SlideShare a Scribd company logo

Ponemon Report: When Trust Online Breaks, Businesses Lose Customers

Venafi
Venafi

Ponemon Report Reveals Businesses Are Losing Customers Due to Unprotected Keys and Certificates

Technology
1 of 12
Download to read offline
WHEN TRUST ONLINE BREAKS, BUSINESSES LOSE CUSTOMERS The damaging impacts on global business from unprotected cryptographic keys and digital certificates Includes unpublished data from the survey conducted for the March 2015 Ponemon report, 2015 Cost of Failed Trust Report: Trust Online is at the Breaking Point. 1. Ponemon Institute. 2015 Cost of Failed Trust Report: Trust Online is at the Breaking Point. 2015. 1
NEARLY 2/3 OF BUSINESSES ADMIT TO LOSING CUSTOMERS These businesses lost customers within the last 2 years because they failed to secure the online trust established by keys and certificates. UNPROTECTED KEYS AND CERTIFICATES HAVE SEVERE IMPACTS ON BUSINESS
CRITICAL SYSTEMS FAILED Globally an average of over 2 business systems per organization stopped working over the last 2 years due to certificate-related outages. LOSING$15MGLOBALPEROUTAGE Security pros estimate this as the average impact per unplanned outage. App £ $ € EXPIRED UNPROTECTED KEYS AND CERTIFICATES HAVE SEVERE IMPACTS ON BUSINESS
AUDITORS ARE CLAMPING DOWN Over the last 2 years, every business has failed at least 1 SSL/TLS audit and at least 1 SSH audit. SYMPTOMS OF LARGER SECURITY ISSUES These certificate-related outages and failed audits reveal underlying security vulnerabilities—if you can’t manage your keys and certificates, you can’t secure and protect them. UNPROTECTED KEYS AND CERTIFICATES HAVE SEVERE IMPACTS ON BUSINESS
SECURITY RISK DWARFS AVAILABILITY AND COMPLIANCE RISK Total risk per organization over the next 2 years $7.2M Combined availability and compliance risk $53M Risk of attack using keys and certificates Risk = Probability of attack x total impact WHAT’S THE RESULT?
2. Stamos, Alex, et al. Blackhat USA 2013. Preparing for the Cryptopocalypse. July 2013. $20M CRYPTOAPOCALYPSE IS THE BIGGEST SECURITY RISK Cryptoapocalypse: a discovered cryptographic weakness that becomes the ultimate weapon, allowing websites, payment transactions, stock trades, and governments to be spoofed or surveilled (term was coined by researchers presenting their findings at Black Hat 2013).2 WHAT’S THE RESULT?
2,394 RESPONDENTS IT Security Professionals Australia 336France 339 Germany 574 UK 499 United States 646 WHO DID WE ASK?
TOP 5 INDUSTRIES Represented Financial Services 17% Government 11% Professional Services 8% Consumer Products 7% Retail 7% 59% OF COMPANIES Have 5,000 or more employees WHO DID WE ASK?
1. Stamos, Alex, et al. Blackhat USA 2013. Preparing for the Cryptopocalypse. July 2013. They don’t know how many keys and certificates they have, where they are used, or who owns them. 54% LACK POLICY ENFORCEMENT AND REMEDIATION They can’t secure the entire key and certificate lifecycle. 54% LACK VISIBILITY COMMON CHALLENGES THAT LEAD TO UNPROTECTED KEYS AND CERTIFICATES
THE IMMUNE SYSTEM FOR THE INTERNET™ Organizations need to protect their keys and certificates with an immune system for the cyber realm: • Constantly assess which keys and certificates are trusted • Protect those that should be trusted • Fix or block those that are not HOW BUSINESSES REDUCE THESE RISKS
Know what’s being used: find all keys and certificates. Establish what should be trusted: enforce policy, automate security. 1 2 Always know what’s trusted, what’s not: continuously monitor, check reputation for all. Remediate what’s not trusted: fix and replace vulnerable keys and certificates. 3 4 ACTION PLAN HOW BUSINESSES REDUCE THESE RISKS
Secure the trust established by keys and certificates. Find out more in the report, 2015 Cost of Failed Trust Report: When Trust Online Breaks, Businesses Lose Customers. Venafi.com/BrokenTrust Contact Venafi to discover your risk exposure. Venafi.com/contact Unprotected keys and certificates are jeopardizing the digital trust which underpins most of the world’s economy:

Recommended

Trust Online is at the Breaking Point
Trust Online is at the Breaking PointTrust Online is at the Breaking Point
Trust Online is at the Breaking PointVenafi
 
Verizon DBIR 2021
Verizon DBIR 2021Verizon DBIR 2021
Verizon DBIR 2021SOCRadar Inc
 
State of Security
State of SecurityState of Security
State of Security- Mark - Fullbright
 
Infographic: The crippled state of network security
Infographic: The crippled state of network securityInfographic: The crippled state of network security
Infographic: The crippled state of network securityGreat Bay Software
 
On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018Cloudflare
 
The only way to survive is to automate your SOC
The only way to survive is to automate your SOCThe only way to survive is to automate your SOC
The only way to survive is to automate your SOCRoberto Sponchioni
 
Is your data safe Infographic by Symantec
Is your data safe Infographic by SymantecIs your data safe Infographic by Symantec
Is your data safe Infographic by SymantecCheapest SSLs
 
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...SBWebinars
 

Recommended

Trust Online is at the Breaking Point
Trust Online is at the Breaking PointTrust Online is at the Breaking Point
Trust Online is at the Breaking PointVenafi
 
Verizon DBIR 2021
Verizon DBIR 2021Verizon DBIR 2021
Verizon DBIR 2021SOCRadar Inc
 
State of Security
State of SecurityState of Security
State of Security- Mark - Fullbright
 
Infographic: The crippled state of network security
Infographic: The crippled state of network securityInfographic: The crippled state of network security
Infographic: The crippled state of network securityGreat Bay Software
 
On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018On the Bleeding Edge: 8 Predictions for the Internet in 2018
On the Bleeding Edge: 8 Predictions for the Internet in 2018Cloudflare
 
The only way to survive is to automate your SOC
The only way to survive is to automate your SOCThe only way to survive is to automate your SOC
The only way to survive is to automate your SOCRoberto Sponchioni
 
Is your data safe Infographic by Symantec
Is your data safe Infographic by SymantecIs your data safe Infographic by Symantec
Is your data safe Infographic by SymantecCheapest SSLs
 
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...
2018 Black Hat Hacker Survey Report: What Hackers Really Think About Your Cyb...SBWebinars
 
Identity Protection for the Digital Age
Identity Protection for the Digital AgeIdentity Protection for the Digital Age
Identity Protection for the Digital AgeIntel IT Center
 
State of cybersecurity report 2020- Post Covid 19
State of cybersecurity report 2020- Post Covid 19State of cybersecurity report 2020- Post Covid 19
State of cybersecurity report 2020- Post Covid 19HarryJake1
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
How secure is your enterprise from threats?
How secure is your enterprise from threats? How secure is your enterprise from threats?
How secure is your enterprise from threats? IBM Analytics
 
Be An IT Hero - 10 Reasons to Move to the Cloud
Be An IT Hero - 10 Reasons to Move to the CloudBe An IT Hero - 10 Reasons to Move to the Cloud
Be An IT Hero - 10 Reasons to Move to the CloudUS Medical IT
 
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?Ping Identity
 
Cyber Risks & Liabilities - Sept/Oct 2017
Cyber Risks & Liabilities - Sept/Oct 2017Cyber Risks & Liabilities - Sept/Oct 2017
Cyber Risks & Liabilities - Sept/Oct 2017Gary Chambers
 
2019 State of Cyber Security Report
2019 State of Cyber Security Report2019 State of Cyber Security Report
2019 State of Cyber Security ReportMohamed Zaheer Husain
 
India Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchMehul Doshi
 
Proofpoint Understanding Email Fraud in 2018
Proofpoint Understanding Email Fraud in 2018 Proofpoint Understanding Email Fraud in 2018
Proofpoint Understanding Email Fraud in 2018 Proofpoint
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Entersoft Security
 
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...inSOC
 
Cyberattacks and Enterprise Risk Management
Cyberattacks and Enterprise Risk ManagementCyberattacks and Enterprise Risk Management
Cyberattacks and Enterprise Risk ManagementIvanti
 
2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&A2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&ANick Normile
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?Ankit Dua
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
How and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessHow and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessSendio
 
Daniel A
Daniel ADaniel A
Daniel AHilary Ip
 
Internet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceInternet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceMarian Merritt
 
Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Echoworx
 
Fraudsters Hackers & Thieves
Fraudsters Hackers & ThievesFraudsters Hackers & Thieves
Fraudsters Hackers & ThievesLorena Magee
 

More Related Content

What's hot

Identity Protection for the Digital Age
Identity Protection for the Digital AgeIdentity Protection for the Digital Age
Identity Protection for the Digital AgeIntel IT Center
 
State of cybersecurity report 2020- Post Covid 19
State of cybersecurity report 2020- Post Covid 19State of cybersecurity report 2020- Post Covid 19
State of cybersecurity report 2020- Post Covid 19HarryJake1
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
How secure is your enterprise from threats?
How secure is your enterprise from threats? How secure is your enterprise from threats?
How secure is your enterprise from threats? IBM Analytics
 
Be An IT Hero - 10 Reasons to Move to the Cloud
Be An IT Hero - 10 Reasons to Move to the CloudBe An IT Hero - 10 Reasons to Move to the Cloud
Be An IT Hero - 10 Reasons to Move to the CloudUS Medical IT
 
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?Ping Identity
 
Cyber Risks & Liabilities - Sept/Oct 2017
Cyber Risks & Liabilities - Sept/Oct 2017Cyber Risks & Liabilities - Sept/Oct 2017
Cyber Risks & Liabilities - Sept/Oct 2017Gary Chambers
 
India Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchMehul Doshi
 
Proofpoint Understanding Email Fraud in 2018
Proofpoint Understanding Email Fraud in 2018 Proofpoint Understanding Email Fraud in 2018
Proofpoint Understanding Email Fraud in 2018 Proofpoint
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Entersoft Security
 
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...inSOC
 
Cyberattacks and Enterprise Risk Management
Cyberattacks and Enterprise Risk ManagementCyberattacks and Enterprise Risk Management
Cyberattacks and Enterprise Risk ManagementIvanti
 
2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&A2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&ANick Normile
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?Ankit Dua
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage YearsJeremiah Grossman
 
How and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessHow and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessSendio
 
Internet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceInternet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceMarian Merritt
 

What's hot (20)

Identity Protection for the Digital Age
Identity Protection for the Digital AgeIdentity Protection for the Digital Age
Identity Protection for the Digital Age
 
State of cybersecurity report 2020- Post Covid 19
State of cybersecurity report 2020- Post Covid 19State of cybersecurity report 2020- Post Covid 19
State of cybersecurity report 2020- Post Covid 19
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
How secure is your enterprise from threats?
How secure is your enterprise from threats? How secure is your enterprise from threats?
How secure is your enterprise from threats?
 
Be An IT Hero - 10 Reasons to Move to the Cloud
Be An IT Hero - 10 Reasons to Move to the CloudBe An IT Hero - 10 Reasons to Move to the Cloud
Be An IT Hero - 10 Reasons to Move to the Cloud
 
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
 
Cyber Risks & Liabilities - Sept/Oct 2017
Cyber Risks & Liabilities - Sept/Oct 2017Cyber Risks & Liabilities - Sept/Oct 2017
Cyber Risks & Liabilities - Sept/Oct 2017
 
2019 State of Cyber Security Report
2019 State of Cyber Security Report2019 State of Cyber Security Report
2019 State of Cyber Security Report
 
India Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec ResearchIndia Threat Lanscape as per Symantec Research
India Threat Lanscape as per Symantec Research
 
Proofpoint Understanding Email Fraud in 2018
Proofpoint Understanding Email Fraud in 2018 Proofpoint Understanding Email Fraud in 2018
Proofpoint Understanding Email Fraud in 2018
 
Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018Fintech Cyber Security Survey Hong Knog 2018
Fintech Cyber Security Survey Hong Knog 2018
 
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
Implement Effective Cybersecurity Practices In 2021 With Top LA Prevention Re...
 
Cyberattacks and Enterprise Risk Management
Cyberattacks and Enterprise Risk ManagementCyberattacks and Enterprise Risk Management
Cyberattacks and Enterprise Risk Management
 
2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&A2014-15 Cybersecurity Venture Funding and M&A
2014-15 Cybersecurity Venture Funding and M&A
 
GDPR - are you ready?
GDPR - are you ready?GDPR - are you ready?
GDPR - are you ready?
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19
 
15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years15 Years of Web Security: The Rebellious Teenage Years
15 Years of Web Security: The Rebellious Teenage Years
 
How and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's BusinessHow and Why to Make Email Everyone's Business
How and Why to Make Email Everyone's Business
 
Daniel A
Daniel ADaniel A
Daniel A
 
Internet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the WorkplaceInternet Security: Protect the Personal; Defend the Workplace
Internet Security: Protect the Personal; Defend the Workplace
 

Similar to Ponemon Report: When Trust Online Breaks, Businesses Lose Customers

Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Echoworx
 
Fraudsters Hackers & Thieves
Fraudsters Hackers & ThievesFraudsters Hackers & Thieves
Fraudsters Hackers & ThievesLorena Magee
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketEMC
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014- Mark - Fullbright
 
User authentication-info-graphic
User authentication-info-graphicUser authentication-info-graphic
User authentication-info-graphicClickatell
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignStephanie Holman
 
TeleSign Consumer Account Security Report 2015 FINAL
TeleSign Consumer Account Security Report 2015 FINALTeleSign Consumer Account Security Report 2015 FINAL
TeleSign Consumer Account Security Report 2015 FINALPeggy Lawless
 
What Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersWhat Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersUnited Security Providers AG
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFERMA
 
2014 ota databreachguide4
2014 ota databreachguide42014 ota databreachguide4
2014 ota databreachguide4Meg Weber
 
Moving beyond passwords - Consumer attitudes on online authentication
Moving beyond passwords - Consumer attitudes on online authenticationMoving beyond passwords - Consumer attitudes on online authentication
Moving beyond passwords - Consumer attitudes on online authenticationBee_Ware
 
Ponemon 2015 EMEA Cyber Impact Report
Ponemon 2015 EMEA Cyber Impact Report Ponemon 2015 EMEA Cyber Impact Report
Ponemon 2015 EMEA Cyber Impact Report Graeme Cross
 
Online Identity Theft: Changing the Game
Online Identity Theft: Changing the GameOnline Identity Theft: Changing the Game
Online Identity Theft: Changing the Game- Mark - Fullbright
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?CA Technologies
 
Cybersecurity Compliance can Make or Break Your Business - DigiCert - Symantec
Cybersecurity Compliance can Make or Break Your Business - DigiCert - SymantecCybersecurity Compliance can Make or Break Your Business - DigiCert - Symantec
Cybersecurity Compliance can Make or Break Your Business - DigiCert - SymantecRapidSSLOnline.com
 
idBUSINESS Red Flag Rules Overview
idBUSINESS Red Flag Rules OverviewidBUSINESS Red Flag Rules Overview
idBUSINESS Red Flag Rules OverviewSteven Lane
 
Ict forensics and audit bb
Ict forensics and audit bbIct forensics and audit bb
Ict forensics and audit bbmarukanda
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysisxband
 

Similar to Ponemon Report: When Trust Online Breaks, Businesses Lose Customers (20)

Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!Fraudsters Hackers & Thieves!
Fraudsters Hackers & Thieves!
 
Fraudsters Hackers & Thieves
Fraudsters Hackers & ThievesFraudsters Hackers & Thieves
Fraudsters Hackers & Thieves
 
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) MarketAn Overview and Competitive Analysis of the One-Time Password (OTP) Market
An Overview and Competitive Analysis of the One-Time Password (OTP) Market
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014
 
User authentication-info-graphic
User authentication-info-graphicUser authentication-info-graphic
User authentication-info-graphic
 
IMC 618 - Public Relations Campaign
IMC 618 - Public Relations CampaignIMC 618 - Public Relations Campaign
IMC 618 - Public Relations Campaign
 
TeleSign Consumer Account Security Report 2015 FINAL
TeleSign Consumer Account Security Report 2015 FINALTeleSign Consumer Account Security Report 2015 FINAL
TeleSign Consumer Account Security Report 2015 FINAL
 
What Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security ProvidersWhat Cybercriminals Want: Company Data – by United Security Providers
What Cybercriminals Want: Company Data – by United Security Providers
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 
FORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for ITFORUM 2013 Cyber Risks - not just a domain for IT
FORUM 2013 Cyber Risks - not just a domain for IT
 
2014 ota databreachguide4
2014 ota databreachguide42014 ota databreachguide4
2014 ota databreachguide4
 
Moving beyond passwords - Consumer attitudes on online authentication
Moving beyond passwords - Consumer attitudes on online authenticationMoving beyond passwords - Consumer attitudes on online authentication
Moving beyond passwords - Consumer attitudes on online authentication
 
Ponemon 2015 EMEA Cyber Impact Report
Ponemon 2015 EMEA Cyber Impact Report Ponemon 2015 EMEA Cyber Impact Report
Ponemon 2015 EMEA Cyber Impact Report
 
Online Identity Theft: Changing the Game
Online Identity Theft: Changing the GameOnline Identity Theft: Changing the Game
Online Identity Theft: Changing the Game
 
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
Tech Talk: Isn’t One Authentication Mechanism z Systems Enough?
 
Cybersecurity Compliance can Make or Break Your Business - DigiCert - Symantec
Cybersecurity Compliance can Make or Break Your Business - DigiCert - SymantecCybersecurity Compliance can Make or Break Your Business - DigiCert - Symantec
Cybersecurity Compliance can Make or Break Your Business - DigiCert - Symantec
 
idBUSINESS Red Flag Rules Overview
idBUSINESS Red Flag Rules OverviewidBUSINESS Red Flag Rules Overview
idBUSINESS Red Flag Rules Overview
 
Ict forensics and audit bb
Ict forensics and audit bbIct forensics and audit bb
Ict forensics and audit bb
 
2015 cost of data breach study
2015 cost of data breach study2015 cost of data breach study
2015 cost of data breach study
 
2015 cost of data breach study global analysis
2015 cost of data breach study global analysis2015 cost of data breach study global analysis
2015 cost of data breach study global analysis
 

More from Venafi

Where Are My SSH Keys?
Where Are My SSH Keys?Where Are My SSH Keys?
Where Are My SSH Keys?Venafi
 
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?Venafi
 
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...Venafi
 
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security ControlsHow an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security ControlsVenafi
 
Breaching the NSA Graphic
Breaching the NSA GraphicBreaching the NSA Graphic
Breaching the NSA GraphicVenafi
 
Breaching the NSA
Breaching the NSABreaching the NSA
Breaching the NSAVenafi
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber AttacksVenafi
 
Ponemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and AttacksPonemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and AttacksVenafi
 
RSAC2013 CME Group case study
RSAC2013 CME Group case studyRSAC2013 CME Group case study
RSAC2013 CME Group case studyVenafi
 
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...Venafi
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersVenafi
 
What is-flame-miniflame
What is-flame-miniflameWhat is-flame-miniflame
What is-flame-miniflameVenafi
 

More from Venafi (12)

Where Are My SSH Keys?
Where Are My SSH Keys?Where Are My SSH Keys?
Where Are My SSH Keys?
 
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?When a Certificate Authority Fails, How Quickly Can You Restore Trust?
When a Certificate Authority Fails, How Quickly Can You Restore Trust?
 
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
SANS 20 Critical Security Control 17 Requirements for SSL/TLS Security and Ma...
 
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security ControlsHow an Attack by a Cyber-espionage Operator Bypassed Security Controls
How an Attack by a Cyber-espionage Operator Bypassed Security Controls
 
Breaching the NSA Graphic
Breaching the NSA GraphicBreaching the NSA Graphic
Breaching the NSA Graphic
 
Breaching the NSA
Breaching the NSABreaching the NSA
Breaching the NSA
 
The Evolution of Cyber Attacks
The Evolution of Cyber AttacksThe Evolution of Cyber Attacks
The Evolution of Cyber Attacks
 
Ponemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and AttacksPonemon - Cost of Failed Trust: Threats and Attacks
Ponemon - Cost of Failed Trust: Threats and Attacks
 
RSAC2013 CME Group case study
RSAC2013 CME Group case studyRSAC2013 CME Group case study
RSAC2013 CME Group case study
 
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...Four Must Know Certificate and Key Management Threats That Can Bring Down You...
Four Must Know Certificate and Key Management Threats That Can Bring Down You...
 
Five Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption DisastersFive Must Haves to Prevent Encryption Disasters
Five Must Haves to Prevent Encryption Disasters
 
What is-flame-miniflame
What is-flame-miniflameWhat is-flame-miniflame
What is-flame-miniflame
 

Recently uploaded

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 

Ponemon Report: When Trust Online Breaks, Businesses Lose Customers

  • 1. WHEN TRUST ONLINE BREAKS, BUSINESSES LOSE CUSTOMERS The damaging impacts on global business from unprotected cryptographic keys and digital certificates Includes unpublished data from the survey conducted for the March 2015 Ponemon report, 2015 Cost of Failed Trust Report: Trust Online is at the Breaking Point. 1. Ponemon Institute. 2015 Cost of Failed Trust Report: Trust Online is at the Breaking Point. 2015. 1
  • 2. NEARLY 2/3 OF BUSINESSES ADMIT TO LOSING CUSTOMERS These businesses lost customers within the last 2 years because they failed to secure the online trust established by keys and certificates. UNPROTECTED KEYS AND CERTIFICATES HAVE SEVERE IMPACTS ON BUSINESS
  • 3. CRITICAL SYSTEMS FAILED Globally an average of over 2 business systems per organization stopped working over the last 2 years due to certificate-related outages. LOSING$15MGLOBALPEROUTAGE Security pros estimate this as the average impact per unplanned outage. App £ $ € EXPIRED UNPROTECTED KEYS AND CERTIFICATES HAVE SEVERE IMPACTS ON BUSINESS
  • 4. AUDITORS ARE CLAMPING DOWN Over the last 2 years, every business has failed at least 1 SSL/TLS audit and at least 1 SSH audit. SYMPTOMS OF LARGER SECURITY ISSUES These certificate-related outages and failed audits reveal underlying security vulnerabilities—if you can’t manage your keys and certificates, you can’t secure and protect them. UNPROTECTED KEYS AND CERTIFICATES HAVE SEVERE IMPACTS ON BUSINESS
  • 5. SECURITY RISK DWARFS AVAILABILITY AND COMPLIANCE RISK Total risk per organization over the next 2 years $7.2M Combined availability and compliance risk $53M Risk of attack using keys and certificates Risk = Probability of attack x total impact WHAT’S THE RESULT?
  • 6. 2. Stamos, Alex, et al. Blackhat USA 2013. Preparing for the Cryptopocalypse. July 2013. $20M CRYPTOAPOCALYPSE IS THE BIGGEST SECURITY RISK Cryptoapocalypse: a discovered cryptographic weakness that becomes the ultimate weapon, allowing websites, payment transactions, stock trades, and governments to be spoofed or surveilled (term was coined by researchers presenting their findings at Black Hat 2013).2 WHAT’S THE RESULT?
  • 7. 2,394 RESPONDENTS IT Security Professionals Australia 336France 339 Germany 574 UK 499 United States 646 WHO DID WE ASK?
  • 9. 1. Stamos, Alex, et al. Blackhat USA 2013. Preparing for the Cryptopocalypse. July 2013. They don’t know how many keys and certificates they have, where they are used, or who owns them. 54% LACK POLICY ENFORCEMENT AND REMEDIATION They can’t secure the entire key and certificate lifecycle. 54% LACK VISIBILITY COMMON CHALLENGES THAT LEAD TO UNPROTECTED KEYS AND CERTIFICATES
  • 10. THE IMMUNE SYSTEM FOR THE INTERNET™ Organizations need to protect their keys and certificates with an immune system for the cyber realm: • Constantly assess which keys and certificates are trusted • Protect those that should be trusted • Fix or block those that are not HOW BUSINESSES REDUCE THESE RISKS
  • 11. Know what’s being used: find all keys and certificates. Establish what should be trusted: enforce policy, automate security. 1 2 Always know what’s trusted, what’s not: continuously monitor, check reputation for all. Remediate what’s not trusted: fix and replace vulnerable keys and certificates. 3 4 ACTION PLAN HOW BUSINESSES REDUCE THESE RISKS
  • 12. Secure the trust established by keys and certificates. Find out more in the report, 2015 Cost of Failed Trust Report: When Trust Online Breaks, Businesses Lose Customers. Venafi.com/BrokenTrust Contact Venafi to discover your risk exposure. Venafi.com/contact Unprotected keys and certificates are jeopardizing the digital trust which underpins most of the world’s economy: