Download as PDF, PPTX
Uploaded byPositive Hack Days
Information Security Incidents Survey in Russia
An information security survey was conducted among the top 100 companies in Russia in 2014. The survey found that all companies experienced information security incidents in 2013, with 58% affecting internal infrastructure availability. The most common threats were vulnerabilities allowing network perimeter hacking in 2 steps, with 82% of attacks being successful despite low attacker qualification. Unpatched software left 57% of systems vulnerable to critical vulnerabilities, and some updates took as long as 9 years to install.
More Related Content
Similar to Information Security Incidents Survey in Russia
![Vibe Coding vs. Spec-Driven Development [Free Meetup]](https://cdn.slidesharecdn.com/ss_thumbnails/vibecodingvsspecdrivendevelopment-251209105622-43f455e7-thumbnail.jpg?width=640&height=640&fit=bounds)
Information Security Incidents Survey in Russia
- 2. Information Security IncidentsSurvey in Russia
- 3. Survey among thelargest companies - Top 100 Number of company’s hosts Source: Posi,ve Research Center, Survey among CISOs of Top 100 companies, May 2014
- 4. Industries in theSurvey
- 5. Did you haveinformation security incidents in 2013? All the companies had such incidents. 58% of all incidents affected the availability of internal infrastructure or services.
- 6.
- 7. Which threats arethe most dangerous?
- 8. In fact … • 2 vulners – to hack a corporate network’s perimeter • 2 steps (2013) vs 3 steps (2012) • 82% successful aQack – low aQacker qualifica,on • 100% -‐ control cri,cal resources from internal network (83% -‐ 2012)
- 9.
- 10. In fact … • 57% system -‐ cri,cal vulnerabili,es (unpatched soWware) • 57% -‐ 2013 vs 45% -‐ 2012 • 32 month -‐ average age of uninstall updates • Absolute Champion – nine-‐year-‐old vulnerability (CVE-‐2004-‐0790)
- 11.