% During the last 12 MONTHS Operations ReputationLegal & regulatory Less than 6 (once every two months or less) Between 6 & 12 (once a month or less) More than 12 (more than once a month) None 46% 17% 14% 54% 50% 25% 66%34% 1 2 44% 56% 22% During the last 12 MONTHS Operations ReputationLegal & regulatory Less than 6 (once every two months or less) Between 6 & 12 (once a month or less) More than 12 (more than once a month) None 46% 17% 14% 54% 50% 25% 66%34% 1 2 2% Reputationlatory Less than 6 (once every two months or less) Between 6 & 12 (once a month or less) More than 12 (more than once a month) None 17% 14% % 25% 39% 29% 32% 41 respondents Finance Public Industry & Services Contain the attack and prevent expansion of the compromised set of IT assets Prevent recurrence of similar incidents Reduce time to recover to normal activity to preserve business activities Improve cybersecurity awareness and internal culture 44% 49% 57% 54% 63% 39% 56% 51% 43% 57% 43% 46% 31% 61%37% 51% 12% Preparation Detection Analysis Containment Eradication Recovery Post-incident Comm. 37% 69% Is there a cybersecurity incident management strategy in place? No such strategy Strategy in place Strategy under development “Due to the globalization and industrialization of the threats, only a global approach can be effective„ EXPERT ADVICE IS YOUR STRATEGY ALREADY OBSOLETE OR LIMITED? MAIN OBJECTIVES 53% 3 60% 2 Lack of internal skills  Priority is given to other (business) activities 100% 1 ALL THE RESPONDENTS CONSIDER THEY CAN RELY ON SKILLED CYBERSECURITY EXPERTS IN LUXEMBOURG. 37% 27% 44% 56% 22% During the last 12 MONTHS Operations ReputationLegal & regulatory Less than 6 (once every two months o Between 6 & 12 (once a month or less) More than 12 (more than once a month None Morethan500people Between100&500people Lessthan100people 36% 46% 17% 14% 4% 49% 57% 54% AFTER12MONTHS 63% 39% 6% 51% 43% 57% 43% 46% 31% 61%37% 54% 50% 25% 66%34% 1 2 Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% aration Detection Analysis Containment Eradication Recovery Post-incident Comm. & PR 69% 1 23 BIGGEST OBSTACLES FOR ADOPTING AN EFFICIENT CYBERSECURITY INCIDENT MANAGEMENT STRATEGY ABOUT CYBERSECURITY INCIDENT RESPONSE STRATEGY Incident response procedures are not systematically tested 66% 51% 44% Incident Response Proceduresinplace Incident Management Strategyinplace Incident Response Procedurestested 61% Incident Response Strategyinplace TO ENSURE THE CONTINUITY OF THEIR ACTIVITIES, COMPANIES PRIORITIZE ACTION AND RESPONSE TO INCIDENTS MORE THAN THEIR GLOBAL SECURITY STRATEGY. 33% have tested their procedures during a real crisis 67% have tested their procedures during a crisis simulation THE TEST MODES VARY: “Trust does not exclude control. Preparation, sensitization and testing of the teams and the whole ICT chain during crisis simulation exercises are key to systematize the right reflex to be followed in case of a real incident„ EXPERT ADVICE Mapping the incident management strategy with business objectives is key to get support from top-management Investments scheduled for the coming year reflect a shift in cybersecurity incident management practices CURRENT PRACTICES vs PRIORITIES FOR THE NEXT 12 MONTHS Defensive 79% 39% Detective 54% 63% Reactive 46% 15% Preventive 41% 56% Proactive 33% 76% Offensive 21% 20% Compliance 23% 32% Current Next 12 months Current Next 12 months WANT TO KNOW MORE? GET IN TOUCH WITH OUR CYBERSECURITY EXPERTS CYBERSECURITY@TELINDUS.LU Containattacks andpreventexpansion (100%oftherespondents) Prevent recurrence of similar incidents Prevent recurrence of similar incidents (100%oftherespondents) Prevent recurrence of similar incidents Reduce time to recover business activities Reduce time to recover business activities Improve cybersecurity awareness & internal culture Contain attacks and prevent expansion Contain attacks and prevent expansion 61% NO INFORMATION TO SHARE? Companies deplore the lack of human, technical or time capabilities to collect and share data. The large amount of data available often makes the selection of the most meaningful indicators a difficult task. CONSTRAINTS OF THE COMPLIANCE FRAMEWORK The legal & regulatory framework doesn’t allow to share information with third parties. The risk of information leakage is considered too high. LACK OF TIME TO PROCESS OR TO CONTRIBUTE WITH INDICATORS Focus is set on delivering business activities. 68% 66% Based on a survey conducted from May 5th to June 15th , 2019. Profile of respondents: CISO, ISO, RSSI, IT Manager. SPONSORED BY 59%63%88% ABOUT CYBERSECURITY INCIDENT MANAGEMENT ifYES ifNO Lack of management support “The expected transition from a reactive & defensive to a more proactive approach reflects the concern for a better cost management. Good practices in a nutshell: Threat hunting, a proactive cyber defence strategy, is a pre-requisite! Investing in a Security Operations Center to better detect fraudulent operations is a must. Raising employees’ awareness remains the first priority„ EXPERT ADVICE Strategy, Risk & Consultancy Security Awareness Security Infrastructure Managed Security Services Security Operations Center (SOC) Path to an efficient Cybersecurity Strategy CSIRT / CERT Incident Response, Crisis Management, Forensics Re active Secur ity Ethical Hacking Off ensive Secur ity Pre ventive Secu rity Def ensive Secu rity Det ective Secu rity Pro active Secu rity Threat hunting & Cyber Deception “An incident management strategy must be supported by a solid lessons learned process, as well as by a global threat intelligence and analysis of the information made available worldwide.„ Surprising to note that 22% of the respondents declares they didn’t faced any incident. € € € TELINDUS CYBERSECURITY SURVEY 2019

Recommended

Telindus cybersecurity survey_report
Telindus cybersecurity survey_reportTelindus cybersecurity survey_report
Telindus cybersecurity survey_reportValentinGarcia32
 
CAPP Conference Survey
CAPP Conference SurveyCAPP Conference Survey
CAPP Conference SurveyCynergisTek, Inc.
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience InsuranceAccenture Insurance
 
2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study RoadshowScalar Decisions
 
Unlocking High Fidelity Security
Unlocking High Fidelity SecurityUnlocking High Fidelity Security
Unlocking High Fidelity SecurityEnterprise Management Associates
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Marcello Marchesini
 
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...CMR WORLD TECH
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSilicon Valley Bank
 

Recommended

Telindus cybersecurity survey_report
Telindus cybersecurity survey_reportTelindus cybersecurity survey_report
Telindus cybersecurity survey_reportValentinGarcia32
 
CAPP Conference Survey
CAPP Conference SurveyCAPP Conference Survey
CAPP Conference SurveyCynergisTek, Inc.
 
2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience Insurance2018 State of Cyber Resilience Insurance
2018 State of Cyber Resilience InsuranceAccenture Insurance
 
2016 Scalar Security Study Roadshow
2016 Scalar Security Study Roadshow2016 Scalar Security Study Roadshow
2016 Scalar Security Study RoadshowScalar Decisions
 
Unlocking High Fidelity Security
Unlocking High Fidelity SecurityUnlocking High Fidelity Security
Unlocking High Fidelity SecurityEnterprise Management Associates
 
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -
Ponemon report : 'Critical Infrastructure: Security Preparedness and Maturity -Marcello Marchesini
 
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...Sans survey - maturing - specializing-incident-response-capabilities-needed-p...
Sans survey - maturing - specializing-incident-response-capabilities-needed-p...CMR WORLD TECH
 
SVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSVB Cybersecurity Impact on Innovation Report - Overview
SVB Cybersecurity Impact on Innovation Report - OverviewSilicon Valley Bank
 
Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSilicon Valley Bank
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Hewlett Packard Enterprise Business Value Exchange
 
Impact of COVID-19 [Infographic]
Impact of COVID-19 [Infographic]Impact of COVID-19 [Infographic]
Impact of COVID-19 [Infographic]IDG
 
APNIC 2018 Survey Results
APNIC 2018 Survey ResultsAPNIC 2018 Survey Results
APNIC 2018 Survey ResultsAPNIC
 
Etude PwC sécurité de l’information et protection des données (2014)
Etude PwC sécurité de l’information et protection des données (2014)Etude PwC sécurité de l’information et protection des données (2014)
Etude PwC sécurité de l’information et protection des données (2014)PwC France
 
Survey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSurvey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSolarWinds
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
2018 U.S State of Cybercrime
2018 U.S State of Cybercrime2018 U.S State of Cybercrime
2018 U.S State of CybercrimeIDG
 
Improving Security Metrics
Improving Security MetricsImproving Security Metrics
Improving Security MetricsDoug Copley
 
Ernst & Young visuals security survey 2012
Ernst & Young visuals security survey 2012Ernst & Young visuals security survey 2012
Ernst & Young visuals security survey 2012Advent IM Ltd
 
P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19National Retail Federation
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
The Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to LeaderThe Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to LeaderAccenture Insurance
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Jeremiah Grossman
 
Are Your Cyber Defenses Strong Enough?
Are Your Cyber Defenses Strong Enough?Are Your Cyber Defenses Strong Enough?
Are Your Cyber Defenses Strong Enough?Cygilant
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
EMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-SecurityEMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-SecurityEnterprise Management Associates
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDoug Copley
 
Why a Unified Approach to Critical Event Management Improves Operational Resi...
Why a Unified Approach to Critical Event Management Improves Operational Resi...Why a Unified Approach to Critical Event Management Improves Operational Resi...
Why a Unified Approach to Critical Event Management Improves Operational Resi...Doreen Loeber
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataBluelock
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataKayla Catron
 

More Related Content

What's hot

Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyScalar Decisions
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSilicon Valley Bank
 
Impact of COVID-19 [Infographic]
Impact of COVID-19 [Infographic]Impact of COVID-19 [Infographic]
Impact of COVID-19 [Infographic]IDG
 
APNIC 2018 Survey Results
APNIC 2018 Survey ResultsAPNIC 2018 Survey Results
APNIC 2018 Survey ResultsAPNIC
 
Etude PwC sécurité de l’information et protection des données (2014)
Etude PwC sécurité de l’information et protection des données (2014)Etude PwC sécurité de l’information et protection des données (2014)
Etude PwC sécurité de l’information et protection des données (2014)PwC France
 
Survey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSurvey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSolarWinds
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
2018 U.S State of Cybercrime
2018 U.S State of Cybercrime2018 U.S State of Cybercrime
2018 U.S State of CybercrimeIDG
 
Improving Security Metrics
Improving Security MetricsImproving Security Metrics
Improving Security MetricsDoug Copley
 
Ernst & Young visuals security survey 2012
Ernst & Young visuals security survey 2012Ernst & Young visuals security survey 2012
Ernst & Young visuals security survey 2012Advent IM Ltd
 
P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19National Retail Federation
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
The Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to LeaderThe Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to LeaderAccenture Insurance
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Jeremiah Grossman
 
Are Your Cyber Defenses Strong Enough?
Are Your Cyber Defenses Strong Enough?Are Your Cyber Defenses Strong Enough?
Are Your Cyber Defenses Strong Enough?Cygilant
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseThe Economist Media Businesses
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDoug Copley
 
Why a Unified Approach to Critical Event Management Improves Operational Resi...
Why a Unified Approach to Critical Event Management Improves Operational Resi...Why a Unified Approach to Critical Event Management Improves Operational Resi...
Why a Unified Approach to Critical Event Management Improves Operational Resi...Doreen Loeber
 

What's hot (20)

Executive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security StudyExecutive Summary of the 2016 Scalar Security Study
Executive Summary of the 2016 Scalar Security Study
 
SVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation ReportSVB Cybersecurity Impact on Innovation Report
SVB Cybersecurity Impact on Innovation Report
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
Impact of COVID-19 [Infographic]
Impact of COVID-19 [Infographic]Impact of COVID-19 [Infographic]
Impact of COVID-19 [Infographic]
 
APNIC 2018 Survey Results
APNIC 2018 Survey ResultsAPNIC 2018 Survey Results
APNIC 2018 Survey Results
 
Etude PwC sécurité de l’information et protection des données (2014)
Etude PwC sécurité de l’information et protection des données (2014)Etude PwC sécurité de l’information et protection des données (2014)
Etude PwC sécurité de l’information et protection des données (2014)
 
Survey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSurvey: Security Analytics and Intelligence
Survey: Security Analytics and Intelligence
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
2018 U.S State of Cybercrime
2018 U.S State of Cybercrime2018 U.S State of Cybercrime
2018 U.S State of Cybercrime
 
Improving Security Metrics
Improving Security MetricsImproving Security Metrics
Improving Security Metrics
 
Ernst & Young visuals security survey 2012
Ernst & Young visuals security survey 2012Ernst & Young visuals security survey 2012
Ernst & Young visuals security survey 2012
 
P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19P19 nrss final presentation with audience results_6.26.19
P19 nrss final presentation with audience results_6.26.19
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
The Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to LeaderThe Cyber Security Leap: From Laggard to Leader
The Cyber Security Leap: From Laggard to Leader
 
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
Where Flow Charts Don’t Go -- Website Security Statistics Report (2015)
 
Are Your Cyber Defenses Strong Enough?
Are Your Cyber Defenses Strong Enough?Are Your Cyber Defenses Strong Enough?
Are Your Cyber Defenses Strong Enough?
 
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterpriseData security: How a proactive C-suite can reduce cyber-risk for the enterprise
Data security: How a proactive C-suite can reduce cyber-risk for the enterprise
 
EMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-SecurityEMA Megatrends in Cyber-Security
EMA Megatrends in Cyber-Security
 
Demonstrating Information Security Program Effectiveness
Demonstrating Information Security Program EffectivenessDemonstrating Information Security Program Effectiveness
Demonstrating Information Security Program Effectiveness
 
Why a Unified Approach to Critical Event Management Improves Operational Resi...
Why a Unified Approach to Critical Event Management Improves Operational Resi...Why a Unified Approach to Critical Event Management Improves Operational Resi...
Why a Unified Approach to Critical Event Management Improves Operational Resi...
 

Similar to Telindus cybersecurity survey_report_2019

Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataBluelock
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataKayla Catron
 
The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016Accenture Operations
 
VIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksVIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksAbhishek Sood
 
Cyber_security_survey201415_2
Cyber_security_survey201415_2Cyber_security_survey201415_2
Cyber_security_survey201415_2Stephanie Crates
 
2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcare2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcareaccenture
 
A Report on Cybersecurity
A Report on CybersecurityA Report on Cybersecurity
A Report on CybersecurityPulse Q&A
 
State of the CSO 2015
State of the CSO 2015State of the CSO 2015
State of the CSO 2015IDG
 
CompTIA IT Skills Gap 2017
CompTIA IT Skills Gap 2017CompTIA IT Skills Gap 2017
CompTIA IT Skills Gap 2017CompTIA
 
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...SolarWinds
 
2015 Corporate general counsel survey results
2015 Corporate general counsel survey results2015 Corporate general counsel survey results
2015 Corporate general counsel survey resultsGrant Thornton LLP
 
Are You in Touch with Your Innovative Side?
Are You in Touch with Your Innovative Side?Are You in Touch with Your Innovative Side?
Are You in Touch with Your Innovative Side?FIS
 
Lets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixLets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixFixNix Inc.,
 
Is Bimodal IT Dead? July 2017
Is Bimodal IT Dead? July 2017Is Bimodal IT Dead? July 2017
Is Bimodal IT Dead? July 2017Pulse Q&A
 
The shrink story by the numbers 25 years and counting
The shrink story by the numbers 25 years and countingThe shrink story by the numbers 25 years and counting
The shrink story by the numbers 25 years and countingNational Retail Federation
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Rahul Neel Mani
 

Similar to Telindus cybersecurity survey_report_2019 (20)

Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive Data
 
Legal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive DataLegal Firms and the Struggle to Protect Sensitive Data
Legal Firms and the Struggle to Protect Sensitive Data
 
The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016The State of Cybersecurity and Digital Trust 2016
The State of Cybersecurity and Digital Trust 2016
 
VIPRE --Responding to Cyberattacks
VIPRE --Responding to CyberattacksVIPRE --Responding to Cyberattacks
VIPRE --Responding to Cyberattacks
 
Cyber_security_survey201415_2
Cyber_security_survey201415_2Cyber_security_survey201415_2
Cyber_security_survey201415_2
 
2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcare2018 State of Cyber Reslience in Healthcare
2018 State of Cyber Reslience in Healthcare
 
Survey compliance
Survey complianceSurvey compliance
Survey compliance
 
A Report on Cybersecurity
A Report on CybersecurityA Report on Cybersecurity
A Report on Cybersecurity
 
State of the CSO 2015
State of the CSO 2015State of the CSO 2015
State of the CSO 2015
 
2015 LexisNexis® Fraud Mitigation Study
2015 LexisNexis® Fraud Mitigation Study2015 LexisNexis® Fraud Mitigation Study
2015 LexisNexis® Fraud Mitigation Study
 
CompTIA IT Skills Gap 2017
CompTIA IT Skills Gap 2017CompTIA IT Skills Gap 2017
CompTIA IT Skills Gap 2017
 
How boards can lead the cyber-resilient organisation
How boards can lead the cyber-resilient organisation How boards can lead the cyber-resilient organisation
How boards can lead the cyber-resilient organisation
 
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
 
1530 track1 rosenbaum
1530 track1 rosenbaum1530 track1 rosenbaum
1530 track1 rosenbaum
 
2015 Corporate general counsel survey results
2015 Corporate general counsel survey results2015 Corporate general counsel survey results
2015 Corporate general counsel survey results
 
Are You in Touch with Your Innovative Side?
Are You in Touch with Your Innovative Side?Are You in Touch with Your Innovative Side?
Are You in Touch with Your Innovative Side?
 
Lets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixLets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNix
 
Is Bimodal IT Dead? July 2017
Is Bimodal IT Dead? July 2017Is Bimodal IT Dead? July 2017
Is Bimodal IT Dead? July 2017
 
The shrink story by the numbers 25 years and counting
The shrink story by the numbers 25 years and countingThe shrink story by the numbers 25 years and counting
The shrink story by the numbers 25 years and counting
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
 

Recently uploaded

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Telindus cybersecurity survey_report_2019

  • 1. 000100 IDENTIFICATION DIVISION. 000200 PROGRAM-ID. HELLOWORLD. 000300 000400* 000500 ENVIRONMENT DIVISION. 000600 CONFIGURATION SECTION. 000700 SOURCE-COMPUTER. RM-COBOL. 000800 OBJECT-COMPUTER. RM-COBOL. 000900 001000 DATA DIVISION. 001100 FILE SECTION. Morethan500people Between100&500people Lessthan100people 36% 27% 37% 41 respondents Public 29% Finance 32% Industry & Services 39% Morethan500people Between100&500people Lessthan100people36% 27% 37% 41 respondents Public 29% Finance 32% Industry & Services 39% ECONOMIC SECTORS COMPANY SIZE 37% 27% Morethan500people Between100&500people Lessthan100people 36% 54% AFTER12MONTHS 63% 39%57% 43% 46% 31% 61%37% Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% Containment Eradication Recovery Post-incident Comm. & PR 69% 1 23 37% 27% 56% Ope Morethan500people Between100&500people Lessthan100people 36% AFTER12MONTHS 34% Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% 1 23 37% 27% Morethan500people Between100&500people Lessthan100people 36% AFTER12MONTHS 63% 39% 61%37% Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% Post-incident Comm. & PR 1 23 84% of respondents faced social engineering attacks Main causes of incidents Luxembourg-based companies reveal how they manage their cybersecurity incidents… Let’s review the main pitfalls to avoid and the good practices you should implement to preserve your business! Impacts of a security breach “Integrating cybersecurity into business decisions is the key to an effective strategy„ EXPERT ADVICE telindus.lu 48% of respondents faced human errors What are the obstacles for information sharing? ABOUT CYBERSECURITY INCIDENTS 78% of companies report they had to manage at least one incident over the past year Public 83% Finance 54% Industry & Services 94% 19% of respondents faced external technical attacks and hacking Self-assessment of level of confidence in respondent’s own capabilities “Confidence in detection capabilities is currently low. However a shift is expected to occur soon as the improvement of detection capabilities is listed as the 2nd most important priority for the coming year„ Lessthan100people 36% 44% 49% 57% 54% 63% 39% 56% 51% 43% 57% 43% 46% 31% 61%37% Preparation Detection Analysis Containment Eradication Recovery Post-incident Comm. & PR 69% “Knowing and monitoring your vulnerabilities is the first step towards remediation. They have to be identified before attackers discover and use them against you„ EXPERT ADVICE ARE ALL MEANS USED TO DETECT INCIDENTS? ‘’Financialimpactsanddirectlossofrevenuearethethirdmost important concerns for the financial and industrial sectors.’’ Financial impacts are unknown to 17% of respondents. 44% 56% 22% During the last 12 MONTHS Operations ReputationLegal & regulatory Less than 6 (once every two months or less) Between 6 & 12 (once a month or less) More than 12 (more than once a month) None 46% 17% 14% 54% 50% 25% 66%34% 1 2 44% 56% 22% During the last 12 MONTHS Operations ReputationLegal & regulatory Less than 6 (once every two months or less) Between 6 & 12 (once a month or less) More than 12 (more than once a month) None 46% 17% 14% 54% 50% 25% 66%34% 1 2 2% Reputationlatory Less than 6 (once every two months or less) Between 6 & 12 (once a month or less) More than 12 (more than once a month) None 17% 14% % 25% 39% 29% 32% 41 respondents Finance Public Industry & Services Contain the attack and prevent expansion of the compromised set of IT assets Prevent recurrence of similar incidents Reduce time to recover to normal activity to preserve business activities Improve cybersecurity awareness and internal culture 44% 49% 57% 54% 63% 39% 56% 51% 43% 57% 43% 46% 31% 61%37% 51% 12% Preparation Detection Analysis Containment Eradication Recovery Post-incident Comm. 37% 69% Is there a cybersecurity incident management strategy in place? No such strategy Strategy in place Strategy under development “Due to the globalization and industrialization of the threats, only a global approach can be effective„ EXPERT ADVICE IS YOUR STRATEGY ALREADY OBSOLETE OR LIMITED? MAIN OBJECTIVES 53% 3 60% 2 Lack of internal skills  Priority is given to other (business) activities 100% 1 ALL THE RESPONDENTS CONSIDER THEY CAN RELY ON SKILLED CYBERSECURITY EXPERTS IN LUXEMBOURG. 37% 27% 44% 56% 22% During the last 12 MONTHS Operations ReputationLegal & regulatory Less than 6 (once every two months o Between 6 & 12 (once a month or less) More than 12 (more than once a month None Morethan500people Between100&500people Lessthan100people 36% 46% 17% 14% 4% 49% 57% 54% AFTER12MONTHS 63% 39% 6% 51% 43% 57% 43% 46% 31% 61%37% 54% 50% 25% 66%34% 1 2 Defense Detection Reactive Preventive Proactive Compliance Offensive 79% 39% 40% 9% 9% 1%31% 15% 43% 54% 46% 41% 33% 23% 21% 15% 32% 20% 63% 56% 76% aration Detection Analysis Containment Eradication Recovery Post-incident Comm. & PR 69% 1 23 BIGGEST OBSTACLES FOR ADOPTING AN EFFICIENT CYBERSECURITY INCIDENT MANAGEMENT STRATEGY ABOUT CYBERSECURITY INCIDENT RESPONSE STRATEGY Incident response procedures are not systematically tested 66% 51% 44% Incident Response Proceduresinplace Incident Management Strategyinplace Incident Response Procedurestested 61% Incident Response Strategyinplace TO ENSURE THE CONTINUITY OF THEIR ACTIVITIES, COMPANIES PRIORITIZE ACTION AND RESPONSE TO INCIDENTS MORE THAN THEIR GLOBAL SECURITY STRATEGY. 33% have tested their procedures during a real crisis 67% have tested their procedures during a crisis simulation THE TEST MODES VARY: “Trust does not exclude control. Preparation, sensitization and testing of the teams and the whole ICT chain during crisis simulation exercises are key to systematize the right reflex to be followed in case of a real incident„ EXPERT ADVICE Mapping the incident management strategy with business objectives is key to get support from top-management Investments scheduled for the coming year reflect a shift in cybersecurity incident management practices CURRENT PRACTICES vs PRIORITIES FOR THE NEXT 12 MONTHS Defensive 79% 39% Detective 54% 63% Reactive 46% 15% Preventive 41% 56% Proactive 33% 76% Offensive 21% 20% Compliance 23% 32% Current Next 12 months Current Next 12 months WANT TO KNOW MORE? GET IN TOUCH WITH OUR CYBERSECURITY EXPERTS CYBERSECURITY@TELINDUS.LU Containattacks andpreventexpansion (100%oftherespondents) Prevent recurrence of similar incidents Prevent recurrence of similar incidents (100%oftherespondents) Prevent recurrence of similar incidents Reduce time to recover business activities Reduce time to recover business activities Improve cybersecurity awareness & internal culture Contain attacks and prevent expansion Contain attacks and prevent expansion 61% NO INFORMATION TO SHARE? Companies deplore the lack of human, technical or time capabilities to collect and share data. The large amount of data available often makes the selection of the most meaningful indicators a difficult task. CONSTRAINTS OF THE COMPLIANCE FRAMEWORK The legal & regulatory framework doesn’t allow to share information with third parties. The risk of information leakage is considered too high. LACK OF TIME TO PROCESS OR TO CONTRIBUTE WITH INDICATORS Focus is set on delivering business activities. 68% 66% Based on a survey conducted from May 5th to June 15th , 2019. Profile of respondents: CISO, ISO, RSSI, IT Manager. SPONSORED BY 59%63%88% ABOUT CYBERSECURITY INCIDENT MANAGEMENT ifYES ifNO Lack of management support “The expected transition from a reactive & defensive to a more proactive approach reflects the concern for a better cost management. Good practices in a nutshell: Threat hunting, a proactive cyber defence strategy, is a pre-requisite! Investing in a Security Operations Center to better detect fraudulent operations is a must. Raising employees’ awareness remains the first priority„ EXPERT ADVICE Strategy, Risk & Consultancy Security Awareness Security Infrastructure Managed Security Services Security Operations Center (SOC) Path to an efficient Cybersecurity Strategy CSIRT / CERT Incident Response, Crisis Management, Forensics Re active Secur ity Ethical Hacking Off ensive Secur ity Pre ventive Secu rity Def ensive Secu rity Det ective Secu rity Pro active Secu rity Threat hunting & Cyber Deception “An incident management strategy must be supported by a solid lessons learned process, as well as by a global threat intelligence and analysis of the information made available worldwide.„ Surprising to note that 22% of the respondents declares they didn’t faced any incident. € € € TELINDUS CYBERSECURITY SURVEY 2019