- Advertising Aerospace Agriculture Animals/Pets Automotive Biotech Boating Business / economics Chemistry Cities and provinces Comics Computer hardware Computers Construction Countryside Culture and art
- Decoration Education Electronics Energy Engineering Environment and nature Family Finance Food and Beverages Forest and Wood Gardening Government Handicraft Homeland Insurance International
- Legal Leisure Lifestyle Logistics Manufacturing Marketing Media Medical Metal industry and Metallurgy Military Music and Entertainment Non-profit Paper industry Photography Politics Publishing
- Real estate Religion Retail Science Security Site News Social services Software Sport / leisure Sports Telecommunications Topstory Tourism Working life
New Ponemon Institute Survey Reveals Time to Identify Advanced Threats is 98 Days for Financial Services Firms, 197 Days for Retail
Published: 20-May-2015 11:25 am
Publisher: Arbor Networks
83 percent of Financial Services, 44 percent of Retail Firms Experience More Than 50 Incidents per Month
Burlington, Mass., May 19, 2015 – Financial Services and Retail organizations agree, advanced threats are the most serious security challenge facing their organizations. Despite the concern, both industries struggle to identify these attacks once they are inside their network, according to a new Ponemon Institute Survey, sponsored by Arbor Networks, a leading provider of DDoS and advanced threat protection solutions for enterprise and service provider networks.
Known as ‘dwell’ time, the time it takes to identify these attacks is 98 days for Financial Services firms, and 197 days for Retail. Despite these results, 58 percent of Financial Services and 71 percent of Retail organizations said they are not optimistic about their ability to improve these results in the coming year. This is alarming considering the number of attacks targeting their networks. Within Financial Services, 83 percent experienced more than 50 attacks per month, while 44 percent of Retail firms did.
“The big takeaway from our research is that more investment is needed in both security operations staff and in security tools, which can help companies efficiently and accurately detect and respond to security incidents,” said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. “The time to detect an advanced threat is far too long; attackers are getting in and staying long enough that the damage caused is often irreparable.”
“It’s time to find a better balance between technology solutions, usability, workflow and the people who use them. As security vendors, we need to help our customers so they can adapt to this new cyber security reality that balances the threats with the people who fight them every day,” said Matthew Moynahan, president of Arbor Networks.
In the wake of high profile mega breaches, the Ponemon Institute, surveyed Financial Services and Retail firms in North America and Europe, Middle East and Africa (EMEA) to better understand how they are dealing with attacks targeting their organizations. The survey asked how these organizations manage the explosion in advanced threats and distributed denial of service (DDoS) attacks targeting their infrastructure; how effective (or not) their IT investments are; and how they are adapting incident response procedures and integrating threat intelligence for better visibility, insight and context.
Key Findings Among Financial Services Firms
- 71 percent view technologies that provide intelligence about networks and traffic as most promising at stopping or minimizing advance threats during the seven phases of the Kill Chain
- 45 percent have implemented incident response procedures
- 43 percent have established threat sharing with other companies or government entities
- 55 percent consider DDoS attacks as an advanced threat
- 48 percent ‘Strongly Agree’ or ‘Agree’ that they are effective in containing DDoS attacks
- 45 percent have established threat sharing with other companies or government entities to minimize or contain the impact of DDoS attacks
Budgets & Staffing
- Budgets are allocated 40 percent towards Technology; 37 percent to Staffing and 20 percent to Managed Services
Key Findings Among Retail Firms
- 64 percent view technologies that provide intelligence about networks and traffic as most promising at stopping or minimizing advance threats during the seven phases of the Kill Chain
- 34 percent have implemented incident response procedures
- 17 percent have established threat sharing with other companies or government entities
- 50 percent consider DDoS attacks as an advanced threat
- 39 percent firms ‘Strongly Agree’ or ‘Agree’ that they are effective in containing DDoS attacks
- 13 percent have established threat sharing with other companies or government entities to minimize or contain the impact of DDoS attacks
Budgets & Staffing
- Budgets are allocated 34 percent towards Technology; 27 percent to Staffing and 34 percent to Managed Services.
- Financial Services Organizations surveyed include 844 IT and IT security practitioners in North America and in 14 countries in Europe, Middle East & Africa (EMEA)
- Retail organizations surveyed include 675 IT and IT security practitioners in North America and in 14 countries in Europe, Middle East & Africa (EMEA)
- In both cases, only IT practitioners who are familiar with their companies’ defense against cyber security attacks and have responsibility for directing cyber security activities within the company were selected to participate
- Register to attend the webinar: “Ponemon Institute: The Cost of Time To Identify & Contain Advanced Threats”; May 21, 2015 at 11:00am ET
- Download the full reports: “Advanced Threats in Financial Services - A Study of North America and EMEA” and “Advanced Threats in Retail – A Study of North America and EMEA” (registration required)
- Visit our blog for a Q&A with Larry Ponemon on some of the most surprising findings from each report
- Follow us on Twitter @arbornetworks for key findings and infographics
About Arbor Networks
Arbor Networks, Inc. helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver comprehensive network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context - so customers can solve problems faster and help reduce the risk to their business.
Phone: +82 2 2076 6443
Fax: +82 2 2076 6971
Phone: +49 351 79658 19
Fax: +49 351 79658 29
Other releases of publisher
- 23.07.2015 09:10Arbor Networks’ ATLAS Data Shows the Average DDoS Attack Size Increasing
- 01.07.2015 08:20Arbor Networks Secures Three New Patents for DDoS Detection & Mitigation
- 11.06.2015 11:03Infonetics Research Report Identifies Arbor Networks as World Leader in DDoS Prevention in Carrier, Enterprise and Mobile Markets