Post on 09-Jul-2020
to scare up resources to improve information security
SPOOKY INFOSEC STATS
SPOOKY INFOSEC STATS
thirteen
Are you committed to improving information security? Are you frustrated and feel that you are tasked to run a program on a shoestring budget?
feeling overwhelmed is scary stuffMaybe having a few spooky stats will help scare up the
right resources that you need to protect
sensitive employee and customer data.
Here are a few stats that will help you convince
your leadership team that investing in
information security is a must have.
of board members say that cyber security is discussed at most or
all board meetings, yet two-thirds of CIOs and CISOs say senior leaders in their organization
don’t view cyber security as a strategic priority
1
Malicious cyber attacks
cost $300B to $1Trillion a year!
2
200+ days inside systems before discovery.
Hackers spend
3
On the FBI’s Most Wanted List for cyber criminals, you will currently find
26 individualseach being responsible for consumer losses ranging from $350,000 to more
than $100 million. They are from all over the world and huge
rewards are offered for their capture.
4
Despite almost daily reports revealing the contrary,
44% of organizations
still believe they can keep attackers off their network entirely.
5
6
56 of organizations say it is unlikely
or highly unlikely that they would be able to detect a sophisticated attack.
%
7
99% of computer users are
vulnerable to exploit kits. (software vulnerabilities)
8
An international cyber crime ring targeted bank employees and pilfered $1B in two years from 100 different banks in nearly 30 countries using
spear phishing emails.
9
74% of IT security professionals say
they are concerned about
insider threats
from negligent or malicious employees.
Zero-Day vulnerability
auctions have become common, but
governments are buying the intelligence related to
these vulnerabilities and weaponizing them, instead of
disclosing them responsibly, as is the norm in the cyber
security industry.
10
Hacktivism
accounts for
half of the cyber attacks
launched in the world. 11
68%of funds lost as a result of a
cyber attack were
declared unrecoverable.
12
There were over
one million web attacks against people
each day in 2015.
13
stay out of the weeds• Stick to the basics. Plain language. No technical jargon.
give information people can relate to• Use the scary stats to show why this should matter to them.• Leverage the fiduciary responsibility of sound security.• Remind them of the power of a top-down approach and
the role that they play in the corporate culture of security awareness across all areas of the organization.
get graphic• Executives love visuals and at a glance reports. Give them the highlights in digestible chunks that
they can read on the go.
do not be afraid to be the bearer of bad news• If your security program is failing miserably, don’t be afraid to speak up and spell out the resources
needed and justify the reasons why. But don’t just be doom and gloom – that can be overwhelming. Make sure to offer solutions in a step-by-step easy to understand way.
Presenting to your executive team isn’t always a treat. Here are a few tricks to help you communicate and get top-level support.
At Digital Defense, Inc. (DDI), we understand the criticality of information security and the pressure that organizations face in keeping sensitive data and intellectual property secure.
Are you forced to use spreadsheets to make sense of chaos?Are you challenged to match remediation efforts to the correct vulnerability? When you have a question, are you left waiting days for a response?
DDI lifts the burden through our Vulnerability Management as a Service (VMaaSTM).
Our unique, cloud based delivery combines leading edge patented technology, a next generation security assessment system and a best in class managed service with on-demand access to a Personal Security Analyst, to deliver unparalleled accuracy of results.
resourcesStatistic 1 - http://www.cyberark.com/blog/fast-facts-noteworthy-cyber-
security-statistics/
Statistic 2 - http://www.cyberark.com/blog/fast-facts-noteworthy-cyber-security-statistics/
Statistic 3 - http://www.infosecurity-magazine.com/news/hackers-spend-over-200-days-inside/
Statistic 4 - https://www.fbi.gov/wanted/cyber
Statistic 5 - http://www.cyberark.com/blog/fast-facts-noteworthy-cyber-security-statistics/
Statistic 6 - https://www.netiq.com/communities/cool-solutions/netiq-views/84-fascinating-it-security-statistics/
Statistic 7 - https://www.kordia.co.nz/cyber-crime-by-the-numbers/
Statistic 8 - http://www.darkreading.com/attacks-breaches/cyberciminals-target-bank-employees-steal-$1-billion-from-financial-institutions-worldwide/d/d-id/1319106
Statistic 9 - http://www.esecurityplanet.com/network-security/74-percent-of-it-security-pros-worry-about-insider-threats.html
Statistic 10 - https://www.netswitch.net/security-is-a-pre-condition-of-freedom/
Statistic 11 - https://www.kordia.co.nz/cyber-crime-by-the-numbers/
Statistic 12 - http://www.csoonline.in/pictures/sotd-68-funds-lost-due-cyber-attacks-declared-unrecoverable
Statistic 13 - https://www.symantec.com/security-center/threat-report
REDUCE RISK. BUILD A CULTURE OF SECURITY.www.DigitalDefense.com |
© 2016 Digital Defense, Inc.