90% of data that exist today was created in the past 2 years. This massive amount of data allows organizations to take a
more qualitative approach to business and customer
service, but also makes them vulnerable to a continually
increasing number of threats.
3. 90%of data that exists today
was created in the
PAST 2 YEARS.
1
4. 2.5 QUINTILLIONbytes of data are created each day, growing at a rate
FOUR TIMES FASTER than the world’s economy.1
This massive amount of data allows organizations to take a
more qualitative approach to business and customer
service, but also makes them vulnerable to a continually
increasing number of threats.1
8. Ransomware generated
$209 MILLION
for cybercriminals in the first three months of 20163
with an average of
4,000
ransomware attacks each day4
and
9,515
ransoms paid every month5
9. “The largest threat is still your end user and their willingness
to click on links and attachments in emails.”
– Jason Beltrame, Systems Engineer at CISCO
We saw a significant spike in Ransomware attacks and many of
these were a result of a Phishing scam where the end user
clicked on a link/email attachment that looked as if it came
from a reputable sender (inside the organization).”
– Adam Kaplan, Regional Security Account Manager at CISCO
10. The biggest security threat in
2016 is the inability to enforce a
least-privilege security model.”6
- Michael Broadwood, Varonis
12. IN 60%
of data breach cases, attackers are able to
compromise an organization in minutes.7
The average cost of a data breach is now
$3.8 MILLION
with an average estimated cost of
$154 per stolen record.8
13. 2014 - Yahoo was compromised by a data
breach and confirmed at least 500 million
user accounts had been stolen in what may
be the biggest data breach of all time.10
2015 - The United States Office of
Personnel Management had 21.5 million
background investigation records of
current, former, and prospective Federal
employees and contractors stolen. The
personnel data of 4.2 million current and
former Federal employees was stolen.11
2012 - Dropbox was hacked and 68
million user accounts were leaked
online with their associated passwords.9
2016 - a number of BuzzFeed’s posts were
vandalized by a group of hackers called
OurMine after publishing a story threatening
to expose one of the members.12
Real World Examples
15. Organizations need to realize that continuing to invest
in “business as usual” IT security tools is no longer
enough to protect critical data.”
- 2016 Vormetric Data Threat Report
Attacks are getting more and more unique, targeted
and sophisticated, making it impossible for legacy
detection based solutions to capture.”
- Brian Feller, Avecto
16. It's not so much people not realizing
they're vulnerable than it is they don't
believe they're a target. The fact is,
anybody can be a target.”
- Lance Spitzner, founder of The Honeynet Project
17. If data is stored in the cloud (AWS, box, salesforce), your data is not
automatically safe. It’s a shared responsibility between the cloud
vendor and the customer to protect that data.”
– Jason Beltrame, Systems Engineer at CISCO
Most companies are overlooking that fact that their users are more
of a security risk than the outside world anymore.”
– Adam Kaplan, Regional Security Account Manager at CISCO
Critical finding illustrate organizations continue to equate compliance with
security in the belief that meeting compliance requirements will be enough”
- 2016 Vormetric Data Threat Report
18. Organizational Security Holes
Contribute to Incidents
3,571
47%
30%
< 1%
Around
55%
1 in 6
Insider
Incidents
A majority of the 3,571 services
used by surveyed organizations
lacked basic security features.13
1 in every 6 users will misuse or
expose data.14
Insider incidents are the hardest
(and take the longest) to detect.
Of all the incidents, these insider
misuse cases are the most likely to
take months or years to discover.15
47% of companies report users
having excessive right.14
30% of phishing messages
are opened.14
Less than 1% of severe/critical
security alerts are investigated.14
Around 55% of all businesses
acknowledge that they secure
credit card information but not Social
Security numbers, bank account
details, and other personal data.16
19. Fragmented cloud service
use increases risk!
Organizations use an average of 24 different file sharing
services and 91 different collaboration services,
resulting in greater risk since 60% of the file sharing
services used are high risk services.17
20. No business is too small to evade
a cyber attack or data breach.”
- Ponemon Institute
22. Businesses have been steadily
increasing spending in
network security since 2007.
But SMB personnel, budget, and technologies are insufficient to
have a strong security posture. So, some SMBs engaged
managed security service providers to support an average of
34% of their IT security operations.18
24. Organizations can make
immediate improvements by:
Consider an “encrypt everything” strategy.
Implement an end-to-end security solution
that addresses a variety of use cases.
Implement analytics to start identifying
threatening patterns of data use.19
1
2
3
25. Enterprises of all shapes and sizes need to evaluate their
security strategy when related to the end-points. Once an
attacker has gained access, in many cases they have the
proverbial “keys to the kingdom.”
- Brian Feller, Avecto
Water finds cracks, thus the foundation of any security
architecture requires the end-points (PCs, laptops, Macs)
to be locked-down on an enterprise level, whether you
have 10 or 10,000 users.
- Brian Feller, Avecto
27. Customers must look at the threat
as dynamic and always changing.”
- Adam Kaplan, Regional Security Account Manager at CISCO
28. Organizations live and die by public
perception, so layering in security at
all levels of business is becoming
the only true insurance.”
- Varonis
29. The need for security at all phases of the attack
continuum is important. Having products as
well as remediation efforts in place to defend
against the threat before it occurs, while it’s
occurring, and after the breach is a great
philosophy to prevent breaches and limit the
spread in the inevitability of an outbreak.”
– Jason Beltrame, Systems Engineer at CISCO
30. Predictions for the Future?
“Customers will continue to store their
information in the cloud with Box, Salesforce,
AWS and other cloud based solutions and the
need for cloud access security broker (CASB)
solutions will increase.”
– Jason Beltrame, Systems Engineer at CISCO
“End-users will continue to be targeted as
the primary attack surface.”
- Brian Feller, Avecto
“Ransomware will continue to grow
and spread.”
– Adam Kaplan, Regional Security Account
Manager at CISCO
1
2
3
31. Predictions for the Future?
80% of new deals for cloud-based CASB
will be packaged with network firewall,
secure web gateway (SWG) and web
application firewall (WAF) platforms.21
The need to prevent data breaches
from public clouds will drive 20% of
organizations to develop data security
governance programs.21
BY
2018
BY
2020
32. Better security in the
enterprise will lead to more
attacks on employees as
they work from home.
(McAfee Labs 2016 Threat Predictions)
33. 1
VCloudNews
2
McAfee Quarterly Threat Report — March 2016
3
According to the U.S. Department of Justice
4
Multiple U.S. Government departments
5
According to Cisco’s 2016 Annual Security Report
6
Pomemon Institute
7
2015 Verizon Data Breach Investigations Report
8
Cyberwurx, 2016
9
4 Year Old Dropbox Hack Linked 68 Million Users’ Data
10
Yahoo Hackers Stole 500 Million User Accounts in 2014
11
Cybersecurity Incidents
12
Buzzfeed Hacked by OurMine After Exposing Member
13
Skyhigh Cloud Adoption & Risk Report
14
Imperva
15
Verizon 2016 Data Breach Investigations Report (DBIR)
16
Imperva and the Ponemon Institute
17
Skyhigh Cloud Adoption & Risk Report
18
The 2016 State of SMB Cybersecurity Report by Ponemon Institute
19
2016 Vormetric Data Threat Report
19
TechTarget
20
Top 10 Security Predictions 2016
Sources:
34. The need for increased IT security is clear. Businesses
must adapt to meet these evolving IT security threats
with a unified, connected solution.
If you’re interested in learning how to protect your organization from malware,
breaches and other IT security threats get started today by downloading,
“Security, Manageability, and Reliability: The Keys to Safe Data.”
Download Guide
5 Tower Bridge, 300 Barr Harbor Drive, Suite 705, West Conshohocken, PA 19428
866.797.3282 www.razor-tech.com