Date post: | 12-Apr-2017 |
Category: |
Technology |
Upload: | bitglass |
View: | 15 times |
Download: | 1 times |
webinar:hidden threatsand the 2017 cyber threat
defense report
About The Cyberthreat Defense Report
❑ 27-question online survey conducted in Nov 2016▪IT security decision maker or practitioner▪Employed by organization with at least
500 employees❑ Survey designed to assess:▪Organization’s security posture▪Perceptions of cyberthreats and security
defenses▪Current and future IT security investments▪IT security practices and strategies
2
Survey Demographics
3Respondents by employee countRespondents by country
1,100 respondents | 15 countries | 19 industries
Steadily Rising Cyberattacks
4
79% were affected by a successful cyberattack in 2016…
Percentage compromised at least onceFrequency of successful attacks
Cyberthreat Migraines
5
Malware and spear-phishing are always top of mind. Overall concern is rising!
Overall concern for cyberthreats is rising!
Feeling Ransomware’s Pain
6
Data loss and productivity loss are of greatest concern. Losing revenue isn’t.
Responding to Ransomware
Percentage affected by ransomware in 2016
61% of organizations affected by ransomware globally. Thankfully, most (54%) recovered their data without paying the ransom.
Room for Improving Office 365 Security
8
Only 1 in 3 is truly confident with Microsoft’s available Office 365 protections, opening the door to third-party solutions.
Biggest Obstacles to “Being Secure”
“Low security awareness among employees” is the biggest obstacle for the fourth consecutive year. When will the industry take notice?
App and Data Security Deployment Plans
10
App security testing, app vulnerability scanning, and deception technology are most sought after in 2017.
Threat Intelligence Practices
Blocking more threats remains the dominant use case for threat intelligence services.
CASB Deployment Use Cases
12
Preventing unwanted data disclosures remains the number one use case for deploying CASB technology.
Overcoming the IT Security Skills Shortage
13
Nine out of 10 organizations are affected by the skills shortage. Most (51%) are leveraging external vendors and contractors.
Percentage affected by the IT security skills shortage, by industry
Key Take-Aways
❑ Successful cyber attacks are rising!▪79% affected in 2017 vs. 62% in 2014
❑ Malware is the biggest headache for IT security teams▪Followed by phishing and insider threats
❑ Ransomware is a significant issue▪61% of organizations affected▪One-third paid the ransom▪More than 13% lost their data
❑ CASBs are among the top investments planned for 2017▪Address a growing area of concern▪Rich feature set provides a lot of coverage/capabilities
14
poll: what are your top
cloud security concerns?
the traditional approach to
security is inadequate
enterprise(CASB)
end-user devicesvisibility & analytics
data protectionidentity & access control
applicationstorageserversnetwork
how does the solution differ from security built into cloud apps?
app vendor
does the solution protect cloud data end-to-end?
■ Cloud data doesn’t exist only “in the cloud”
■ A complete solution must provide visibility and control over data in the cloud
■ Solution must also protect data on end-user devices
■ Leverage contextual access controls
can the solution control access from both managed & unmanaged devices?
reverse proxy■ unmanaged devices - any device, anywhere■ no software to install/configure
forward proxy■ managed devices - inline control for installed
apps■ agent and certificate based approaches
activesync proxy■ secure email, calendar, etc on any mobile
device■ no software to install/configure■ device level security - wipe, encryption, PIN
etc
does the solution provide real-time visibility and control?
■ Apply granular DLP to data-at-rest and upon access
■ Context-awareness should distinguish between users, managed and unmanaged devices, and more
■ Flexible policy actions (DRM, quarantine, remove share, etc) required to mitigate overall risk
does the solution protect against unauthorized access?
■ Cloud app identity management should maintain the best practices of on-prem identity
■ Cross-app visibility into suspicious access activity with actions like step-up multifactor authentication
secure office 365 + byod
client:
■ 35,000 employees globally
challenge: ■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing■ Interoperable with existing
infrastructure, e.g. Bluecoat, ADFS
solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload
or download■ Quarantine externally-shared
sensitive files in cloud ■ Controlled unmanaged device
access■ Shadow IT & Breach discovery
fortune 50 healthcar
efirm
client:
■ 15,000 employees in 190+ locations globally
challenge:
■ Mitigate risks of Google Apps adoption
■ Prevent sensitive data from being stored in the cloud
■ Limit data access based on device risk level
■ Govern external sharing
solution:
■ Inline data protection for unmanaged devices/BYOD
■ Bidirectional DLP
■ Real-time sharing control
secure google apps +
byod
business data
giant
about bitglass
total data
protection est. jan
2013
100+ custome
rs
tier 1 VCs
resources:more info about cloud security
■ whitepaper: the definitive guide to CASBs
■ report: cyberthreat defense
■ case study: fortune 100 healthcare firm secure O365
bitglass.com@bitglass