In September 2017, Akamai commissioned Forrester Consulting to examine how companies approach digital experience and digital security. A survey of over 350 IT executives around the world found that:
Customer trust is at an all-time low and it’s hurting growth
Executives are aware that customer trust is becoming critical to success
Companies struggle to balance security with digital experience
Failure to deliver on security impacts brand reputation, customer trust, and revenues
This report, Drop A Pin At The Intersection Of Digital Experience And Security, shares insights into these findings and what sets top digital businesses apart.
Published By: Tenable
Published Date: Aug 07, 2018
"Tenable Research’s analysis shows that how the race begins is a key indicator of how it will end. But, security teams have the power to reclaim the advantage by developing a risk-centric mindset and more agile vulnerability management.
Download the report now to:
- Find out more about Tenable Research’s analysis of the 50 most prevalent vulnerabilities
- Get recommendations on how to reduce the attacker’s seven-day window of opportunity
- Learn how real-world threat actor activity can be leveraged to prioritize vulnerabilities for remediation and mitigate the attacker’s first-mover advantage"
The Tenth Annual State of the Network Global Study
focuses a lens on the network team’s role in security
investigations. Results indicate that 88 percent of
network teams are now spending time on security
issues. In fact, out of 1,035 respondents, nearly
3 out of 4 spend up to 10 hours per week working
exclusively on these types of problems - in addition
to managing network upgrades, SDN, cloud, and big
When it comes to technology adoption, both cloud and
100 GbE deployment continue to grow aggressively.
VoIP adoption is closing in on 60 percent and
software-defined networking (SDN) is projected to
cross the halfway mark, indicating compounding
network complexity amidst the ongoing struggle to
ID security threats.
With growth comes change and some trends
identified in this year’s survey include a rise in email
and browser-based malware attacks (63 percent)
and an increase in sophistication (52 percent). Nearly
1 in 3 also report a surge in DDoS attacks, signaling
Cloud services bring new and significant cybersecurity threats. The cloud can be secured—but not by the vendor alone. Are you clear about the risks and your responsibilities as an IT leader?
Read this report to understand:
• how cloud adoption is reshaping the threat landscape
• why identity and access management must be a priority
• what are cybersecurity best practices in a modern IT environment
• which emerging technologies offer hope for improving cybersecurity outcomes.
Download the report now:
Published By: Cylance
Published Date: Jul 02, 2018
During NSS Labs’ 2018 Advanced Endpoint Protection (AEP) Group Test, CylancePROTECT® and CylanceOPTICS™ v2.0.1450 failed to initiate part of the CylanceOPTICS engine, which primarily impacted the exploit and blended threats test categories. This affected the Cylance® position on the Security Value Map (SVM)™. After working closely with NSS, Cylance rolled out a new version of its software (v2.2.1011) for CylanceOPTICS. Cylance submitted this updated product for follow-on testing using the AEP Test Methodology v2.0, the same methodology used in the AEP Group Test. The product improved its Block Rate by 6.9% and its Additional Detection Rate by 0.2%. Learn more about the results in the NSS Labs testing report.
Published By: Cylance
Published Date: Jul 02, 2018
Phoenix Children’s CISO, Daniel Shuler, and its IT security team are responsible for protecting 5,000 endpoints in the hospital and across more than 20 clinics in the region. Endpoints include physician and staff laptops and desktops, nursing stations, servers, Windows-based clinical devices, credit card payment processors, and point-of-sale terminals. These endpoints are used to store and/or process personal health information (PHI), and payment and credit card information. They must comply with HIPAA for PHI and voluntarily comply with the Payment Card Industry Data Security Standard (PCI-DSS) for credit card data. The IT security team’s existing industry-leading AV solution claimed to provide visibility into malicious activity aimed at the endpoints. It continuously reported all endpoints were safe, sound, and secure. This caused Daniel to be suspicious. He knew from experience that such low levels of endpoint malicious activity was highly unlikely. Read the full case study to learn about the results Cylance was able to deliver.
Published By: Cylance
Published Date: Jul 02, 2018
Forrester Consulting was commissioned to conduct a Total Economic Impact™ (TEI) study to examine the potential return on investment (ROI) enterprises may realize by deploying Cylance's advanced threat protection solution, CylancePROTECT®, and its deployment and configuration services, ThreatZero™. The study aims to provide readers with a framework to evaluate the potential financial impact of CylancePROTECT and ThreatZero on their organizations, which will improve customer success with advanced cybersecurity and antivirus protection solutions. To better understand the benefits, costs, and risks associated with an investment in Cylance, Forrester interviewed the Chief Information Security Officer for a Large State County Government, who has used the solutions for over a year. Cylance provides a new-generation, predictive, cybersecurity, and malware prevention solution that leverages artificial intelligence to prevent malware from executing on endpoints in real time. This is usually implemented with ThreatZero, which is a continuous professional service program rendered by Cylance for users of CylancePROTECT. ThreatZero guides through the planning, implementation, integration, and ongoing optimization of the solution. This often includes end user education, training, and support to totally eliminate endpoint threats and incidents. With CylancePROTECT and ThreatZero, the organization was able to reduce security breaches to almost zero, catching malware before it ever gained access to public records. Relative to their previous endpoint protection, this significantly reduced costs from remediation/reimaging and incidence response. Additionally, IT and security employees’ productivity were boosted. Read more in the full TEI report.
With the deadline for GDPR compliance looming
in May 2018, it’s a good time for security and
privacy professionals to take stock of how their
readiness efforts and approaches compare to
the rest of the industry. This data-driven report
outlines the current state of compliance, trends
by industry and geography, and key Forrester
recommendations for moving your efforts forward.
What if defenders could see the future? If they knew an attack was coming, they could stop it, or at least mitigate its impact and help ensure what they need to protect most is safe. The fact is, defenders
can see what’s on the horizon.
Many clues are out there—and obvious.
The Cisco 2018 Annual Cybersecurity Report presents our latest security industry advances designed to help organizations and
users defend against attacks. We also look at the techniques and strategies that adversaries use to break through those defenses
and evade detection.
The report also highlights major findings from the Cisco 2018 Security Capabilities Benchmark Study, which examines the security posture of enterprises and their perceptions of their preparedness to defend against attacks.
With a hybrid IT approach, small and midsized businesses can leverage the greater control, faster access, and increased security that comes with on-premise, while taking advantage of the increased agility, reduced costs, and better flexibility that the cloud offers.
In this report we’ll look at some of the challenges that smaller organizations face in building and managing IT, along with how some businesses are leveraging a hybrid cloud and on premise approach, gaining some significant benefits through this approach.
While there are many security concerns in the cloud, this report focuses on 12 specifically related to the shared, on-demand nature of cloud computing. To identify the top concerns, CSA conducted a survey of industry experts to compile professional opinions on the greatest security issues within cloud computing. Download now to learn more.
Security and performance were once considered separate issues requiring very different solutions. But now that malicious hackers have discovered new and better ways to affect both aspects of a website, you need solutions that can plug security holes while enhancing frontend performance. How is that possible? In this report, we explore browser-based solutions that can beef up security and enhance end-user performance in one stroke.
This report examines several techniques for dealing with third party content issues in the browser, including HSTS, iframe, and prefetch. It also dives into service workers and browser-based scripts that provide many security and performance options.
Download it now and learn how you can jointly improve security and increase performance.
Ponemon Institute surveyed 569 individuals in IT security who are familiar with credential stuffing and are responsible for the security of their companies’ Internet properties. The survey identified key stats about credential stuffing, including the costs organizations incur to prevent damage, and the financial consequences when attackers succeed.
According to respondents, these attacks cause costly application downtime, loss of customers, and involvement of IT security that can result in a cost of millions of dollars. The survey highlights the challenges in identifying who is accessing their websites using stolen credentials, as well as the difficulty in preventing and remediating these attacks.
The Cisco® 2016 Midyear Cybersecurity Report—which presents research, insights, and perspectives from Cisco Security Research—updates security professionals on the trends covered in our previous security report while also examining developments that may affect the security landscape later this year.
Published By: Gigamon
Published Date: Oct 19, 2017
Register for the Enterprise Strategy Group’s Research Insights Paper, Understanding the State of Network Security Today to learn more about the challenges, changes, best practices and solution requirements for network security operations and tools. See why ESG recommends improving network visibility and reducing security vulnerabilities by consolidating tools through a platform-based approach to visibility in which data, analytics and reports from multiple tools are aggregated and consumed in one control panel. Download to learn more.
Organizations continue to adopt cloud computing at a rapid pace to benefit from increased efficiency, better scalability, and faster deployments.
As more workloads are shifting to the cloud, cybersecurity professionals remain concerned about security of
data, systems, and services in the cloud. To cope with new security challenges, security teams are forced to reassess their security posture and strategies as traditional security tools are often not suited for the challenges of dynamic, virtual and distributed cloud environments. This technology challenge is only exacerbated by the dramatic shortage of skilled cybersecurity professionals.
Cloud investment continues to grow
over 20% annually as organizations are
looking for faster time to deployment,
scalability, reduced maintenance, and
lower cost. But there is one aspect
of cloud that consistently worries IT
and security professionals – how to
achieve high levels of security in the
cloud. As cloud adoption increases, the
fears of unauthorized access, stolen
identities, data and privacy loss, and
confidentiality and compliance issues
are rising right along with it.
This report has been produced by the
350,000 member Information Security
Community on LinkedIn in partnership
with Crowd Research Partners
to explore how organizations are
responding to the security threats in the
cloud and what tools and best practices
IT cybersecurity leaders are considering
in their move to the cloud.
It is no secret; security and compliance are at the top of the list of concerns tied to cloud adoption. According to a recent 2017 Cloud Security survey to over 350,000 members of the LinkedIn Information Security Community, IT pros have general concerns about security in the cloud (33 percent), in addition to data loss and leakage risks (26 percent) and legal and regulatory compliance (24 percent)1. The number of reported breaches in enterprise datacenter environments still far exceeds the reported exposure from cloud platforms, but as businesses start using public clouds to run their mission-critical workloads, the need for enterprise-grade security in the cloud will increase.
Public cloud environments require a centralized, consolidated platform for security that is built from the ground up for the cloud, and allows administrators to monitor and actively enforce security policies. The tools and techniques that worked to secure datacenter environments fail miserably in the cloud. Se
As organizations prepare for the 2015 budget cycle, security and risk (S&R) professionals should use this annual report to help benchmark their organization’s spending patterns against those of their peers — while keeping an eye on current trends affecting endpoint security — in order to strategize their endpoint security adoption decisions. Read this report for more information.
Download Vormetric’s Annual Data Threat Report, featuring key insights from 451 Research, to learn more about the latest trends in data encryption and data security and how your business can best protect its most vital asset: it’s data.
Forrester presents the relevant endpoint security data from their most recent surveys, with special attention given to those trends affecting SMBs (firms with 20 to 999 employees) and enterprises (firms with 1,000+ employees), along with analysis that explains the data in the context of the overall security landscape. As organizations prepare for the 2015 budget cycle, security and risk (S&R) professionals should use this annual report to help benchmark their organization’s spending patterns against those of their peers — while keeping an eye on current trends affecting endpoint security — in order to strategize their endpoint security adoption decisions. Please download this Forrester Research report, offered compliments of Dell, for more information.
Published By: Websense
Published Date: Apr 09, 2013
Most security effectiveness tests take a sample of known malicious content, and see how many threats each solution can catch. Unfortunately, stopping known threats — those with a known signature, reputation or destination — isn't enough to protect real-world networks.
So we designed a new test, along with leading independent test laboratory Miercom*, that simulates a typical day on a network like yours. We put a large sample of web traffic of unknown nature through our TRITON-powered Websense® Web Security Gateway solution, along with competing web gateways and firewalls. Each solution had a fair and equal chance to analyze, classify and block threats as it would on your network.
There are obviously a variety of choices open to you: a spreadsheet plug-in may be appropriate if you are only focused on general ledger reporting and do not have concerns over security or compliance. You might also suppose that this is a low-cost option, though we would argue that the remediation required, the additional audit fees and the lack of repeatability means that this is a false economy and that this approach will end up costing you more in the long term. A second use case would be where you already have a financial reporting solution installed, when the add-on facilities for purposes such as business intelligence are likely to be your major focus. In this case an Oracle based solution is likely to be as good as anything else.
Adversaries and defenders are both developing technologies
and tactics that are growing in sophistication. For their part,
bad actors are building strong back-end infrastructures
with which to launch and support their campaigns. Online
criminals are refining their techniques for extracting money
from victims and for evading detection even as they continue
to steal data and intellectual property.