Click here to close now.

Welcome!

Cloud Expo Authors: Pat Romanski, Carmen Gonzalez, Elizabeth White, Liz McMillan, John Wetherill

Blog Feed Post

Data Breach Virgins Completely Underestimate The Costs Of Failed Security, Reveals Faronics Survey

Organisations fail to realise implications of a data breach; estimate recovery costs to be a third less than they actually are

LONDON - 13th November, 2012 - Faronics, a global leader in securing multi-user PC environments, today announced the results of a survey that explores how UK organisations think about information security and what motivates them to invest in data defences. The research, conducted by Ponemon Institute[1], revealed that 54 percent of respondents have experienced at least one data breach in the last year, with nearly a fifth (19 percent) experiencing more than four. Perhaps more worryingly, those that have so far avoided a data breach demonstrated a real lack of awareness of the financial and long-term damage that a breach can have on a company.

Of those who have suffered a data breach, nearly half (48 percent) stated that it damaged their reputation, while close to a third (30 percent) were forced to downsize due to a loss of customers. However, when asking those that have not suffered a breach, 58 percent believe brand reputation would be untarnished should they fall victim, while the majority (70 percent) do not think that the cost of customer acquisition would increase. In fact, the research shows that on average the cost of customer acquisition rose by £91,985 after a breach.

"Despite growing awareness of cybercrime in general, it seems that organisations are still oblivious to the full financial and reputational costs data breaches can bring," said Dmitry Shesterin, VP of product management at Faronics. "As these results indicate, there is a serious discrepancy between what organisations perceive to be the real repercussions of failed security and what they actually are. While it's no secret that organisations are becoming more concerned about the possibility of a data breach, it seems they are actually not as prepared as they should be. Existing business contracts are not the only thing at stake - so too are future revenue opportunities, shifting it from a short-term to a potentially long-term problem. What is also worrying is that a growing number of organisations are not just experiencing one data breach, they are experiencing three, four or even more, indicating that they are either failing to learn from past mistakes or are simply not taking the necessary steps to adequately protect the data that they have been entrusted with."

The study also concluded that organisations are underestimating the long-term financial costs and time it takes to recover from a breach by up to a half, with those that have not suffered a data breach estimating a cost of just under £95,000 and a recovery period of four months. In reality, the research found that it is costing businesses £138,700 and taking over twice as long (9.3 months) to get back to normal.

"There really is no room for nonchalance when it comes to security strategies and it is completely irresponsible to assume the repercussions will be anything less than they are," continued Shesterin. "Organisations need to know exactly what is at stake in order to readdress existing security practices and ensure they are as well protected as they can be. Businesses are without doubt more vulnerable than ever, and with figures such as these, it's not surprising that many are unable to absorb the eye-watering cost and reputational damage that so often follows a breach."

In terms of the threats keeping security teams awake at night, nearly two thirds of those surveyed (62 percent) consider BYOD to be the most serious threat to security, followed by a lack of data protection across devices (56 percent), insecure third parties and cloud providers (53 percent), and the proliferation of unstructured data (44 percent), indicating that although they are becoming essential to business development, new technology trends pose a growing cause for concern for many organisations. Perhaps a little surprising, widely publicised threats are still a relatively low priority, with only eight percent stating it is very likely that their organizations would be affected by cyber espionage and just 17 percent very likely to see APTs as a potential danger.

"With today's complex security landscape, any organisation is a potential target," continued Shesterin. "You only need to take a look at the high profile security incidents, such as those at HSBC, LinkedIn and Yahoo, to realise that no one is safe. As well as raising awareness of cybercriminal tactics, organisations must consider a more holistic approach to security. They cannot afford to become absent-minded and rely solely on traditional perimeter solutions, such as anti-virus, as today's threats are just too sophisticated. Instead, organisations must consider a layered security approach involving application control and system restore methods, which offers a safety net should any malware make its way onto the network."

[1] 544 individuals in organisations with between 50 and 3,000 employees were surveyed by The Ponemon Institute on behalf of Faronics in October 2012.

The full report findings can be found here: http://www.faronics.com/assets/UK-Faronics-FINAL-1.pdf

About Faronics
With a well-established record of helping businesses manage, simplify, and secure their IT infrastructure, Faronics makes it possible to do more with less by maximising the value of existing technology. Faronics is the ONLY endpoint security software vendor to offer a comprehensive layered security solution consisting of anti-virus, application whitelisting, and instant system restore protection. Incorporated in 1996, Faronics has offices in the USA, Canada and the UK, as well as a global network of channel partners. Our solutions are deployed in over 150 countries worldwide, and we are helping more than 30,000 organisations.

For more information visit www.faronics.com

Press contacts:
Hannah Townsend or Richard Scarlett
Johnson King
T: +44 (0)20 7401 7968
E: [email protected]

Read the original blog entry...

More Stories By RealWire News Distribution

RealWire is a global news release distribution service specialising in the online media. The RealWire approach focuses on delivering relevant content to the receivers of our client's news releases. As we know that it is only through delivering relevance, that influence can ever be achieved.

@CloudExpo Stories
17th Cloud Expo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy. Meanwhile, 94% of enterprises a...
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of bein...
In this scenarios approach Joe Thykattil, Technology Architect & Sales at TimeWarner / Navisite, presented examples that will allow business-savvy professionals to make informed decisions based on a sound business model. This model covered the technology options in detail as well as a financial analysis. The TCO (Total Cost of Ownership) and ROI (Return on Investment) demonstrated how to start, develop and formulate a business case that will allow both small and large scale projects to achieve...
The truth is, today’s databases are anything but agile – they are effectively static repositories that are cumbersome to work with, difficult to change, and cannot keep pace with application demands. Performance suffers as a result, and it takes far longer than it should to deliver new features and capabilities needed to make your organization competitive. As your application and business needs change, data repositories and structures get outmoded rapidly, resulting in increased work for applica...
The Workspace-as-a-Service (WaaS) market will grow to $6.4B by 2018. In his session at 16th Cloud Expo, Seth Bostock, CEO of IndependenceIT, will begin by walking the audience through the evolution of Workspace as-a-Service, where it is now vs. where it going. To look beyond the desktop we must understand exactly what WaaS is, who the users are, and where it is going in the future. IT departments, ISVs and service providers must look to workflow and automation capabilities to adapt to growing ...
The speed of product development has increased massively in the past 10 years. At the same time our formal secure development and SDL methodologies have fallen behind. This forces product developers to choose between rapid release times and security. In his session at DevOps Summit, Michael Murray, Director of Cyber Security Consulting and Assessment at GE Healthcare, examined the problems and presented some solutions for moving security into the DevOps lifecycle to ensure that we get fast AND ...
Since 2008 and for the first time in history, more than half of humans live in urban areas, urging cities to become “smart.” Today, cities can leverage the wide availability of smartphones combined with new technologies such as Beacons or NFC to connect their urban furniture and environment to create citizen-first services that improve transportation, way-finding and information delivery. In her session at @ThingsExpo, Laetitia Gazel-Anthoine, CEO of Connecthings, will focus on successful use c...
After a couple of false starts, cloud-based desktop solutions are picking up steam, driven by trends such as BYOD and pervasive high-speed connectivity. In his session at 15th Cloud Expo, Seth Bostock, CEO of IndependenceIT, cut through the hype and the acronyms, and discussed the emergence of full-featured cloud workspaces that do for the desktop what cloud infrastructure did for the server. He also discussed VDI vs DaaS, implementation strategies and evaluation criteria.
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Building low-cost wearable devices can enhance the quality of our lives. In his session at Internet of @ThingsExpo, Sai Yamanoor, Embedded Software Engineer at Altschool, provided an example of putting together a small keychain within a $50 budget that educates the user about the air quality in their surroundings. He also provided examples such as building a wearable device that provides transit or recreational information. He then reviewed the resources available to build wearable devices at ...
Skeuomorphism usually means retaining existing design cues in something new that doesn’t actually need them. However, the concept of skeuomorphism can be thought of as relating more broadly to applying existing patterns to new technologies that, in fact, cry out for new approaches. In his session at DevOps Summit, Gordon Haff, Senior Cloud Strategy Marketing and Evangelism Manager at Red Hat, will discuss why containers should be paired with new architectural practices such as microservices ra...
With the arrival of the Big Data revolution, a data professional is expected to master a broad spectrum of complex domains including data processing, mathematics, programming languages, machine learning techniques, and business knowledge. While this mastery is undoubtedly important, this narrow focus on tool usage has divorced many from the imagination required to solve real-world problems. As the demand for analysis increases, the data science community must transform from tool experts to "data...
Thanks to Docker, it becomes very easy to leverage containers to build, ship, and run any Linux application on any kind of infrastructure. Docker is particularly helpful for microservice architectures because their successful implementation relies on a fast, efficient deployment mechanism – which is precisely one of the features of Docker. Microservice architectures are therefore becoming more popular, and are increasingly seen as an interesting option even for smaller projects, instead of bein...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading in...
DevOps tends to focus on the relationship between Dev and Ops, putting an emphasis on the ops and application infrastructure. But that’s changing with microservices architectures. In her session at DevOps Summit, Lori MacVittie, Evangelist for F5 Networks, will focus on how microservices are changing the underlying architectures needed to scale, secure and deliver applications based on highly distributed (micro) services and why that means an expansion into “the network” for DevOps.
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happe...
The emergence of cloud computing and Big Data warrants a greater role for the PMO to successfully manage enterprise transformation driven by these powerful trends. As the adoption of cloud-based services continues to grow, a governance model is needed to orchestrate enterprise cloud implementations and harness the power of Big Data analytics. In his session at Cloud Expo, Mahesh Singh, President of BigData, Inc., discussed how the Enterprise PMO takes center stage not only in developing the app...
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo – to be held June 9-11, 2015, at the Javits Center in New York City, NY – is now accepting Hackathon proposals. Hackathon sponsorship benefits include general brand exposure and increasing engagement with the developer ecosystem. At Cloud Expo 2014 Silicon Valley, IBM held the Bluemix Developer Playground on November 5 and ElasticBox held the DevOps Hackathon on November 6. Both events took place on the expo fl...
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...