Scribd Logo
Upload

Welcome to Scribd!

  • 2012 CyberSecurity Watch Survey Results

    Uploaded by

    IDG_World
    2K views8 pages
    The 2012 Cyber Security Watch Survey was conducted to understand the number of cyber security events committed, as well as their organizational impact.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The 2012 Cyber Security Watch Survey was conducted to understand the number of cyber security events committed, as well as their organizational impact.

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    2K views8 pages

    2012 CyberSecurity Watch Survey Results

    Uploaded by

    IDG_World
    The 2012 Cyber Security Watch Survey was conducted to understand the number of cyber security events committed, as well as their organizational impact.

    Copyright:

    © All Rights Reserved
    Download as PDF or read online from Scribd
    Flag for inappropriate content
    of 8

    2012CyberSecurityWatchSurveyResults

    April2012

    OrganizationsExperiencingIncreaseinNumberof SecurityEvents
    NumberofSecurityEventsDuringthePast12Monthsvs. thePrior12Months AverageNumberof Events <1,000=22 1,000+=300

    2012

    31%

    10%

    41%

    18%

    2011

    28%

    12%

    39%

    21%

    AverageNumberof Events <1,000=27 1,000+=94

    Increased

    Decreased

    Nochange

    Notsure

    Q:Pleaseestimatethetotalnumberofcybersecurityeventsexperiencedbyyourorganizationduringthelast12months. Q:Whencomparedwiththeprior12months,cybersecurityeventsinyourorganizationshave: 2
    Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012

    ConcernAboutCyberCrimesIncreasing
    2012 2011

    Levelofconcern hasnotchanged

    32%

    Moreconcerned

    66%

    Levelofconcern hasnotchanged

    40%

    Moreconcerned

    56%

    Less concerned

    2%

    Less concerned

    5%

    Q: Areyoumoreconcernedorlessconcernedaboutcybersecuritythreatsposedtoyourorganizationthisyearthanthoseyouencountered theyearbefore? 3
    Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012

    FinancialImpactofCyberSecurityEventsontheRise
    23%
    2012 23%

    7%
    7%

    47%
    47%

    23%
    23%

    $374k
    average monetary lossduetoCyber Crimeattacksin thepast12 months,upfrom $123k in2011.

    16%
    2011 16%

    10%
    10%

    43%
    43%

    31%
    31%

    NotSure
    16%
    2010 16%

    7%
    10%

    35%
    35%

    42%
    42%

    2010 42% 2011 31% 2012 23% Isthisafalse senseof knowledge?

    Increased

    Decreased

    Nochange

    Notsure

    Q:Whencomparedwiththeprior12months,monetarylossesasaresultofcybersecurityeventsinyourorganizationhave: Q:PleaseestimatethetotalmonetaryvalueoflossesyourorganizationsustainedduetoCyberCrimeandAdvancedPersistentThreats duringthepast12months,includingcostsassociatedwithresolvingallissuesassociatedwiththeincident. 4


    Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012

    MajorityhaveEvaluationProcessforThirdPartyPartners

    Notsure/ Dontknow

    14%

    28%
    Yes,wehave aprocess inplace

    No,wedonot haveaprocess inplace

    29%

    57%

    Evaluatethird partypartners securitymore thanonceayear. DoNotEvaluate

    36%

    Q:Doyouhaveaprocessforevaluatingthesecurityofthirdparties withwhomyousharedataornetworkaccess? Q:Onaverage,howoftendoyouevaluatethesecurity ofthirdpartieswithwhomyousharedataornetworkaccess? 5


    Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012

    LessThanHalfHaveMethodologytoMeasure SecurityEffectiveness 2012


    Notsure/ Dontknow

    2011
    29%

    20%

    48%
    Yes

    Notsure/ Dontknow

    41%
    Yes

    32%
    No

    30%
    No

    Q: Doyouhaveamethodologythathelpsyoudeterminetheeffectivenessofyourorganizationssecurityprogramsbasedonclearmeasures? 6
    Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012

    InsiderCyberCrimeCharacteristics
    ViolationofITsecuritypolicies 50%

    Managerconcernaboutbehavior/performance

    19%

    Formalreprimands/disciplinaryaction

    14%

    Poorperformancereviews

    14%

    Disruptiveworkplacebehavior

    9%

    Demotion

    4%

    Violencetowardscoworkers

    2%

    Q: Oftheinsiderswhocommittedcybercrimesagainstyourorganizationinthepast12months,pleaseindicatethepercentage(average) whodisplayedthesecharacteristics: 7
    Source:2012 CyberSecurityWatchSurvey, CSO magazine,U.S.SecretService, SoftwareEngineering InstituteCERTProgramat CarnegieMellonUniversity andDeloitte, April 2012

    ToLearnMore

    PleasecontactSVP,GroupPublisher&CMO, BobMelkat bmelk@idgenterprise.com

    You might also like