to scare up resources to improve information security

SPOOKY INFOSEC STATS

SPOOKY INFOSEC STATS

thirteen

Are you committed to improving information security? Are you frustrated and feel that you are tasked to run a program on a shoestring budget?

feeling overwhelmed is scary stuffMaybe having a few spooky stats will help scare up the

right resources that you need to protect

sensitive employee and customer data.

Here are a few stats that will help you convince

your leadership team that investing in

information security is a must have.

of board members say that cyber security is discussed at most or

all board meetings, yet two-thirds of CIOs and CISOs say senior leaders in their organization

don’t view cyber security as a strategic priority

1

Malicious cyber attacks

cost $300B to $1Trillion a year!

2

200+ days inside systems before discovery.

Hackers spend

3

On the FBI’s Most Wanted List for cyber criminals, you will currently find

26 individualseach being responsible for consumer losses ranging from $350,000 to more

than $100 million. They are from all over the world and huge

rewards are offered for their capture.

4

Despite almost daily reports revealing the contrary,

44% of organizations

still believe they can keep attackers off their network entirely.

5

6

56 of organizations say it is unlikely

or highly unlikely that they would be able to detect a sophisticated attack.

%

7

99% of computer users are

vulnerable to exploit kits. (software vulnerabilities)

8

An international cyber crime ring targeted bank employees and pilfered $1B in two years from 100 different banks in nearly 30 countries using

spear phishing emails.

9

74% of IT security professionals say

they are concerned about

insider threats

from negligent or malicious employees.

Zero-Day vulnerability

auctions have become common, but

governments are buying the intelligence related to

these vulnerabilities and weaponizing them, instead of

disclosing them responsibly, as is the norm in the cyber

security industry.

10

Hacktivism

accounts for

half of the cyber attacks

launched in the world. 11

68%of funds lost as a result of a

cyber attack were

declared unrecoverable.

12

There were over

one million web attacks against people

each day in 2015.

13

stay out of the weeds• Stick to the basics. Plain language. No technical jargon.

give information people can relate to• Use the scary stats to show why this should matter to them.• Leverage the fiduciary responsibility of sound security.• Remind them of the power of a top-down approach and

the role that they play in the corporate culture of security awareness across all areas of the organization.

get graphic• Executives love visuals and at a glance reports. Give them the highlights in digestible chunks that

they can read on the go.

do not be afraid to be the bearer of bad news• If your security program is failing miserably, don’t be afraid to speak up and spell out the resources

needed and justify the reasons why. But don’t just be doom and gloom – that can be overwhelming. Make sure to offer solutions in a step-by-step easy to understand way.

Presenting to your executive team isn’t always a treat. Here are a few tricks to help you communicate and get top-level support.

At Digital Defense, Inc. (DDI), we understand the criticality of information security and the pressure that organizations face in keeping sensitive data and intellectual property secure.

Are you forced to use spreadsheets to make sense of chaos?Are you challenged to match remediation efforts to the correct vulnerability? When you have a question, are you left waiting days for a response?

DDI lifts the burden through our Vulnerability Management as a Service (VMaaSTM).

Our unique, cloud based delivery combines leading edge patented technology, a next generation security assessment system and a best in class managed service with on-demand access to a Personal Security Analyst, to deliver unparalleled accuracy of results.

resourcesStatistic 1 - http://www.cyberark.com/blog/fast-facts-noteworthy-cyber-

security-statistics/

Statistic 2 - http://www.cyberark.com/blog/fast-facts-noteworthy-cyber-security-statistics/

Statistic 3 - http://www.infosecurity-magazine.com/news/hackers-spend-over-200-days-inside/

Statistic 4 - https://www.fbi.gov/wanted/cyber

Statistic 5 - http://www.cyberark.com/blog/fast-facts-noteworthy-cyber-security-statistics/

Statistic 6 - https://www.netiq.com/communities/cool-solutions/netiq-views/84-fascinating-it-security-statistics/

Statistic 7 - https://www.kordia.co.nz/cyber-crime-by-the-numbers/

Statistic 8 - http://www.darkreading.com/attacks-breaches/cyberciminals-target-bank-employees-steal-$1-billion-from-financial-institutions-worldwide/d/d-id/1319106

Statistic 9 - http://www.esecurityplanet.com/network-security/74-percent-of-it-security-pros-worry-about-insider-threats.html

Statistic 10 - https://www.netswitch.net/security-is-a-pre-condition-of-freedom/

Statistic 11 - https://www.kordia.co.nz/cyber-crime-by-the-numbers/

Statistic 12 - http://www.csoonline.in/pictures/sotd-68-funds-lost-due-cyber-attacks-declared-unrecoverable

Statistic 13 - https://www.symantec.com/security-center/threat-report

REDUCE RISK. BUILD A CULTURE OF SECURITY.www.DigitalDefense.com |

© 2016 Digital Defense, Inc.