Category Archives: survey

Cybersecurity challenges for smart cities: Key issues and top threats

Urban population is on the rise worldwide and smart city development projects are harnessing the power of the Internet of Things (IoT) to develop more intelligent, efficient, and sustainable solutions. However, digital security investments in smart cities are severely lagging thus seeding the future vulnerabilities of the IoT ecosystem. The Financial, Information and Communication Technologies (ICT), and defense industries will account for 56% of the US$135 billion projected total cybersecurity spend in critical infrastructure in … More

The post Cybersecurity challenges for smart cities: Key issues and top threats appeared first on Help Net Security.

A point-in-time approach to risk management is no longer effective

Among organizations that engage third parties to provide business services, 83% identified third-party risks after conducting due diligence and before recertification, according to Gartner. Gartner’s survey of more than 250 legal and compliance leaders reveals that the standard point-in-time approach to risk management is no longer effective in today’s landscape of fast-paced, rapidly changing business relationships. With an increasing number of third parties performing new-in-kind and noncore services for organizations, material risks cannot always be … More

The post A point-in-time approach to risk management is no longer effective appeared first on Help Net Security.

Most IT pros find red team exercises more effective than blue team testing

More than one-third of security professionals’ defensive blue teams fail to catch offensive red teams, a study from Exabeam reveals. The survey, conducted at Black Hat USA 2019, also showed that 68% find red team exercises more effective than blue team testing, and more companies are practicing red over blue team testing. As cyberattacks become increasingly sophisticated and hack techniques become more highly targeted, organizations must learn how digital adversaries think to help identify gaps … More

The post Most IT pros find red team exercises more effective than blue team testing appeared first on Help Net Security.

Ransomware attacks hit 1 in 5 Americans

Anomali announced the results of a survey conducted by The Harris Poll. It includes responses from more than 2,000 American adults and reveals how Americans believe business and government organizations should respond to ransomware attacks as well as their opinions on cybersecurity in general. This survey suggests that Americans believe government and businesses alike should do more to defend against ransomware and cyberattacks, that they are willing to contribute more to the fight, and that … More

The post Ransomware attacks hit 1 in 5 Americans appeared first on Help Net Security.

Deception technology shifts power back to the defender

Users of deception technology reported a 12X improvement in the average number of days it takes to detect attackers operating within an enterprise network when compared to those unfamiliar with the technology, according to a research report conducted by Enterprise Management Associates (EMA). EMA surveyed 208 respondents across North America in June 2019, with the majority of respondents working in IT/IS/telecoms or cybersecurity within an IT organization. Other studies conducted by incident response service providers … More

The post Deception technology shifts power back to the defender appeared first on Help Net Security.

Digital transformation helps companies work smarter yet makes them vulnerable to breaches

While digital transformation helps companies work smarter, there is a risk that the ongoing digitization may unlock a host of security vulnerabilities that can cost companies money, time, intellectual property, and customer trust, according to a Canon survey. All organizations surveyed across a range of verticals experienced an alarming amount of cyber threats over the past year. Conducted by ABI Research, the survey of more than one thousand U.S. IT professionals reveals three, pertinent cybersecurity … More

The post Digital transformation helps companies work smarter yet makes them vulnerable to breaches appeared first on Help Net Security.

The changing face of DDoS attacks: Degraded performance instead of total takedown

The number of DDoS attacks might be getting higher, but they are not all massive nor do they always trigger DDoS defenses. In fact, small-scale DDoS attacks are becoming more frequent and sophisticated, according to new research from Neustar’s SOC. According to the company’s Q2 2019 Cyber Threats and Trends report, between April and June of this year, over 75 percent of all attacks mitigated by Neustar were 5 Gbps or less, while large attacks … More

The post The changing face of DDoS attacks: Degraded performance instead of total takedown appeared first on Help Net Security.

What’s cybercriminals’ most effective weapon in a ransomware attack?

Cybercriminals’ most effective weapon in a ransomware attack is the network itself, which enables the malicious encryption of shared files on network servers, especially files stored in infrastructure-as-a-service (IaaS) cloud providers, says Vectra. Percentage of the total number of incidents exhibiting ransomware network file encryption per industry in North America, from January-June 2019 Attackers today can easily evade network perimeter security and perform internal reconnaissance to locate and encrypt shared network files. By encrypting files … More

The post What’s cybercriminals’ most effective weapon in a ransomware attack? appeared first on Help Net Security.

There is widespread business confusion and ignorance about the upcoming CCPA regulation

ESET polled 625 business owners and company executives to gauge business readiness for the upcoming California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020. The survey results underscore how unprepared businesses are for the upcoming regulation. Key findings 72.6% of the polled individuals own or work at an organization that has up to 25 employees: Almost half (44.2%) of all respondents have never heard of the CCPA, and only 11.8% of … More

The post There is widespread business confusion and ignorance about the upcoming CCPA regulation appeared first on Help Net Security.

FSI organizations are failing to assess their software for security vulnerabilities before release

More than half of organizations have experienced theft of sensitive customer data or system failure and downtime because of insecure software or technology, a Synopsys report reveals. The study also found that many organizations are struggling to manage cybersecurity risk in their supply chain and are failing to assess their software for security vulnerabilities before release. “While the financial services industry is relatively mature in terms of their software security posture, organizations are grappling with … More

The post FSI organizations are failing to assess their software for security vulnerabilities before release appeared first on Help Net Security.

Many companies don’t know the depth of their IoT-related risk exposure

In the digital age, cyber is everywhere. Cyber risk now permeates nearly every aspect of how we live and work. Organizations should better understand how to manage the risks created by known and unknown Internet of Things (IoT) and Industrial IoT (IIoT) devices. According to a recent Deloitte poll, nearly half of IT security professionals (48%) realized it is imperative, when developing or deploying secure-by-design connected products and/or devices, that both of these conditions exist: … More

The post Many companies don’t know the depth of their IoT-related risk exposure appeared first on Help Net Security.

Companies struggle with the slow, unpredictable nature of AI projects

Despite significant investment in AI, many companies are still struggling to stabilize and scale their AI initiatives, according to Dotscience. While 63.2% of businesses reported they are spending between $500,000 and $10 million on their AI efforts, 60.6% of respondents continue to experience a variety of operational challenges. This is evidenced by the fact that 64.4% of organizations deploying AI said that it is taking between seven to 18 months to get their AI workloads … More

The post Companies struggle with the slow, unpredictable nature of AI projects appeared first on Help Net Security.

53% of enterprises have no idea if their security tools are working

The majority of organizations don’t know if the security tools they deploy are working, and are not confident they can avoid data breaches, according to AttackIQ. AttackIQ released the report based on Ponemon Institute research evaluating the efficacy of enterprise security strategies. Ponemon surveyed 577 IT and IT security practitioners in the United States who are knowledgeable about their organization’s IT security strategy, tactics and technology investments. “The significant number of security experts who have … More

The post 53% of enterprises have no idea if their security tools are working appeared first on Help Net Security.

How effective is your security operations center?

While the SOC is considered an essential or important component of business, most security professionals rate their SOC’s effectiveness as low, and 49 percent say it is not fully aligned with business needs, according to a survey conducted by Devo Technology in partnership with the Ponemon Institute. Problems such as a lack of visibility into the network and IT infrastructure, a lack of confidence in the ability to find threats, and workplace stress on the … More

The post How effective is your security operations center? appeared first on Help Net Security.

Damaging insider threats rise to new highs in the past year

70 percent of organizations are more frequently seeing insider attacks, with 60 percent experiencing one or more within the last 12 months, and 68 percent feeling “extremely to moderately” vulnerable to them, according to Nucleus Cyber. Not only are organizations seeing a dramatic increase of attacks from insiders, but 85 percent are finding it difficult to determine the actual damage being caused from each instance, especially in cloud environments. Since they’ve migrated to the cloud, … More

The post Damaging insider threats rise to new highs in the past year appeared first on Help Net Security.

100% of IT execs are modernizing architectures, but struggling with data silos and vendor lock-in

99% of IT execs report challenges with architecture modernization and 98% report challenges with their corporate data architectures (data silos), a DataStax survey reveals. Vendor lock-in (95%) was of particular concern among respondents. The survey, conducted in conjunction with Dimensional Research and DataStax, takes the pulse of IT architecture modernization trends by investigating current experiences with and plans to reduce complexity and cost around architecture modernization. Respondents included more than 300 executives who work for … More

The post 100% of IT execs are modernizing architectures, but struggling with data silos and vendor lock-in appeared first on Help Net Security.

50% of organizations believe attackers can infiltrate their networks each time they try

As organizations increase investments in automation and agility, a general lack of awareness about the existence of privileged credentials – across DevOps, robotic process automation (RPA) and in the cloud – is compounding risk. According to the CyberArk Global Advanced Threat Landscape 2019 Report, less than half of organizations have a privileged access security strategy in place for DevOps, IoT, RPA and other technologies that are foundational to digital initiatives. This creates a perfect opportunity … More

The post 50% of organizations believe attackers can infiltrate their networks each time they try appeared first on Help Net Security.

Employees overestimate the efficacy of their workplace’s email security strategy

22 percent of businesses have experienced a data breach – defined as loss of confidential data or credentials, compromised account loss, or fraudulent financial transactions – due to an email-based attack in the past three months, accoring to GreatHorn. The company surveyed 1,021 email security and white-collar professionals from March to June 2019 to gain a better understanding of the current state of enterprise email security, threat prevalence, remediation frequency, and attitudes on email attacks … More

The post Employees overestimate the efficacy of their workplace’s email security strategy appeared first on Help Net Security.

If you’re struggling with Windows 10 migration, updates will be an even bigger challenge

With the end of Windows 7 support on the horizon, many companies remain significantly behind in completing their Windows 10 migration, new data from 1E shows. Of 600 senior IT decision makers surveyed, it was reported that 32% of endpoints were left unconverted, raising serious questions about the risks organizations are willing to take with cybersecurity. According to the report, “Windows 10 2020: Beyond the Migration,”: 82% of organizations say security is a motivating factor … More

The post If you’re struggling with Windows 10 migration, updates will be an even bigger challenge appeared first on Help Net Security.

Cyberthreats targeting municipalities are on the rise

Through the first half of 2019, a growing number of municipalities across the US were hit with crippling ransomware attacks, while several large companies disclosed data breaches that exposed more than 625 million records. A new AppRiver report also highlighted the most prevalent attacks identified by the company during the first half of the year, including chained malware attacks, Emotet, and conversation hijacking attacks. Cities under siege The report, based on global data compiled by … More

The post Cyberthreats targeting municipalities are on the rise appeared first on Help Net Security.

Enterprises adopt edge workloads, yet still use unsuitable legacy storage solutions

By 2025 organizations will churn out 175 zetta-bytes of data, IDC predicts. However bottlenecks and compute problems continue to plague IT pros as they struggle to support their growing edge workloads, acording to a survey of more than 300 storage professionals by NGD Systems. In the study entitled The State of Storage and Edge Computing conducted by Dimensional Research, barely one in 10 respondents gave themselves an “A” grade for their compute and storage capabilities. … More

The post Enterprises adopt edge workloads, yet still use unsuitable legacy storage solutions appeared first on Help Net Security.

Most consumers still don’t know how brands are using their data

Despite the past year’s global focus on GDPR and other data privacy regulations designed to give consumers more power over their data, more than half (55 percent) of consumers still don’t know how brands are using their data, according to the Acquia survey of more than 1,000 U.S.-based consumers. On top of that, 65 percent don’t even know which brands are using their data. Additional key findings from the survey include: 59 percent of consumers … More

The post Most consumers still don’t know how brands are using their data appeared first on Help Net Security.

How understanding and trust in data informs business decisions

There is a disconnect around understanding and trust in the data and how it informs business decisions, a Syncsort survey reveals, though most respondents rated their organization’s data quality either as “good” (38%) or “very good” (27%). Sixty-nine percent of respondents stated their leadership trusts data insights enough to inform business decisions, yet they also said only 14 percent of stakeholders had a very good understanding of the data. Of the 27 percent who reported … More

The post How understanding and trust in data informs business decisions appeared first on Help Net Security.

Business owners prioritise investment in technology over upskilling

Business owners say their strategy is to prioritize investing in technology (52%) over upskilling (24%) their workforce, according to Adecco. The research titled, People, Technology and the Future of Upskilling, which surveyed 500 managers, directors, and business owners at SMEs, found that this focus on investing in technology over upskilling is not necessarily shared across all roles in the business. Just 28% of middle managers and 33% of directors prioritize investment in technology over upskilling. … More

The post Business owners prioritise investment in technology over upskilling appeared first on Help Net Security.

Skills gap remains a top barrier to SD-WAN adoption

SD-WAN security drives selection, skills gaps remain a primary obstacle to adoption, and adoption continues to rise, according to Masergy. The survey, conducted in partnership with IDG Research, analyzed responses from IT decision makers in global enterprises across a variety of industries. This survey was also conducted in 2017 as a benchmark in order to measure SD-WAN trends over time. Optimizing the network to support cutting-edge technology stands out as the most prominent objective that … More

The post Skills gap remains a top barrier to SD-WAN adoption appeared first on Help Net Security.

Adoption rates of basic cloud security tools and practices still far too low

As organizations migrate more of their data and operations to the cloud, they must maintain a robust cybersecurity posture, a Bitglass report reveals. Each year, Bitglass conducts research on the state of enterprise cloud security in order to identify key trends and common vulnerabilities. This year’s report found that 75 percent of organizations leverage multiple cloud solutions, but only 20 percent have visibility over cross-app anomalous behavior. With more and more organizations storing sensitive information … More

The post Adoption rates of basic cloud security tools and practices still far too low appeared first on Help Net Security.

Certificate-related outages impact the reputation of financial services organizations

Financial services organizations are more likely to have digital certificate-related outages than other industries, a Venafi study reveals. Over 100 CIOs in the financial services industry from the U.S., U.K., France, Germany and Australia participated in the study. In the last six months, 36 percent experienced an outage that impacted critical business applications or services. In addition, financial services CIOs are more concerned about the impact of certificate-related outages on their customers. “Organizations from every … More

The post Certificate-related outages impact the reputation of financial services organizations appeared first on Help Net Security.

Federal and SLED IT managers say AI will be a game changer

AI is not a concept of the future, a MeriTalk study confirms. A new study, underwritten by Arrow and NetApp, surveyed 300 Federal, state, local, and higher education (SLED) IT managers to explore where they think their agencies are with AI as a broader concept, and to understand their usage of foundational AI technologies like chatbots, intelligent analytics, high performance computing, and more. Between February’s executive order and the launch of AI.gov in March, AI … More

The post Federal and SLED IT managers say AI will be a game changer appeared first on Help Net Security.

Over 80% of network teams play a role in security efforts

More than 4 in 5 IT teams are involved in security efforts, and a majority of them report an increase of at least 25 percent in time spent on these efforts over the past 12 months, according to Viavi. The most striking conclusion is that network-based conversation wire data has become the top data source for security incidents, with its use tripling, demonstrating that threat levels have driven enterprises to seek the most reliable forensic … More

The post Over 80% of network teams play a role in security efforts appeared first on Help Net Security.

Companies still don’t understand the importance of DMARC adoption

By implementing DMARC, brands lower the odds of their domains being spoofed and used for phishing attacks on recipients. Still, 79.7% of all domains analyzed have no DMARC policy in place, according to 250ok. The result of a domain not implementing any form of DMARC policy is exposing its recipients to possible phishing attacks and, unsurprisingly, 91% of all cyber attacks begin with a phishing email. Phishing and spoofing attacks against consumers are likely to … More

The post Companies still don’t understand the importance of DMARC adoption appeared first on Help Net Security.

Yearly hidden costs of managing vendor risk? $3.8 million per healthcare provider

The inability to adequately assess and understand the risks that vendors pose is becoming incredibly costly to healthcare providers, according to a new report by Censinet and the Ponemon Institute. According to the research, the yearly hidden costs of managing vendor risk is $3.8 million per healthcare provider, far surpassing the $2.9 million that each data breach costs providers. The cost across the healthcare industry is $23.7 billion per year. The research also indicates that … More

The post Yearly hidden costs of managing vendor risk? $3.8 million per healthcare provider appeared first on Help Net Security.

The rise of digital platforms is empowering the military, but challenges remain

Digital technologies such as cloud computing, big data, data analytics, IoT, artificial intelligence, augmented reality, and blockchain are gradually being leveraged in the defense industry at both agency and operational levels as change enablers, according to Frost & Sullivan’s latest analysis. The deployment of digital technologies improves legacy processes and enhances operation and mission efficiencies, which will, in turn, produce cost savings. “The rise of digital platforms is empowering the military, enabling better continuity of … More

The post The rise of digital platforms is empowering the military, but challenges remain appeared first on Help Net Security.

Organizations expect to boost their cybersecurity investments by 34%

Annual losses from cyberattacks averaged $4.7 million in the last fiscal year — with more than one in 10 firms losing over $10 million —according to a new report from ESI ThoughtLab in conjunction with Willis Towers Watson and other organizations specialized in cybersecurity and risk management. The study covered 467 firms across multiple industries in 17 countries revealing that companies worldwide expect to boost their cybersecurity investments by 34% in the next fiscal year, … More

The post Organizations expect to boost their cybersecurity investments by 34% appeared first on Help Net Security.

Multi-stage attack techniques are making network defense difficult

IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology, according to Sophos. The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa. Cybercriminals use multiple attack methods and payloads for maximum impact The Sophos survey shows how attack techniques … More

The post Multi-stage attack techniques are making network defense difficult appeared first on Help Net Security.

How well are healthcare organizations protecting patient information?

Healthcare organizations have high levels of confidence in their cybersecurity preparedness despite most of them using only basic user authentication methods in the face of an increasing number of patient identity theft and fraud instances in the marketplace, according to LexisNexis Risk Solutions. Key survey findings Specifically, the survey results showed: 58% believe that the cybersecurity of their patient portal is above average or superior when compared to other patient portals 65% report that their … More

The post How well are healthcare organizations protecting patient information? appeared first on Help Net Security.

Only 25% of organizations using AI have an enterprise-wide AI strategy

Only 25% of global organizations that are already using artificial intelligence (AI) solutions, have developed an enterprise-wide AI strategy, according to IDC. At the same time, half the organizations surveyed see AI as a priority and two thirds are emphasizing an “AI First” culture. “Organizations that embrace AI will drive better customer engagements and have accelerated rates of innovation, higher competitiveness, higher margins, and productive employees. “Organizations worldwide must evaluate their vision and transform their … More

The post Only 25% of organizations using AI have an enterprise-wide AI strategy appeared first on Help Net Security.