2014 BYOD and Mobile Security Survey Preliminary Results

•Download as PPTX, PDF•

1 like•800 views

The preliminary results are in - hear what more than 1,000 members of the Linkedin Infosec Community have to say about BYOD and mobile security challenges including what they are doing to combat mobile device risk and what solutions and security practices really work.

Technology News & Politics

PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
2014 BYOD & Mobile
Security Survey
Preliminary Results
Chris Merritt | Solution Marketing
June 10, 2014

Thanks
2
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
• Thanks to the members of the Information
Security Community group for participating in this survey;
to join this group, go to
http://www.linkedin.com/groups?gid=38412
• And special thanks to Holger Schulze for pulling this survey
together, getting the results published, and managing the
ISC group of over 211,000 members.

3
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
BYOD & Mobile Security Survey
• Online survey conducted in April / May 2014
• 1,122 respondents from the LinkedIn Information Security Community
Group
» Mostly in the Software & Internet sector, altho 8+ other industries represented
» Mostly in the IT Security and IT departments, altho 8+ other areas responded
» Mostly at the Managerial and Specialist levels, altho Consultants are heavily
represented, along with 4+ other job types represented
» Mostly in the 100 – 999 employee size, altho all organizational sizes from 10
thru 10,000 fairly evenly represented
• 2nd annual survey to explore today's goals and challenges of securing
mobile devices (BYOD or corporate-owned), looking at:
» Policy and technology preferences for securing mobility
» How organizations respond to security risks associated with mobile devices

5
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Setting the Stage I

6
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Setting the Stage II

7
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Setting the Stage III

8
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Measures Taken

9
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Mobile Security – Desires

10
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Mobile Security – Delivery

11
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
Mobile Security – Controls in Place

12
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
6%
11%
12% 12%
8%
12%
7%
11%
8%
5%
8%
0%
10%
20%
0 10 20 30 40 50 60 70 80 90 100
BYOD Readiness
low high
Averages
2014 = 46.53
2013 = 43.55

Free Device Scanner tool – discover all the
devices being used in your network
~/Resources/Security-Tools
More on BYOD issues and solutions in the
Lumension Optimal Security blog at
blog.lumension.com/tag/byod
More Information at www.lumension.com
13
More information on the Lumension MDM at
~/mobile-device-management-software
Get the 2013 BYOD Survey Report at
~/more-info/BYOD-and-Mobile-Security
PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

Global Headquarters
8660 E. Hartford Drive
Suite 300
Scottsdale, AZ 85250
1.888.725.7828
info@lumension.com

What's hot

Mobile Security for the Enterprise

Will Adams

Session 4 Enterprise Mobile Security

Santosh Satam

Application Security: What do we need to know?

Jose L. Quiñones-Borrero

IoT Systems provide powerful, flexible features for IT systems — tracking, monitoring, and other data sharing. Today’s IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isn’t as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. We’ll provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. We’ll also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.

Security Testing for IoT Systems

Security Innovation

IoT/M2M Security

Yu-Hsin Hung

Zero Trust

Boaz Shunami

Passwords and shared secrets are the #1 cause of breaches. But despite millions of dollars invested in authentication, your users still log in with passwords each day. Backed by Comcast, Mastercard and Samsung, the HYPR cloud platform is designed to eliminate passwords and shared secrets across the enterprise. By replacing passwords with Public Key Encryption, HYPR removes the hackers’ primary target - forcing them to attack each device individually. With HYPR, businesses are finally able to deploy Desktop MFA and Strong Customer Authentication to millions of users worldwide. Welcome to #ThePasswordlessCompany.

HYPR: The Leading Provider of True Passwordless Security®

HYPR

2012 12-04 --ncc_group_-_mobile_threat_war_room

NCC Group

Internet & iot security

Usman Anjum

IoT security

YashKesharwani2

2012 State of Mobile Survey Global Key Findings

Symantec

OWASP Mobile Security: Top 10 Risks for 2017

TecsyntSolutions

3 steps security

brightfire-slides

Secure SDLC in mobile software development.

Mykhailo Antonishyn

Chapter 4

NorazlinaAbdullah4

Deral Heiland CISSP, serves as a the Research Lead (IoT) for Rapid7. Deral has over 20 years of experience in the Information Technology field, and has held multiple positions including: Senior Network Analyst, Network Administrator, Database Manager, Financial Systems Manager and Senior Information Security Analyst. Over the last 10+ years Deral’s career has focused on security research, security assessments, penetration testing, and consulting for corporations and government agencies. Deral also has conducted security research on a numerous technical subjects, releasing white papers, security advisories, and has presented the information at numerous national and international security conferences including Blackhat, Defcon, Shmoocon, DerbyCon, RSAC, Hack In Paris. Deral has been interviewed by and quoted by several media outlets and publications including ABC World News Tonight, BBC, Consumer Reports, MIT Technical Review, SC Magazine, Threat Post and The Register.

IoT Security – Executing an Effective Security Testing Process

EC-Council

Understanding passwordless technologies

David Strom

Security in the Internet of Things

ForgeRock

Two Factor Authentication

Nikhil Shaw

Improving your mobile threat defense strategy

Malte Wirz

What's hot (20)

Mobile Security for the Enterprise

Session 4 Enterprise Mobile Security

Application Security: What do we need to know?

Security Testing for IoT Systems

IoT/M2M Security

Zero Trust

HYPR: The Leading Provider of True Passwordless Security®

2012 12-04 --ncc_group_-_mobile_threat_war_room

Internet & iot security

IoT security

2012 State of Mobile Survey Global Key Findings

OWASP Mobile Security: Top 10 Risks for 2017

3 steps security

Secure SDLC in mobile software development.

Chapter 4

IoT Security – Executing an Effective Security Testing Process

Understanding passwordless technologies

Security in the Internet of Things

Two Factor Authentication

Improving your mobile threat defense strategy

Similar to 2014 BYOD and Mobile Security Survey Preliminary Results

Bring Your Own Device (BYOD) is a popular topic in 2013. Trying to understand the security risks and prepare strategies to either adopt, or decide against BYOD for security and data control reasons is the challenge. The 160,000 member Information Security Community on LinkedIn conducted the survey "BYOD & Mobile Security 2013" to shed some light on the drivers for BYOD, how companies will benefit from BYOD, and how they respond to the security risks associated with this trend. With 1,600 responses, some interesting insights and patterns into BYOD were uncovered.

BYOD & Mobile Security: How to Respond to the Security Risks

Lumension

2014 Data Protection Maturity Survey: Results and Analysis

Lumension

Pervasive Analytics Gets Real

Cloudera, Inc.

deloitte-au-privacy-index-2015

David Batch

Putting data science into perspective

Sravan Ankaraju

ISMS implementation challenges-KASYS

Reza Teynia ISMS, ITSM, MSc

The top trends changing the landscape of Information Management

Velrada

2013-ISC2-Global-Information-Security-Workforce-Study

Tam Nguyen

Prof m01-2013 global information security workforce study - final

SelectedPresentations

Everything is simple with software testing trends and predictions

software testingchennai

merged_document

Nikhil D'souza

Trustable Tech Mark / Magic Monday at Casa Jasmina Torino

Peter Bihr

Bring Your Own Device 2014 TeamMate User Conference Palm Desert California

Jim Kaplan CIA CFE

G05.2013 gartner top security trends

Satya Harish

Apperian 2015 Executive Enterprise Mobility Survey

Jennifer Walker

A critical gap exists between the enterprise mobility vision and real-world implementations. Enterprise mobility and trends like bring your own device (BYOD) aren’t just hot topics of conversation. According to the over 1,600 IT and security professionals we surveyed, mobility is a top priority for most IT departments. Unfortunately, there’s a critical gap between the vision these IT leaders have for enterprise mobility and the real-world implementations. The insights gathered from IT professionals in the Americas, Asia Pacific, Europe, the Middle East, and Africa demonstrate that organisations from around the world share many of the same priorities, challenges and risks.

2014 Secure Mobility Survey Report

DImension Data

IT Guide for Mobility: Making the case for Security leaders

Cisco Mobility

Car Cybersecurity: The Gap Still Exists

Security Innovation

What is “mobile security?” Seriously, what is it? Is it hardening controls, policy enforcement, knowing how to test mobile apps, mobile antivirus? And how do I map mobile security into an enterprise security strategy? A year later, it’s still as ubiquitous as it has ever been. However with the sophistication of device-based attacks and with the sheer volume of mobile malware exploding, mobile security maintains its status as a major pain point and a critical element you have to consider when building a security program. Given the research available and the increasing threatscape, mobile security preparedness predicated on managing the strategy is a better option than reactionary measures. What’s new in 2015 is there is more sufficient evidence that mobile attacks will further penetrate enterprise systems based on the increase of mobile device ‘involvement’ in many major hacks (not necessarily root cause traced to devices or compromised mobile apps) This presentation will discuss the key trends impacting mobile security and will lay out an updated set of building blocks to produce a holistic mobile security model: from BYOD to mobile policy development to MDM; common and emerging exploits and targeted malware; the myriad of possible mitigations; and the notion of trusted software vs device-specific consideration. Additionally, before we look at policy implementation best practices, we’ll look at a few key use cases and review a few sample enterprise models to learn how some of top organizations are managing mobile security. Finally, the presentation will take a five-year look outward to determine what impact mobile security will have long-term.

Why You’ll Care More About Mobile Security in 2020 - Tom Bain

EC-Council

Why You'll Care More About Mobile Security in 2020

tmbainjr131

Similar to 2014 BYOD and Mobile Security Survey Preliminary Results (20)

BYOD & Mobile Security: How to Respond to the Security Risks

2014 Data Protection Maturity Survey: Results and Analysis

Pervasive Analytics Gets Real

deloitte-au-privacy-index-2015

Putting data science into perspective

ISMS implementation challenges-KASYS

The top trends changing the landscape of Information Management

2013-ISC2-Global-Information-Security-Workforce-Study

Prof m01-2013 global information security workforce study - final

Everything is simple with software testing trends and predictions

merged_document

Trustable Tech Mark / Magic Monday at Casa Jasmina Torino

Bring Your Own Device 2014 TeamMate User Conference Palm Desert California

G05.2013 gartner top security trends

Apperian 2015 Executive Enterprise Mobility Survey

2014 Secure Mobility Survey Report

IT Guide for Mobility: Making the case for Security leaders

Car Cybersecurity: The Gap Still Exists

Why You’ll Care More About Mobile Security in 2020 - Tom Bain

Why You'll Care More About Mobile Security in 2020

More from Lumension

Today, everything has to be patched. From desktop and laptop to server and every operating system in between. With compliance, what we have to pay attention to is what’s actually out there on our network – not just what you wish were there. Servers (Windows, UNIX and Linux)Even Windows-centric environments have at least a few UNIX or Linux servers that need to be secure and patched. Linux and UNIX servers often fulfill critical functions with few and short maintenance windows. These can be a real pain point for admins who specialize in Windows or are managed by an entirely different admin. Desktops (Windows and Macs)Maybe you are responsible for desktops instead of servers. Again it’s not just a Windows story any more. More and more people are opting for Macs instead of Windows. Watch the vulnerability lists and you’ll see that Macs need patching too. The kicker though is the 80/20 rule. If at least 80% of the computers on your network are Windows and the remaining 20% are everything else – it’s a safe bet, given the maturity and ease of WSUS, that 20% of your patching effort goes to Windows but 80% of your effort is consumed with patching all the different flavors of UNIX, Linux and your Mac computers. We need one system to manage all our patches and one pane of glass to prove compliance from data center to desktop. Believe it or not System Center 2012 R2 provides the infrastructure to do just that – it just needs a little help. Last time we showed you how you can patch 3rd party apps on Windows through System Center Update Manager. This time we’ll show you how you can patch non-Windows systems using the new System Center clients for UNIX, Linux and Mac.

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs

Lumension

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...

Lumension

Careto: Unmasking a New Level in APT-ware

Lumension

Point of Sale (POS) systems have long been the target of financially-motivated crime. And in 2013 the magnitude of cybercrime against POS systems skyrocketed, with 97% of breaches in the retail sector and 47% in the healthcare sector aimed against POS systems. With sensitive financial and personal records getting exposed by the millions, the FBI recently warned that POS systems are under sustained and continued attack. During this webcast, we will take you into the three critical entry points to POS system attacks. We’ll discuss how the attacks look, the timelines for these breaches, and what proactive security measures you can take to help your organization minimize the risk to your POS systems. •3 Critical Entry Points to POS System Attacks •Impacts to an Organization •Top 3 Security Measures to Minimize Risk

Securing Your Point of Sale Systems: Stopping Malware and Data Theft

Lumension

Thanks to you, the audience at UltimateWindowsSecurity, for the 2014 Survey. It was a great success with over 600 respondents! I appreciate all of you who took the time give me your thoughts. You’ve provided some great ideas for real training for free™ in the coming year and I’ve learned which topics are most important to you. That’s going to benefit all of us. In this presentation, we'll present our findings. We’ll talk about the community’s top goals for 2014, which topics you recommended I cover in 2014 and what our community sees as the greatest security concerns for 2014. And we’ll discuss other trends emerging from the data. Find out about the top trends, such as: SIEM – What are the top SIEM solutions? What is the UWS community’s top 3 biggest challenges with log/monitoring/security analytics? Endpoint Security – How widely is application whitelisting being used and what is driving its adoption? Which endpoint security technologies really work and which are just hype? Mobile Devices – Are employee owned mobile devices supported at your organization? Is your biggest concern with mobile devices malware, data loss, compliance? The Cloud – How widely are your peers embracing the cloud? Is your organization’s security policy, technology and training keeping up with the move to the cloud? Advanced Security Topics – What are your peers doing about “big data”? What about endpoints as sensors, and other new security approaches? This will be a fact-filled and fascinating presentation on where we are and where we are going on a host of different security fronts. Don’t miss it.

2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...

Lumension

Organizations around the world are losing intellectual property and customer data to cyber criminals at mind-boggling rates. How is this happening? For 5 consecutive years, the annual State of the Endpoint Report, conducted by Ponemon Institute, has surveyed IT practitioners involved in securing endpoints. This year’s report reveals endpoint security risk is more difficult to minimize than ever before. What are IT pros most concerned about heading into 2014? From the proliferation of mobile devices, third party applications, and targeted attacks/APTs, endpoint security risk for 2014 is becoming more of a challenge to manage. Larry Ponemon of the Ponemon Institute reveals statistics on growing insecurity, IT’s perceived areas of greatest risk for 2014 as well as tactical suggestions for how to improve your endpoint security. Specifically, you will learn: •IT perspective on the changing threat landscape and today’s Top 5 risks; •Disconnect between perceived risk and corresponding strategies to combat those threats; •Tips and tricks on how to best communicate today’s threats and subsequent needed responses up the management chain

Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk

Lumension

Windows XP is Coming to an End: How to Stay Secure Before You Migrate

Lumension

Last time it was Adobe’s code signing servers. This time it’s 2.9 million (let’s just call it 3) customers’ data and lots and lots of source code – including that of Acrobat. Adobe products already require constant patching but offer no enterprise level solution for patching. In this presentation by Ultimate Windows Security, we’ll present why this will likely lead to more and we’ll look at what we know about this latest Adobe breach. But more importantly I’ll show what you can do in advance to protect yourself against zero-day exploits in Adobe products and programs. After all this won’t be the last time a software vendor is hacked. In this day and age we have to protect ourselves from the failures of our software providers. I’ll present 3 ways you can go on the offensive to protect yourself from the constant vulnerabilities discovered in Adobe Reader, Acrobat, Flash and Oracle Java. Here’s what we’ll discuss: *Alternatives to Adobe and Java *Different ways to containing vulnerable apps in a sandbox * Using advanced memory protection technologies to detect and stop buffer overflows and other memory based attacks Patching and AV only helps you close the window on hacker opportunity. To prevent the window from opening in the first place you have to prevent untrusted code from ever running in the first place. That requires application whitelisting and memory protection against code injection – a growing menace that bypasses controls based on file system and EXE scanning. That’s why Lumension is sponsoring this event. I think you’ll be interested seeing 2 of their end-point security technologies that will help protect you from the new exploits on their way as a result of this hack as well as the constant stream of exploits discovered every day. This is going to be a really cool presentation with practical tips that you can apply. Learn how to protect your systems from other software vendor vulnerabilities.

Adobe Hacked Again: What Does It Mean for You?

Lumension

Real World Defense Strategies for Targeted Endpoint Threats

Lumension

APTs: The State of Server Side Risk and Steps to Minimize Risk

Lumension

The European Union’s proposed new data protection regulation aims to update Europe’s data protection laws and to provide a more consistent data protection framework across the Continent. But the new regulation, which replaces the EU’s existing data protection directive and member states’ data protection laws, will put some new demands on organisations holding personal data. Breach disclosure and “the right to be forgotten” will force businesses to update their data protection and retention policies. This presentation will: - Review the current EU laws, and contrast them with laws in other parts of the world; - Examine the arguments for strengthening data protection in Europe, and the likely outcomes; - Look at what security teams should already be doing to put themselves ahead of legislative changes; - Outline strategies and technologies organisations need to meet current and future data protection requirements - Help infosecurity teams to explain the changes – and their consequences – to their boards

Data Protection Rules are Changing: What Can You Do to Prepare?

Lumension

Just over a decade ago, the outcry over Microsoft’s security problems reached such a deafening level that it finally got the attention of Bill Gates, who wrote the famous Trustworthy Computing memo. Today, many would say that Microsoft leads the industry in security and vulnerability handling. Now, it’s Java that’s causing the uproar. But has Oracle learned anything from Microsoft in handling these seemingly ceaseless problems? I’ll start by reviewing the wide-ranging Java security changes Oracle is promising to make. They sound so much like the improvements Microsoft made back with Trustworthy Computing that I’m amazed it hasn’t been done before! We’ll move on to discuss what you can do now to address Java security in your environment. One of the banes of security with Java is the presence of multiple versions of Java, often on the same computer. Sometimes you really need multiple versions of Java to support applications with version dependencies (crazy, I know). But other times, multiple copies of Java are there “just because.” In this webinar, we’ll talk about the current Java mess and how you can get out of it, including: Assessment. We’ll discuss ways and tools for cataloging what versions of Java are actually out there on your endpoints. Identification. We’ll look at methods for identifying which versions are actually required by your users; for instance, I’ll show you how you might use Process Tracking and File Access events in the Windows Security Log to see which Java files are being accessed, by whom, and by which programs. Disabling. Can you just disable Java? Maybe not for everyone, but what if you could disable it for certain roles within your company that make up 25% – or even 75% – of your workforce? That would be worth it. We’ll explore how you might go about such a measure. Hardening. We’ll dive into the technical details of hardening Java and reducing your Java attack surface, where possible. Filtering. Another way to reduce your Java risk is by filtering Java content at your gateway. Again not full coverage control – but what is? Patching. Then, we’ll delve into the Java patching nightmare. Depending on self-updaters on each endpoint, is could be a recipe for disaster, and I’ll explain why. Basically the only way out of the Java mess is a 3rd party solution that can perform centralized patch management and remediation and that’s where our sponsor, Lumension, will come in.

Java Insecurity: How to Deal with the Constant Vulnerabilities

Lumension

Do you want to know how ‘best-of-breed’ enterprises prioritize their IT risk? Join Richard Mason, Vice President & Chief Security Officer at Honeywell, whose team is responsible for global security, during a roundtable discussion with Pat Clawson, Chairman & CEO of Lumension and Roger Grimes, Security Columnist & Author. Uncover strategies beyond traditional antivirus signatures and learn a more holistic approach to effective risk management. Find out ‘how’ and ‘why’ you can make security a prioritized function within your organization. Join this expert panel webcast to learn how to: 1)Understand your business audiences and evaluate their risk tolerance 2)Leverage reputation management services that are appropriate for your organization 3)Utilize realistic change management to secure prioritized data depositories

3 Executive Strategies to Reduce Your IT Risk

Lumension

APTs have become a major topic of conversation – and in some cases, a critical threat – among IT security departments. But the technology and motivation behind APTs has changed significantly since the introduction of Stuxnet, continuing to evolve rapidly to avoid detection. In this special Dark Reading presentation, a leading expert on the origins and directions of APTs will discuss the changing nature of these sophisticated threats – and how you can prepare your enterprise security environment to detect and mitigate these complex and dangerous attacks.

The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...

Lumension

Businesses large and small continue to struggle with malware. Traditional approaches to malware protection, like standalone anti-virus, are proving themselves unfit for the task. Kevin Beaver, Independent Information Security Expert dives into: • How to get a better grasp of the weaknesses in endpoint security • Examining whether or not anti-virus is effective • A comparison between a proactive versus reactive approach to fighting the malware fight.

Defending Your Corporate Endpoints How to Go Beyond Anti-Virus

Lumension

In 2012 we found out that the BYOD environment and consumerization of the workplace had turned traditional notions of corporate IT upside down. The 2013 Data Protection Maturity Report will highlight how organizations have managed this trend over the last year and what steps are being taken in 2013 to further enhance data security. Find out how IT teams are developing a holistic model that encompasses policy, education, technology and enforcement. Within this slide deck, we look at each of data protection trends, helping you define your organization’s best practice guide to address the top concerns. We will also be showing you how you can gauge the maturity of your security systems, allowing you to plug any holes before your valuable data starts to leak through them.

2013 Data Protection Maturity Trends: How Do You Compare?

Lumension

What are IT pros most concerned about heading into 2013? The annual State of the Endpoint Report sponsored by Lumension and conducted by Ponemon Institute reveals APTs and mobile devices pose the biggest security threat to organizations in the coming year. Unfortunately, respondents also demonstrated a disconnect between their identified risk and planned security spend as well as a significant need for improved internal collaboration. This presentation by Larry Ponemon of the Ponemon Institute and Paul Zimski of Lumension reveals statistics on growing insecurity, IT’s perceived areas of greatest risk for 2013 as well as tactical suggestions for how to improve your endpoint security. Specifically, you will learn: •IT perspective on today’s Top 3 risks; •Disconnect between perceived risk and corresponding strategies to combat those threats; •Tips and tricks on how to best communicate today’s threats and subsequent needed responses up the management chain

Greatest IT Security Risks of 2013: Annual State of the Endpoint Report

Lumension

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats The weaponisation of software has ushered in a new era of cyber attacks. But with 99% of organizations not prepared for this new front line of cyber-warfare, what does this spell for your business? • Gain a detailed overview of the next generation of threats out there • Understand how to detect key threats and attacks before they develop a stranglehold on your business • Implement the right integrated strategy to keep you safe from cybercriminals on today’s front line

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats

Lumension

Well-organized, highly sophisticated cyber attacks continue to make headlines, hitting major U.S. banks and global companies like Adobe to name a few. In support of October as National Cyber Security Awareness Month, Lumension CEO Pat Clawson, Prolexic CEO Scott Hammack, security industry expert and author, Richard Stiennon and industry analyst and webcast moderator Eric Ogren will share their unique insight into these recent news-making attacks and what they mean for enterprises everywhere. Learn: •The latest, seemingly extraordinary attacks; •How these attacks could escalate to the point where they matter to you and; •What you should be doing to secure against them.

Sensational Headlines or Real Threats? What New Attacks Mean For You.

Lumension

This presentation by Randy Franklin Smith from Ultimate Windows Security reviews, “Stopping the Adobe, Apple and Java Software Updater Insanity”. He shares tips and caveats for dealing with the most common software updaters from Adobe, Apple and Oracle. But the bottom line is that we all need centralized patch management and he’ll explore the important requirements and architectural issues you should be aware of in this space.

Stopping the Adobe, Apple and Java Software Updater Insanity

Lumension

More from Lumension (20)

Using SCCM 2012 r2 to Patch Linux, UNIX and Macs

Using SCUP (System Center Updates Publisher) to Security Patch 3rd Party Apps...

Careto: Unmasking a New Level in APT-ware

Securing Your Point of Sale Systems: Stopping Malware and Data Theft

2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and ...

Greatest It Security Risks of 2014: 5th Annual State of Endpoint Risk

Windows XP is Coming to an End: How to Stay Secure Before You Migrate

Adobe Hacked Again: What Does It Mean for You?

Real World Defense Strategies for Targeted Endpoint Threats

APTs: The State of Server Side Risk and Steps to Minimize Risk

Data Protection Rules are Changing: What Can You Do to Prepare?

Java Insecurity: How to Deal with the Constant Vulnerabilities

3 Executive Strategies to Reduce Your IT Risk

The Evolution of Advanced Persistent Threats_The Current Risks and Mitigation...

Defending Your Corporate Endpoints How to Go Beyond Anti-Virus

2013 Data Protection Maturity Trends: How Do You Compare?

Greatest IT Security Risks of 2013: Annual State of the Endpoint Report

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats

Sensational Headlines or Real Threats? What New Attacks Mean For You.

Stopping the Adobe, Apple and Java Software Updater Insanity

Recently uploaded

Explore the latest trends and insights on JavaScript usage with Pixlogix's informative blog. Discover key statistics and facts about JavaScript's role in web development, its popularity among developers, and its impact on modern websites. Stay updated with the evolving landscape of JavaScript frameworks and libraries, and learn how they're shaping the future of web development. Gain valuable insights to enhance your JavaScript skills and stay ahead in the digital realm.

JavaScript Usage Statistics 2024 - The Ultimate Guide

Pixlogix Infotech

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Architecting Cloud Native Applications

WSO2

MINDCTI Revenue Release Quarter One 2024

MIND CTI

JohnPollard-hybrid-app-RailsConf2024.pptx

JohnPollard37

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

In this keynote, Asanka Abeysinghe, CTO,WSO2 will explore the shift towards platformless technology ecosystems and their importance in driving digital adaptability and innovation. We will discuss strategies for leveraging decentralized architectures and integrating diverse technologies, with a focus on building resilient, flexible, and future-ready IT infrastructures. We will also highlight WSO2's roadmap, emphasizing our commitment to supporting this transformative journey with our evolving product suite.

Platformless Horizons for Digital Adaptability

WSO2

The microservices honeymoon is over. When starting a new project or revamping a legacy monolith, teams started looking for alternatives to microservices. The Modular Monolith, or 'Modulith', is an architecture that reaps the benefits of (vertical) functional decoupling without the high costs associated with separate deployments. This talk will delve into the advantages and challenges of this progressive architecture, beginning with exploring the concept of a 'module', its internal structure, public API, and inter-module communication patterns. Supported by spring-modulith, the talk provides practical guidance on addressing the main challenges of a Modultith Architecture: finding and guarding module boundaries, data decoupling, and integration module-testing. You should not miss this talk if you are a software architect or tech lead seeking practical, scalable solutions. About the author With two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Victor Rentea

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Bhuvaneswari Subramani

Vector Search -An Introduction in Oracle Database 23ai.pptx

Remote DBA Services

In this session, we will discuss the journey of API governance from its initial, ungoverned state to the development of sophisticated models that tackle contemporary challenges. We'll explore how APIs have become essential in the intersection of business and technology, adapting to advancements and evolving needs. We'll focus on how organizations have moved from launching to monetizing APIs, using models like pay-per-use and subscriptions, and finding the right balance between technical implementation and business strategy. We'll also highlight the impact of governance on monetization strategies, especially how data security, compliance, and service quality influence pricing. Real-world examples will demonstrate the effective integration of governance with monetization, including AI's role in dynamic pricing. Looking ahead, we'll share insights into future trends in API governance and monetization, emphasizing the importance of adaptability, continuous learning, and innovation.

API Governance and Monetization - The evolution of API governance

WSO2

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)

Samir Dash

The integration landscape is changing rapidly with the introduction of technologies like GraphQL, gRPC, stream processing, iPaaS, and platformless. However, not all existing applications and industries can keep up with these new technologies. Certain industries, like manufacturing, logistics, and finance, still rely on well-established EDI-based message formats. Some applications use XML or CSV with file-based communications, while others have strict on premises deployment requirements. This talk focuses on how Ballerina's built-in integration capabilities can bridge the gap between "old" and "new" technologies, modernizing enterprise applications without disrupting business operations.

Modernizing Legacy Systems Using Ballerina

WSO2

How to Check CNIC Information Online with Pakdata cf

danishmna97

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

Discover the innovative features and strategic vision that keep WSO2 an industry leader. Explore the exciting 2024 roadmap of WSO2 API management, showcasing innovations, unified APIM/APK control plane, natural language API interaction, and cloud native agility. Discover how open source solutions, microservices architecture, and cloud native technologies unlock seamless API management in today's dynamic landscapes. Leave with a clear blueprint to revolutionize your API journey and achieve industry success!

WSO2's API Vision: Unifying Control, Empowering Developers

WSO2

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Zilliz

Recently uploaded (20)

JavaScript Usage Statistics 2024 - The Ultimate Guide

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Architecting Cloud Native Applications

MINDCTI Revenue Release Quarter One 2024

JohnPollard-hybrid-app-RailsConf2024.pptx

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Platformless Horizons for Digital Adaptability

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024

Understanding the FAA Part 107 License ..

Elevate Developer Efficiency & build GenAI Application with Amazon Q

Vector Search -An Introduction in Oracle Database 23ai.pptx

API Governance and Monetization - The evolution of API governance

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)

Modernizing Legacy Systems Using Ballerina

How to Check CNIC Information Online with Pakdata cf

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

WSO2's API Vision: Unifying Control, Empowering Developers

Introduction to Multilingual Retrieval Augmented Generation (RAG)

2014 BYOD and Mobile Security Survey Preliminary Results

1. PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION 2014 BYOD & Mobile Security Survey Preliminary Results Chris Merritt | Solution Marketing June 10, 2014

2. Thanks 2 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION • Thanks to the members of the Information Security Community group for participating in this survey; to join this group, go to http://www.linkedin.com/groups?gid=38412 • And special thanks to Holger Schulze for pulling this survey together, getting the results published, and managing the ISC group of over 211,000 members.

3. 3 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION BYOD & Mobile Security Survey • Online survey conducted in April / May 2014 • 1,122 respondents from the LinkedIn Information Security Community Group » Mostly in the Software & Internet sector, altho 8+ other industries represented » Mostly in the IT Security and IT departments, altho 8+ other areas responded » Mostly at the Managerial and Specialist levels, altho Consultants are heavily represented, along with 4+ other job types represented » Mostly in the 100 – 999 employee size, altho all organizational sizes from 10 thru 10,000 fairly evenly represented • 2nd annual survey to explore today's goals and challenges of securing mobile devices (BYOD or corporate-owned), looking at: » Policy and technology preferences for securing mobility » How organizations respond to security risks associated with mobile devices

4. Preliminary Survey Results

5. 5 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Setting the Stage I

6. 6 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Setting the Stage II

7. 7 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Setting the Stage III

8. 8 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Measures Taken

9. 9 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Mobile Security – Desires

10. 10 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Mobile Security – Delivery

11. 11 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION Mobile Security – Controls in Place

12. 12 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION 6% 11% 12% 12% 8% 12% 7% 11% 8% 5% 8% 0% 10% 20% 0 10 20 30 40 50 60 70 80 90 100 BYOD Readiness low high Averages 2014 = 46.53 2013 = 43.55

13. Free Device Scanner tool – discover all the devices being used in your network ~/Resources/Security-Tools More on BYOD issues and solutions in the Lumension Optimal Security blog at blog.lumension.com/tag/byod More Information at www.lumension.com 13 More information on the Lumension MDM at ~/mobile-device-management-software Get the 2013 BYOD Survey Report at ~/more-info/BYOD-and-Mobile-Security PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

14. Global Headquarters 8660 E. Hartford Drive Suite 300 Scottsdale, AZ 85250 1.888.725.7828 info@lumension.com

2014 BYOD and Mobile Security Survey Preliminary Results

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to 2014 BYOD and Mobile Security Survey Preliminary Results

Similar to 2014 BYOD and Mobile Security Survey Preliminary Results (20)

More from Lumension

More from Lumension (20)

Recently uploaded

Recently uploaded (20)

2014 BYOD and Mobile Security Survey Preliminary Results