Information Security Incidents Survey in Russia

855 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
855
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
17
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Information Security Incidents Survey in Russia

  1. 1. Information Security Incidents Survey in Russia
  2. 2. Survey among the largest companies - Top 100 Number of company’s hosts Source:  Posi,ve  Research  Center,  Survey  among  CISOs  of  Top  100  companies,  May  2014    
  3. 3. Industries in the Survey
  4. 4. Did you have information security incidents in 2013? All  the  companies  had  such  incidents.   58%  of  all  incidents  affected  the  availability  of  internal  infrastructure  or  services.  
  5. 5. Incident types
  6. 6. Which threats are the most dangerous?
  7. 7. In fact … •  2  vulners    –  to  hack  a  corporate  network’s  perimeter   •  2  steps  (2013)            vs   3  steps  (2012)     •  82%  successful  aQack  –  low  aQacker  qualifica,on   •  100%  -­‐  control  cri,cal  resources  from  internal   network  (83%    -­‐  2012)  
  8. 8. Critical vulnerabilities fixing time
  9. 9. In fact … •  57%  system  -­‐  cri,cal  vulnerabili,es  (unpatched  soWware)   •  57%  -­‐  2013      vs   45%  -­‐  2012   •  32  month  -­‐  average  age  of  uninstall  updates       •  Absolute  Champion  –  nine-­‐year-­‐old  vulnerability  (CVE-­‐2004-­‐0790)  
  10. 10. First-priority problems

×