Cyber Threats: key insights from the best reports
Appriver Cyberthreat Index for Business: Q1 2019
Appriver – 8pgs – 1st March 2019
20% of SMBs predict their business would not survive at all after a successful cyber attack
The Changing Landscape of Identities in the Wild
4iQ – 22pgs – 28th February 2019
12,449 authentic breaches analysed by 4iQ in 2018, equating to 34 every day.
14.9 billion identity records were circulating underground communities in 2018.
The US and China collectively accounted for 47% of all compromised identity records in 2018.
424% increase in authentic new breaches, resulting from cyber criminals increasingly targeting small businesses.
Privileged Access Management in the Modern Threatscape
Centrify – 17pgs – 26th February 2019
52% of respondents do not have a password vault.
65% of respondents are still sharing root or privileged access to systems and data at least ‘somewhat often’.
21% of respondents have not implemented Multi-Factor Authentication for privileged administrative access.
44% of UK respondents were not positive on what Privileged Access Management is, compared to 26% of US respondents.
Healthcare Breach Report 2019
Bitglass – 9pgs – 25th February 2019
6.8million increase in total records breached between 2017 and 2018.
The 290 reported healthcare breaches in 2018 shows a three-year low.
45.9% of breaches caused by Hacking and IT incidents, making it the top cause.
39,739 is the average number of individuals affected per breach, over double compared to 2017.
Data breaches have risen 480% in financial services firms
Information Age – 1 – 25th February 2019
480% rise in data breaches reported from financial services industry in 2018
With 34, wholesale financial markets firms reported the most data breaches in 2018.
Rising from 1 to 25 in a year, the retail banking sector saw the largest increase in data breach reports.
Cybercriminals targeting investment banks due to perceived less sophisticated security systems and higher reward.
A Tale of Epic Extortions: How Cybercriminals Monetize Our Online Exposure
Digital Shadows – 19pgs – 21st February 2019
$360,000 annual salary promises from cybercrime groups in exchange for extortion.
Cybercriminals increasingly target individuals with high net worth or holding powerful positions within companies.
Oracle and KPMG Cloud Threat Report 2019
Oracle & KPMG – 60pgs – 20th February 2019
93% of respondents are dealing with rogue cloud app usage.
Only 10% of organizations can analyze 75%+ of their security events.
85% of respondents interested in replacing passwords with new forms of authentication.
45% of respondents planning to deploy automated patch management in next 24 months.
Internet Security Threat Report 2019
Symantec – 61pgs – 19th February 2019
1 in 10 URLs are malicious.
78% increase in supply chain attacks in 2018.
56% increase of web attacks on endpoints in 2018.
48% of malicious email attachments are office files, an increase of 5% in past 12 months.
20% decrease in overall ransomware, however enterprise and mobile ransomware increased by 12% and 33% respectively.
Size Does Matter: Small businesses and cybersecurity
Webroot – 12pgs – 12th February 2019
38% of respondents state their business is too small to be targeted.
SMBs spend almost a full day per week (18%) of their time on cybersecurity-related tasks.
48% of IT leaders say their business has suffered a cyberattack, with 1 in 7 reporting repeat attacks.
39% of respondents state their business doesn’t hold data cybercriminals would find useful or valuable.
26% of breached SMBs targeted as an entry point to a larger enterprise they supply to, damaging their relationship.
Email Fraud & Identity Deception Trends
Agari – 41pgs – 6th February 2019
70% of brand impersonation attacks spoofed Microsoft.
Over 90% of organizations report being hit by targeted email attacks.
20% of identity deception attacks involved the use of compromised accounts.
20% of the inbound attacks that target employees are account takeover-based threats.
96% of successful data breaches begin with an email, averaging $7.9m in costs per incident.
Costs reported to Security Operations Centers exceeded $4.86m to triage, investigate and remediate.
2019 Cyber Threat Outlook
Booz Allen – 32pgs – 4th February 2019
AI generated video ("deepfakes") may represent a significant, emerging threat to reputations.
The private sector may soon be caught in new cyber operations, as the US levies sanctions on Iran.
Email Fraud Landscape
Valimail – 10pgs – 1st February 2019
60% jump in business email compromise (BEC) losses attributed to fake email.
The implementation of email authentication is steadily rising in each industry sector.
28.7% of health care companies are using DMARC, over 2x as many compared to 2017.
80% of federal domains have published a DMARC record, a 30% increase from the previous year.
50% or higher adoption of DMARC can be seen in only two commercial segments; large US tech companies and The Fortune 500.
Worldwide Threat Assessment of the US Intelligence Community
ODNI – 42pgs – 29th January 2019
Russia and China are currently the biggest cyber-attack and espionage threat to the US.
Risks of economic miscalculation and battlefield surprise increasing due to AI technology advancements.
US rivals are expanding capabilities to “shape and alter the information and systems” the country depends on.
China and Russia able to cause localized and temporary disruption to critical infrastructures via cyber attacks.
The Changing Face of Data Security
Thales – 31pgs – 29th January 2019
44% of large companies rated complexity as main obstacle for implementing data security.
Under 30% of large companies are deploying encryption within their complex IT environments.
Only 17% of large companies that spend < 10% of their IT budget on security identified a data breach in last 12 months.
34% of large businesses that spend at least a tenth of their IT budget on security identified a data breach in last 12 months.
No organization is immune from data security threats: the more sophisticated are more likely to know they had a data security breach.
End of Year Data Breach Report
ITRC – 180pgs – 28th January 2019
416% increase in last 12 months, in number of records breached via a supplier or other third party.
25% of sensitive records exposed in both the education and healthcare sectors were breached via suppliers.
126% increase in last 12 months, in number of consumer records exposed containing sensitive personally identifiable information.
ENISA - European Union’s Agency for Cyber Security - 25 Jan 2019
“Make Cyber Threat Intelligence available to stakeholders, focusing on the ones that lack technical knowledge.”
The need for generic IoT protection architectures/good practices remains a pressing issue.
Phishing messages have become the primary malware infection vector.
Businesses need to take into account emerging supply chain threats
Bulletproof Annual Cyber Security Report 2019
Bulletproof – 23pgs – 23rd January 2019
57% of breaches occur as a result of an unpatched vulnerability.
AI can successfully book a haircut, imagine the possibilities with phishing!
IoT devices could allow hackers to listen to every conversation within the device’s proximity.
Cryptomining malware increased 629% in Q1 2018, with 59% of UK companies being hit by cryptojacking.
2019 State of Malware
Malwarebytes – 33pgs – 23rd January 2019
Trojans ranked 1st in business detections, rising 132% in 2017-2018.
133% rise of compromised records in 2018 compared to the previous year.
79% rise in business detections of malware, as cybercriminals shift to more lucrative targets.
Securing the Digital Economy
Accenture – 49pgs – 21 January 2019
Only 30% of respondents were very confident in their own cybersecurity.
$5trillion in potential losses for global firms in next five years as a result of cybercrime.
56% of respondents state they would welcome stricter business regulations within cybersecurity.
74% state an organized group effort is needed to solve the cybersecurity challenges of the Internet economy.
79% of business leaders state their organization is adopting new technologies faster than they can secure them.
Facebook Algorithms and Personal Data
Pew Research Center – 23pgs – 16th January 2019
74% of users were unaware that Facebook maintained a list of their traits and interests.
Over 50% of Facebook users are uncomfortable with how the platform categorizes them.
Of the 51% of Facebook users that are assigned a political affinity, 73% state this categorization is accurate.
79% of social media users believe it would be easy for these platforms to determine their hobbies and interests.
The State of IoT Security
Gemalto – 24pgs – 15th January 2019
Only 42% of British businesses think they can detect all breaches on their IoT devices.
14% of companies view IoT security as an ethical responsibility, compared to 4% in 2017.
23% of respondents believe blockchain technology to be a solution for securing IoT devices.
79% of companies are asking governments globally to provide more robust guidelines on IoT security.
The Global Risks Report 2019
World Economic Forum – 108pgs – 15th January 2019
$1.7bn spent by energy utilities to protect systems from cyber-attacks.
In top 10 risks of 2019, cyber attacks ranked 5th in terms of likelihood and 7th in terms of impact.
80% of respondents expect increased risk of cyber-attacks leading to disruption of operations in 2019.
AI malware can hide in video-conferencing applications until being activated by recognising the face of intended targets.
McAfee Labs Threats Report
McAfee – 34pgs – 18th December 2018
Cryptomining Boom Times Continue.
Underground Forums Boost the Effectiveness of Cybercriminals.
Total “coin miner” malware has grown more than 4,000% in the past year.
State of the internet / Security
Akamai – 18pgs – 4th December 2018
2018 has been an interesting year for security professionals around the globe, and 2019 is likely to accelerate the changes we’re already seeing.
9% Quarterly Growth in the maximum size of DDoS (Distributed Denial of Service) attacks.
The current state of cybersecurity in the connected hospital
Helpnetsecurity – 27th November 2018
Cybersecurity is a shared responsibility across all sectors working in today’s healthcare system,
71% of physicians and 74% of hospital administrators believe cybersecurity is a shared responsibility among all participants in the healthcare system.
Quarterly Threat Report
Rapid 7 – 34pgs – 13th November 2018
70% of malware-oriented incidents in September detected Emotet/Hedeo use
“fake login” phishing pages are becoming increasingly advanced
Over 20% of qualified incidents began with a URL “click”
WannaCry cost over $100million in damage and clean up
Quarterly Incident Response Threat Report
Carbon Black – 16pgs – 1st November 2018
38% of cyber Incident Response professionals saw attacks on enterprise IoT devices in the last 3 months
Financial and healthcare organizations remain the most targeted in the last 3 months
Cybercrime tactics and techniques: Q3 2018
Malwarebytes – 27pgs – 28th October 2018
Malicious cryptomining decreased by 26 percent for businesses from Q2 2018
Adware decreased 19 percent for consumers but increased 15 percent for businesses in Q3
Ransomware business detections increased 88 percent while consumer detections decreased in Q3
Banking Trojans were the number one detection for both businesses and consumers in Q3
North Korean Cyber Threat Analysis
Recorded Future – 21pgs – 25th October 2018
Internationally, nations have just begun to address the globalized nature of and threat from North Korean internet operations.
Strongly consider instituting role-based access, limiting company-wide data access, and restricting access to sensitive data.
Know your organization’s VPN services and protocols and block or carefully scrutinize non-standard VPN traffic.
Weapon Systems Cybersecurity
GAO – 50pgs – 11th October 2018
Only 1 of 20 cyber vulnerabilities identified in a previous assessment had been corrected
It took one hour to access a weapon system and one day to gain full control of the system during a test
Most Weapon Systems under development have major vulnerabilities, and DOD likely does not know full extent
Staff reported they did not suspect a cyber attack because unexplained crashes were normal for the weapons system
Critical Watch Report
Alert Logic – 14pgs – 10th October 2018
Standard methods of detecting and interrupting an attack are ineffective against the compressed techniques now used in 88% of attacks
Friday is the safest day against Phishing, with half the number of credentials given to malicious sites compared to Tuesday-Thursday
“Spray & Pray” attacks are growing, automatically searching through a randomly chosen set of IP addresses for vulnerabilities
Hybrid environments (cloud + on-premises IT) present greater challenges to the effective application of security policies
Security policies and efforts often lag, as organisations migrate workloads and infrastructure to the cloud.
Accounting, Construction and Finance experience highest number of bad actor scans (Reputation Blocks)
Report based on 1.2 Bn Incidents, 7.2 Mn Events and 254,274 verified security incident
Observations from the front lines of Threat Hunting
Crowdstrike – 20pgs – 9th October 2018
China is the most prolific nation-state threat actor
Biotech industry is increasingly targeted for espionage
eCrime Actors are copying the tactics, techniques and procedures used by nation states
eCrime Actors are becoming better at lateral movement to extend cryptomining on victim computers
Quarterly Threat Report
eSentire – 22pgs – 9th October 2018
Biotechnology, Accounting and Real Estate now have greatest exposure to opportunistic attack due to outdated vulnerabilities
Attacks on Microsoft IIS Web Servers (used by 9% of web sites) increased almost 1,000 times in the last quarter
Opportunistic attacks look for misconfigurations and negligence within patching and updating.
Docusign is most frequent Phishing lure, with malicious invoices and quotations emailed to victim
Drive-by Mining - Understanding the new paradigm
Malwarebytes – 38pgs – 5th October 2018
Browser-based mining is less lucrative than thought
Criminals have fully engaged in evasion techniques and current defenses are inadequate
Drive-by mining emerged as cryptocurrencies gained value and web technologies improved
Attackers are opportunistic (i.e. newly found vulnerabilities) and are going for larger targets
Positive Technologies – 22pgs – 2nd October 2018
47% annual growth in the unique cyber incidents
Attacks on Cryptocurrency Platforms doubled in summer 2018
Hackers made off with more than $100m from cryptocurreny platforms in the Quarter
IT Risks Report
Netwrix – 36pgs – 2nd October 2018
22% of intellectual property theft is due to a human error.
26% of organizations do not have a designated compliance person.
70% of companies are already doing risk assessment but not regularly enough.
Insiders cause an overwhelming majority of security incidents by accidental actions.
Most organizations are failing to implement the fundamental security practices that mitigate IT risks
2018 Webroot Threat Report
Webroot – 13pgs – September 2018
Phishing: the Unrelenting Attack
Cryptomining Dethrones Ransomware as #1 Threat
Malware rounds out the top three threats seen in the first half of 2018
93% of breaches are initiated by phishing, and 22% of employees have clicked at least one phishing link in the last year.1
The threat actors behind Emotet now have the option to create additional layers within their botnet, ultimately increasing its resiliency.
The Illicit Cryptocurrency Mining Threat
Cyber Threat Alliance – 25pgs – 21st September 2018
Cryptocurrency mining detections have increased by 459% between 2017 and 2018.
Cryptocurrency is being used for digital transactions but without the backing up of a trusted third party.
McAfee’s June 2018 Threats Report noted a 629% increase in total coin mining malware in the first quarter of 2018.
One large-scale browser-based illicit cryptocurrency mining campaign took place in May 2018 compromising more than 400 websites.
2018 Travelers Risk Index
Travelers – 1pg – 20th September 2018
50% of businesses do not purchase their cyber insurance.
23% of businesses are not familiar with their cyber insurance options.
52% of businesses consider it inevitable that they will become a cyber victim.
63% of organisations have not assessed the cyber security of vendors with access to their data.
95% of businesses rely on their computer systems functioning properly for their business to operate.
91% of companies are confident their company has implemented best practices to avoid/ mitigate a cyber event.
Connected Living: The Voice of the Consumer
Gemalto – 21pgs – 18th September 2018
54% of consumers fear a lack of privacy regarding IoT devices.
95% of respondents are concerned over the personal data being collected by IoT devices.
64% of 2,500 consumers say they are "willing to pay a premium for a guarantee of security on IoT devices".
78% of consumers rank security as a top three priority when purchasing an IoT device, compared to cost at 67%.
Hacker Survey Report
Thycotic – 13pgs – 18th September 2018
5% identified as black hat hackers
Don’t rely only on GPO for security
70% considered themselves white hat hackers
30% admitted to potentially law breaking hacking
Europol – 72pgs – 18th September 2018
Ransomware remains the key malware threat in both law enforcement and industry reporting.
Islamic State (IS) continues to use the internet to spread propaganda and to inspire acts of terrorism.
Cryptomining malware is expected to become a regular, low-risk revenue stream for cybercriminals.
Only if law enforcement, the private sector and the academic world work together closely, can cybercrime be combated effectively.
Cyber-attacks which historically targeted traditional financial instruments are now targeting businesses and users of cryptocurrencies.
Insuring the Future
Accenture – 16pgs – 11th September 2018
8% decrease in successful security breaches over the past 12 months.
CISO’s role should be evolved and be more integrated with the business.
Cybersecurity teams will be challenged more than ever to validate and protect data.
Cyber threats are increasing in sophistication due to the availability of high-tech tools.
From Insecurity to Resiliency
Accenture – 16pgs – 11th September 2018
It is extremely hard to be Cyber Resilient.
42% of breaches are not detected for more than a week while 9% may require more than a month.
Just 38 % of firms surveyed hold their ecosystem partners to the same cybersecurity standards as their business.
80% or more of banking executives are “confident” or “extremely confident” about their cyber defence effectiveness.
Only 22% of banks surveyed have increased their investment in cyber defences by 100% or more over the past 3 years.
Cybersecurity for the modern era
Proofpoint– 15pgs – 5th September 2018
90% of targeted attacks start with email.
$5.3 billion the cost of email fraud from October 2013 to December 2016.
Attackers are the ultimate adapters – changing their tactics to present a moving threat.
Social media phishing is the fastest-growing social media threat, with a 150% increase from 2015 to 2016.
Annual Report Telecom Security Incidents 2017
Enisa – 31pgs – 30th August 2018
System failures are the dominant root cause.
A fifth of the incidents are third party failures.
51% of all reported incidents affected mobile telephony.
62% of the reported incidents were caused by system failures or technical failures.
What are botnets downloading?
Kaspersky – 1pg – 30th August 2018
The share of banking Trojans among bot-downloaded files in 2018 decreased.
The number of downloaded droppers is also on the rise, indicative of attacks that are multistage and growing in complexity.
Increasingl, botnets are leased according to the needs of the customer, and in many cases it is difficult to pinpoint the “specialization” of the botnet.
Backdoors consistently make up the bulk of downloads; that is, botnet operators are keen to gain maximum possible control over infected devices.
The Fake Email Crisis
Valimail – 11pgs – 27th August 2018
91% of all cyber attacks start with a phishing email.
6.4 Billion fake messages are sent worldwide every day
The United States continues to lead the world as a source of fake email
Protected Health Information Data Breach Report
Verizon – 20pgs – 26th August 2018
58% of incidents involved insiders.
Healthcare has a major paper problem that causes sensitive data leakage.
Healthcare is the only industry in which internal actors are the biggest threat to an organization.
Ransomware is responsible for 70% of breach attempt incidents.
Cybersecurity mistakes all small business employees make, from entry level to the C-Suite
Switchfast – 11pgs – 24th August 2018
35% of SMB leaders don't know what a Clean Desk.
35% of employees don’t even know if there is a response plan in their company.
60% of small businesses that suffer a breach are likely to go out of business within six months.
Negligent employees remain the number one cause of data breaches at small businesses across America.
Malwarebytes Global Cyber Study – 8th August 2018
Nearly 15% of U.S. security budgets go to remediating active compromises.
Consensus estimate is that more than five percent of global security pros are Gray Hats.
12% of 900 cyber professionals reported they have considered “black hatting” (working for criminals).
Mid-sized companies’ security budgets increased nearly 36% to protect against the high volume of malicious attacks.
CYBETHREATSCAPE REPORT 2018
MidYear CyberSecurity Risk Review – 71 pgs – 3rd August 2018
Organizations should stay as current as possible on both the broader threat and the specific threats' landscape.
The attack surface for threat actors and threat groups growing and expanding.
Organizations should think beyond the enterprise to the full ecosystem.
71% believe that cyberattacks are still a “bit of a black box”
The Cybersecurity and Identity Gap Survey
CORE SECURITY – 18pgs –1st August 2018
44.7% increase in data breaches since 2017.
$93 billion are expected to be spent on cyber security by the end of 2018.
Most organizations risk breaches due to gap between Identity and Cybersecurity silos.
81% of confirmed data breaches today still involve weak, default or stolen passwords
Small and Mighty
How Small and Midmarket Businesses Can Fortify Their Defenses Against Today’s Threats
CISCO – 13pgs – 26th July 2018
Midmarket companies investigate 55.6% of security alerts.
The disclosure of vulnerabilities to FDA and other regulators may be required.
39% of respondents reported that at least half of their systems had been affected by a severe breach.
40% of respondents experienced eight hours or more of system downtime due to a severe security breach in the past year.
Under GDPR, Data Breach Reports in UK Have Quadrupled
Mathew J. Schwartz – Bank Info Security – 25th July 2018
"The 72 hours to file a report isn't just to email or phone us" - ICO
The number of breach reports submitted to UK's ICO quadrupled in the months before and after GDPR.
Organizations based outside the EU but which store or process Europeans' personal data must also comply with GDPR.
Organizations need to have detailed policies and procedures in place to help data controllers best make breach determinations going forward.
2018 Data Exposure Report
Code 42 – 32pgs – 24th July 2018
A feeling of personal ownership over work puts data security at risk.
50% of business leaders and 63% of CEOs admit to clicking on a link they didn’t intend to.
Even the strongest data security policies and perimeters are no match for human emotion and behaviour.
78% of CEOs and 74 % of business leaders agree that ideas are data, and still the most precious assets in the enterprise.
Foreign Economic Espionage in Cyberspace - DNI – NSCS - 20 pgs – 24th July 2018
Hackers are targeting software supply chains to achieve cyber espionage, organizational disruption, or financial impact.
2.2 million computers were infected by their anti-virus software CCleaner, when it was compromised with Floxif malware downloader.
Cybercrime tactics and techniques: Q2 2018
Malwarebytes – 25pgs – 23rd July 2018
Cryptomining detections are still hot, but starting to decline.
The second quarter of 2018 had a huge spike in backdoor malware detections.
The first quarter of 2018 ended with a massive campaign effort to infect thousands of users with the Emotet banking Trojan.
ERP Applications under fire
Digital Shadows – 30pgs – 23rd July 2018
Cybercriminals have evolved malware to target internal, “behind-the-firewall” ERP applications.
Hacktivist groups are attacking ERP app to disrupt critical business operations and penetrate organizations.
There has been a dramatic increase in interest in exploits for SAP apps in dark web and cybercriminal forums.
Nation-state sponsored actors have targeted ERP applications for cyber espionage and sabotage.
Securing the Supply Chain
Vanson Bourne – Crowdstrike – 46pgs – 22nd July 2018
68% of security professionals say they are not prepared to defend against supply chain attacks.
81% of senior IT decision makers say they need to spend significantly more on software supply chain security.
79% of security professionals say software supply chain attacks could become one of the biggest cyber threats to organizations over next 3 years.
Quarterly Incident Response Threat Report
Carbon Black – 16pgs – 19th July 2018
59% of cyber attacks now involve lateral movement
35% of respondents say attackers' end goal is espionage
46% of cyber response experts have experienced counter incident response
78% of cyber response experts say the financial industry is attacked most often
2018 Cost of a Data Breach Study: Global Overview
Ponemon Institute LLC - 47pgs – 12th July 2018
US organizations pay the highest price for losing customers after a data breach.
Healthcare companies have the highest days to contain a cyber incident at 103 days.
Third party involvement in a breach and extensive cloud migration at the time of the breach increase the cost.
Incident response teams and the extensive use of encryption result in the greatest decrease the cost of a breach.
The typical enterprise is estimated to have a 28% chance of suffering a material breach in the next 24 months.
The cost of the typical data breach has risen 6.4% this year, and now stands at $3.86 million
Singapore Cyber Landscape - CSA - 50 pgs - published 19th June 2018
832% annual increase in fake websites (Phishing URLs) with a Singapore link
17% annual increase in website being hacked and defaced across Singapore
2018 expected to see more spoofed mobile applications and Wi-Fi
2018 expected to see AI-enabled social engineering attacks
Cyber Security Preparedness Survey
Netrika – 48pgs – 15th June 2018
Data Breach Reports
Identity Theft Resource Center (ITRC) - 137pgs - 11th June 2018
28% of 2018's reported breaches have been in the Health Sector, and 13% in Financial Services.
71 data breaches announced across the USA in May, bringing the total to 522 in the first 5 months of 2018.
National Exposure Index - Inferring Internet Security Posture by Country
Rapid7 - 60 pgs - 7th June 2018
Rapid7 have identified 500,000 servers that are still vulnerable to WannaCry and similar malware.
In 2018, Rapid7 identified 13 million exposed database services, which a a significant risk of data loss worldwide.
Rapid7's data indicates that the countries that have the most exposed internet servers are the USA, China and Canada.
Amplification potential can be abused by malicious actors either to cause DDoS events on their own, or in conjunction with more serious attacks.
Lloyd’s City Risk Index
Lloyd's – 11pgs – 6th June 2018
Climate risks will cost cities $123bn.
Asian cities account for 44% of global city risk.
Improved resilience could save $73.4bn each year.
GDP@Risk in the world’s major cities is $546.50bn per annum.
2018 Risk: Value Report
NTT Security – 12 pgs – 4th June 2018
In Sweden, 27% of companies worry about a lack of employee skills in key areas.
69% of UK organizations fretted about brand damage, compared to 52% globally.
Companies are over-confident about their level of vulnerability: 47% claim that had not been affected by data breaches yet.
73% of UK respondents worried about the impact on customer confidence following an information security incident, compared to the 56% global average.
On the Money: Growing IT Security Budgets to Protect Digital Transformation Initiatives
Kaspersky – 27pgs – 2nd June 2018
23% of IT budgets are now allocated for cybersecurity.
47% of CEOs are being challenged by their boards to digital transform.
Cyber attacks become more sophisticated with devastating financial and reputational implications.
The costliest threats are related to data leaving the business premise ($1.09m) followed by inappropriate data sharing by mobile devices
2018 Cybercrime Report – Europe Deepdive: Insights from the ThreatMetrix
Threat Metrix – 19pgs – 17th May 2018
80m European attacks detected and stopped in Q1 2018.
38% of all cyber attacks originate from Europe.
21% of bot attacks originated from Europe in Q1 2018.
European login attack rates over double the global figure
2018 EfficientIP Global DNS Threat Report
Efficient iP – 12 pgs – 16th May 2018
£715,000 is the average cost of DNS attacks
77% of organisations is subject to a DNS attack
33% of organisations has suffered data theft via DNS
Cyber attacks in 2017 cost around $1 trillion in damages, compared with $300 billion for natural disasters
U.S. Department of Homeland Security – 35pgs – May 15th 2018
An excess of 20bn devices will be connected to the Internet by 2020.
Non-state actors' cyber capabilities are equally sophisticated with those of nation-states.
DHS identified 5 key pillars of risk management for effective mitigation
Looking beyond 2018: the future of cyber security
Pulsant – 14pgs – 10th May 2018
80% of security professionals see people as the industry’s biggest challenge.
The cyber security market will reach £163.17 billion ($231.94 billion) in 2022.
Cyber criminals and their attack methods are becoming increasingly sophisticated.
95% of attacks are perpetuated by amateur hackers who exploit the weaknesses in company systems.
Cyber security has evolved from being the stuff of Hollywood blockbuster plots, to becoming a national priority.
Data Breach QuickView Report
Q1 2018 Data Breach Trends –19pgs – 9th May 2018
686 breaches have been reported through March 31st, exposing approximately 1.4 billion records.
Fraud captured the top spot for the breach type compromising 1.27 billion exposed records during the first quarter.
The leading cause of breaches for the quarter was Hacking (unauthorized intrusion), accounting for 38.9% of incidents.
Properly Framing the Cost of a Data Breach
DarkReading – 8th May 2018
Who knows What, When?
Simple graphs do not always reflect the reality.
Negative Publicity increases the costs of the breach.
Governing Cyber Risk
A Guide for Company Board – 24pgs -26th April 2018
7 key questions for Boards include: has breach response plan been dry-run?
7 key questions for Boards include: is cyber governance independently assessed and certified?
How Secure is Blockchain really?
MIT Technology Review - Orcutt – 1pg – 25th April 2018
Hackers CAN and DO break into "hot wallets".
Neither Bitcoin nor Ethereum is as decentralised as you may think.
In 2016 hackers stole $80 million from Decentralised Autonomous Organisation (DAO).
Cyber Security Breaches Survey 2018
DCMS - Ipsos MORI – 58 pgs – 25th April 2018
53% of businesses that have experienced a cyber breach have been seriously affected.
42% of UK businesses with <50 staff know they were ATTACKED in last 12 months.
13% of UK businesses with <50 staff know they were BREACHED in the last 12 months.
74% of businesses' senior management say cyber security as a high priority.
£152 is the median spend on cyber security by staff with less than 50 staff.
73% of businesses have no formal cyber security policy in place.
Managing Insider Threat
James Christiansen – 27 pgs - 20th April 2018
27.5% annual growth in data breaches reported by businesses
32 staff say they will steal company data per year, in a typical business with 1,000 staff
BlueBorne – an airborne cyber attack
Nadir Izrael - 31 pgs – 20th April 2018
BlueBorne does not need users to access internet, click on a link, download a file or pair device
BlueBorne malware spread from device to device, to steal credentials or deliver ransomware
5,300 million devices are at risk from BlueBorne malware, which spreads via BlueTooth
Study of Cyber Security Professionals
Jon Oltsik – 15 pgs – 20th April 2018
43% of IT Security specialists say Execs should have cybersecurity as performance metrics
24% of IT Security specialists say Execs don’t understand or support appropriate cybersecurity
46% of IT Security specialists say most organisations are “extremely vulnerable” to cyber attack
Into the web of profit
Bromium – 178pgs – 20th April 2018
Hackers-for-hire can cost $200 for small hacks.
Cybercrime generates at least $1.5 trillion in revenues each year.
10% of globally laundered money is attributed to cybercrime revenue.
$1bn in profits is generated through multinational cybercrime operations.
How AI will be used for to manipulate videos
The Verge – 17th April 2018
Voices can be faked by AI if the computers have just minutes of real audio to analyse.
AI-based face-swapping software causes concern for progression of ‘fake news’ and spear phishing
Lazy hackers turn to automated tools
BBC News – 17th April 2018
Within 15 seconds of getting access, the bot:
• sought out and exploited several known vulnerabilities
• scanned the network to which the server was connected
• stole and dumped credentials for other vulnerable machines
• created new user accounts for its creators to use
20 billion cyber attacks are blocked every day.
2018 Security Report
Check Point Research - 46 pgs - 14 April 2018
77% of IT Professionals feel unprepared for today's Cyber Security challenges
The new IoTroop Botnet is recruiting IoT devices at great pace & could be devastating when it attacks
2018 Data Breach Investigations Report
Verizon – 68pgs – 12th April 2018
68% of breaches took over a month to detect.
93% of breaches used Phishing and Pretexting.
59% of Phishing attacks were financially motivated.
The cyber threat to UK business
NCA – 28pgs – 10th April 2018
$9bn global loss projected from BEC scams in 2018.
Only 40% of data stored in clouds is access secured.
Mandate fraud is third highest method to defraud companies.
Ransom DDoS attacks seen sharp rise – costing companies up to $1m.
2018 Global Security Report
Trustwave – 105pgs – 5th April 2018
Financial Services are suffering more breaches of their corporate networks than any other sector
100% of web applications have at least one vulnerability, with average of 11 vulnerabilities
55% of Corporate Network breaches are achieved through Phishing or Social Engineering
45% of E-Commerce site breaches are achieved through malicious file upload
60% annual increase in high impact Vulnerabilities disclosed in last year
2018 Internet Security Threat Report
Symantec – 4pgs – 4th April 2018
46% increase in Ransomware variants over last 12 months.
8,500% increase in Cryptojacking (coinminers on endpoint computers) during last 12 months
600% increase in IoT attacks (on devices in the "internet of things) during last 12 months
54% increase in new Mobile Malware variants and apps during last 12 months
Vulnerability Review 2018
Flexera – 17pgs – 3rd April 2018
Zero- Day vulnerabilities remain rare: 12 out of 19,954.
20,000 High-profile vulnerabilities were documented in 2017.
Major gap remains between identifying vulnerabilities and fixing them.
86% of known vulnerabilities have patched available at the disclosure day.
High-profile vulnerabilities and breaches hit the front pages forcing many businesses to adopt a reactive approach.
IBM X-Force Threat Intelligence Index 2018
IBM - 43pgs - 31 March 2018.
79% of malicious activities on enterprise networks in 2017 were injection attacks.
Over 2.9bn records leaked in 2017 from publicly disclosed incidents.
Financial services ranked #1 for security incidents target in 2017.
$2.1 trillion losses forecasted by financial firms by 2019.
Cyber Security: Export Strategy
Department for International Trade – 20pgs – 26th March
Pursue, Enable, Respond: The three Key stages of the new cyber security strategy.
90% of big businesses have been hit by a major cyber attack but still lack a good understanding around potential cyber risks.
Internet Security Threat Report
Symantec – 89pgs – 22nd March 2018
1 in 13 web requests in 2017 lead to malware.
7% rise of zero-day vulnerabilities recorded in 2017.
Over 1,000 Ransomware each day were detected last year.
24,000 malicious mobile applications were blocked each day last year.
Declassified: Unravelling the cyber skills gap & talent shortage
Cybrary – 20pgs – 22nd March 2018
Cybersecurity industry shortage effecting 2/3's of organisations.
68% doubt their organisations ability to defend against breaches.
85% have to contribute towards cybersecurity training expenses.
80% of respondents are unprepared to defend against cyber threats.
Training is a key factor in breach resilience on employee and corporate levels.
Threat Horizon 2020
ISF - 4pgs - 21st March 2018
Employees are targeted to expose organisation vulnerabilities.
Attackers utilising AI will create self-learning malware.
Fear looms over weaponised IoT devices.
The black market report
Armor – 16pgs – 20th March 2018
$12.99 is the price tag of your online identity.
$100bn's in cybercrime costs for businesses globally.
U.S. financial loss from cyber attacks has exceeded $1.3bn.
$200 per day is the cost to 'hire' a DDos attack.
Policing and Cyber Crime
Parliament Street – 4pgs – 20th March 2018
Police forces spend as little as £6 per person on training.
Effective policing requires a standardised cybercrime strategy.
£130bn is stolen from consumers annually as a result of a cybercrime.
£1.3m (only!) spent by Police Forces to bridge the knowledge gap between police and cybercriminal.
Small Gains, Big Wins
Bitdefender –11pgs – 19th March 2018
20% of Executives view the finance department as a main target.
75% sees managers as the biggest source of poor security practice.
"Loss of Customer Trust" the most feared impact of a data breach for any organisation.
40% regard the human element being an important factor when detecting cyber threats.
Russian Government Cyber Activity Targeting Critical Infrastructure
DHS and FBI - 19 pgs - 15th March 2018
Details Russian government actions against U.S. Government, + energy, nuclear, commercial, water, aviation, & critical manufacturing sectors.
HR Department's public web page accidentally provided sensitive info on industrial control systems at organisation targeted by Russians.
The Third Annual Study on the Cyber Resilient Organization
Ponemon – 44 pgs – 15th March 2018
69% of high performers have a mature cybersecurity program in place.
66% say that Incident response plans often do not exist or are "ad hoc".
61% say that hiring skilled personnel improved their cyber resilience.
Not a Bitcoin owner? You could (still) be at risk
Check Point – 12th March 2018
$425 million already stolen from Coincheck in 2018.
Crypto-Mining attacks produce devastating reputational risks for the organisation.
100-fold increase in Crypto-Mining attacks in the last six months, stealing energy & processing power.
55% of organizations were a target of crypto-mining attacks in December 2017 alone.
Crypto-Mining malware can easily consume the entire CPU power of your servers.
Losing the cyber culture war in healthcare
Accenture – 10slides – 1st March 2018
18% of respondents willing to sell confidential date to unauthorised parties for as little as $500.
24% of health employees are aware of someone in their organisation who has sold their credentials or access to unauthorised outsider.
99% of respondents that an organisation cannot rely solely on employees to safeguard data.
The cyber aware perception gap
HM Government – 32pgs – 1st March 2018
86% of small firms have no incident management processes to counter security breaches.
69% of businesses do not perceive cyber security as a very high priority for senior management.
The average person is 11 times more likely to fall victim of cyber crime than a robbery.
45% of SMEs had their data breached in the past 12 months.
2018 Global Threat Report - Crowdstrike – 42pgs – 26th Feb 2018
Over 90 Billion (!) cyber events now take place worldwide every day.
Criminals are accessing military-grade cyber weaponry because of a “new” trickle-down effect.
118 minutes was the average breakout time, moving from your first compromised computer to your other systems.
39% of malicious software now gets past traditional antivirus defences, because it cleverly avoids writing data to your computer disk.
2018 Study on Global Megatrends in Cybersecurity
Ponemon & Raytheon – 12 pgs – Survey of 1,100 senior IT staff – 23rd Feb 2018
66% of experts expect their company value will be "seriously diminished" in next 3 years by a cyber attack
The fastest growing worry for those responsible for cybersecurity: "Inability to minimize employee-related risk"
129% growth in importance given to Organisational Factors over 3 years to 2018, now ranked #4 among cyber risk areas.
Twice as many organisations now expect their cyber security to decline in next 3 years (19% say that in 2018, vs 11% in 2015)
Cyber Resilience & Trust Report –February 2018
Darkmatter – 28pgs – 23rd February 2018
Cyber threats are turning digital society more anarchic and dangerous.
The IoT is reshaping the threat landscape, enlisting things into botnets.
87% of global public are concerned about the privacy and security of their personal data.
To tackle the threats of tomorrow organisations must adopt a more predictive and antifragile philosophy.
Annual Cybersecurity Report 2018 - Cisco - 22 Feb '18
83% of IoT devices sampled still have critical vulnerabilities.
Lack of trained staff is the fastest growing challenge to cybersecurity.
62% of suspicious downloads by staff occurred outside of normal work hours.
44% of cybersecurity alerts are not investigated at all, & only 17% of alerts are remediated.
Operations and Finance are the two departments most likely to be affected by security breaches.
2018 Breach Briefing
Beazley – 16pgs – 21st February 2018.
46% of cyber incidents reported to insurers were caused by external criminals, via hack, malware or social engineering.
51% of cyber incidents reported to insurers were caused by staff, including accidental disclosure and deliberate crime.
84% of payroll diversion attacks impacted middle-market organisations.
63% of W-2 incidents impacted middle-market organisations.
Economic Impact of Cybercrime – No slowing down
McAfee – CSIS – 28pgs – 21st February 2018
Only 13% of cybercrime is reported in the UK.
Nearly half of UK crime is online fraud or other cyber crime.
Every day, criminals create up to 1 million malicious software products.
Global cybercrime will cost $600bn in 2018 (0.8% of global GDP).
Every day, criminals conduct about 80 billion malicious scans
The Malicious Use of AI (Artificial Intelligence)
Published by Oxford & Cambridge Universities, 101 pgs - 21st Feb 2018
AI will expand existing cyber threats, change their character and introduce new ones.
Spear Phishing cyber attacks (customised to the individual victim) may be partially automated by AI.
AI's efficiency, scalability, and ability to exceed human capabilities suggest highly effective attacks will become more typical.
BitSight - analysis of 1,212 federal contractors in USA - 16th Feb 2018
Botnet infections are prevalent amongst the US government contractor base.
8% of Healthcare suppliers to the US government reported a Data Breach over the last 25 months.
Nearly one in five users at Technology and Aerospace contractors are vulnerable to malware as they use an outdated internet browser.
Voice of the analyst study
Cyentia Institute – 24pgs – 12th February 2018
30% of respondents feel disrespected in the wider industry.
28% of respondents lack experience in stopping an intrusion.
Event monitoring analysts are least likely to identify intruders.
25% of experienced analysts are highly dissatisfied with their present job.
Business Continuity Report (BCI) – Horizon Scan - 36pgs – 9th February 2018
42% of Business Continuity Managers are extremely concerned about the risk of a Data Breach.
Cyber is the most worrying type of threat to Business Continuity Managers in every Geography and Sector.
The potential emergence of a global [cyber] pandemic becomes more and more realistic.
54% of respondents use ISO 22301 as a framework but are not certified.
State of the Internet - Security
Akamai - global report based on data in Q4 2017 - 28 pgs - published 7th Feb 2018
Worldwide, there has been a 14% increase in DDoS attacks in last 12 months.
Germany was the source of 30% of DDoS attacks observed in Q4 2017.
79% of DDoS attacks were suffered by the Gaming industry.
SQLi made up 50% of web application attacks in Q4 2017.
2018 Cyber Readiness Report
Hiscox – survey of 4,100 businesses - 24pgs – 6th February 2018
German firms have been hit hardest by cyber crime, cost figures ranging up to $5 million.
53% of the US government entities have reported a cyber incident in the past year.
The average organisation spends 10.5% of their IT Budget on cyber security.
73% of responding organisations rank as cyber novices.
Cyber Incident and Breach Trends Report
Published by Online Trust Alliance – 11 pgs - 25th January 2018
52% of data breaches in last 12 months were the result of actual hacks
93% of data breaches in last 12 months could have been prevented
18.2% is the annual growth rate in reported data breach incidents
90% rise in business targeted ransomware in last year
Cybercrime Tactics and Techniques: 2017 State of Malware
Malwarebytes - 32 pgs - published 25th Jan 2018
"The second half of 2017 marked an average of 102% increase in banking Trojan detections."
"Ransomware detections increased by 90 percent for businesses in last 12 months."
"2017 saw a massive increase in the malicious use of cryptominers."
"The volume of adware increased 132 percent year-over-year."
Risk Barometer - Top Business Risks for 2018
Allianz - survey of 1,911decision makers in 80 countries - 21 pgs - 16th Jan 2018
"Cyber Incidents are the business risk that are currently most underestimated."
Cyber risk is expected to still be be a top 3 risk in 10 years, for 48% of businesses surveyed.
The way in which a business manages a data breach has a direct impact on the final cost.
Cyber Resilience Playbook - World Economic Forum - 16th Jan 2018
The Playbook is intended to guide intra-state public-private collaboration on cybersecurity policy, including:
- Cyber exercises are one of the best ways to test an organization’s robustness and resilience
- Government involvement in Zero-day market, including research and purchasing
- Trade-offs between values created by Attribution policy choices
Carbon Black 2017 Threat Report
Non-Malware attacks and Ransomware Continue to own the spotlight – 17pgs – 3rd January 2018
$5 Billion was the cost of ransomware attacks in 2017.
6.8% per month increase in non-malware attacks.
52% of all attacks in 2017 were non-malware.
Ransomware piercing the anti-virus bubble
Malwarebytes – 6 pgs – 20th December 2017
Complacency creates opportunities for a hacker.
The growth in the volume and sophistication of ransomware attacks is widely expected to continue in the coming years.
The market for endpoint protection solutions is forecasted to grow from US$4.8bn to US$5.8bn between 2017 and 2020 (Radicati Group).
Existing defenses often fail to protect data and systems from new strains of attack, and will continue to fall short unless …preventive measures are in place
CyberArk Global Threat Landscape Report 2018: The Business View of Security
CyberArk – 6pgs –14th December 2017
52% of business leaders unsure as to what they should do in a cyber incident.
31% of security professional surveyed do not use privileged account security solutions.
46% of business leaders believe that they "cannot stop every cyber attempt"to break in.
It is not uncommon for organisations to hide the extent of damage caused by a cyber attack.
50% of organisations did not fully inform customers when their personal data was compromised in a cyber attack.
Cybersecurity Trends 2018
ESET – 30pgs – 14th December 2017
Back up everything that matters to you.
Cyberthreats to critical infrastructure are rising dramatically.
Hacktivism and attacks during electoral campaigns occur more often than not.
Blockchain security: What keeps your transaction data safe?
IBM – 1 pg – 12th December 2017
All blockchains are not created equally.
The bigger your network is, the more tamper-resistant your blockchain will be.
Public blockchains are designed around the principle of anonymity and may not always be right for enterprises.
A guide to cybercrime for CEOs
Malwarebytes - 17pgs - 7th December 2017
2,000% increase in Ransomware over last 2 years.
23% increase in all types of identified cybercrime attacks on businesses since 2016.
"Instead of closing gaps and filling holes, businesses have to turn offensive in the battle against cybercrime."
In the 1980s & 1990s, ‘Hacking’ transformed into criminal activity. In the 2000s, it piqued the interest of criminals & nations.
2017 Payment Security Report - Verizon – 58pgs – 7th December 2017
66% of customers say they are unlikely to do business with an organization that experienced a breach
Quarterly Threat intelligence report by NTT
Global Threat Intelligence Center (GTIC) – Q3 2017 – 19pgs – 29th November 2017
Single insider threat incidents in 2016 cost enterprises an average of $7.8m.
15% of staff took "business critical information" when transitioning into a new company.
Non-compliance with corporate policy and negligence accounts for 68% of insider threats.
42% increase in phishing attempts followed by malware infections were witnessed in Q3 2017.
Western European Cities Exposed [Cyber Assets]
Trend Micro - 51 pgs -Analysis of over 2m IP addresses in 10 cities - 28th November 2017
The Western European City with the highest number of exposed cyber assets is Berlin.
Amsterdam has the most per exposed cyber assets per capita.
Your Threat Hunting Knowledge Compendium –107 pgs – November 2017
Unsolicited outbound communication to the hostile domain with no referrer could indicate malware command and control.
Organisations need to have a clearly defined, evaluated, executed and matured response strategy in place.
Cyber Threat Intelligence and the Pyramid of Pain.
High-end intruders are always one step ahead.
Quarterly Threat Report – Quickheal – 28pgs – 20th November 2017
Compared to Q2 2017, Q3 2017 registered a drop of 11% in the detection count of Windows malware samples.
The only truly secure system is one that is powered off, cast in a block of concrete and sealed in lead-lines room with armed guards.
Cryptomic and Cerber ransomware are expected to hit its targets with new variants and sophisticated propagation techniques.
"Hoaxes prey on the Human Operating System."
2018 Security Predictions Report - Forcepoint – 21pgs – 20th Nov 2017
2018 will see many organizations undergo CISO reshuffles as these individuals realize they are unprepared for GDPR.
2018 will see increased risk of a breach from a trusted insider because of the adoption of cloud technologies.
2018 will see the Internet of Things (IoT) become a target for mass disruption
2018 will see Workforce Monitoring (UEBA) become a top priority for CISOs
Threat Intelligence Report
Nokia - data from the Nokia NetGuard Endpoint Security solution, protecting 100 million devices - 20 pgs - 13th Nov 2017
Cybercriminals are changing their focus from the Windows/PC ecosystem to smartphones and IoT devices.
0.68% of all mobile devices carry an infection identifiable by NetGuard Endpoint Security.
0.94% of Android devices carry an infection identifiable by NetGuard Endpoint Security.
The volume, velocity and variety of security data today is overwhelming security teams.
Poor PAM processes and policies leave the crown jewels susceptible to security breaches
Global Survey of IT Professionals – 18pgs – 7th November 2017
54% of companies use password vaults for admin and/or privileged accounts.
36% use Excel and 18% of companies use paper to store passwords.
98% change privileged passwords but only 14% do so after each use.
Fail to Plan, Plan to Fail: Understanding the role of LoB practitioners and SOCs in securing IoT environments
Forrester – 11 pgs – 7th November 2017
54% of security leaders are anxious about IoT security.
90% of companies expect an increased volume of IoT devices over the next 24 months.
48% of companies see improved awareness and visibility as a critical next step to improving IoT security.
CyberArk - survey of 825 professionals in Security and DevOps - 8 pgs -7th Nov 2017
Many organisations now have fast-growing a DevOps function, to achieve significant business and IT benefits.
Due to the dynamic nature of the DevOps function, key ‘secrets’ (like privileged account credentials) are copied and shared in multiple locations.
60% of DevOps staff store privileged account or admin passwords in a document on a company PC.
99% of the 825 professionals surveyed failed to identify all places such secrets are stored.
Cyber Resilience Report
Redseal - interviews with 600 CISOS and CIOs in USA and UK - 3pgs - 3rd Nov 2017
55% of CISOs and CIOs say they can't react quickly enough to limit damage in the event of a major security incident.
54% of CISOs and CIOs say they lack the resources and tools they need.
Investigation: WannaCry Cyber attack and the NHS
National Audit Office – 33 pgs – 27th October 2017
The NHS had not rehearsed for a national cyber attack, so it was not clear who should lead the response.
There was no clear relationship between vulnerability to the WannaCry attack and leadership in trusts.
The Department was warned about the risks of cyber attacks on the NHS a year before WannaCry but still failed to react.
Breach Insights Report
Beazley - review of 2,013 cyber incidents in 2017 - 3 pgs - 24th Oct 2017
34% of data breaches caused by hacking and malware; 29% of data breaches caused by unintended disclosure.
A social engineering attack occurs when a hacker uses deception to manipulate individuals into divulging con dential or personal information.
Nine-fold rise in data breaches due to social engineering in 2017 compared to 2016.
2017 Cybercrime Report
Steve Morgan – 14 pgs – 16th October 2017
Cybercrime damages will cost the world $6 trillion by 2021.
The Big Data Bang’ will explode from 2 billion objects to 200 billion by 2020.
Cybersecurity spending will grow from $86.4 billion to $93 billion in the next twelve months.
Every 40 seconds a business falls victim to a ransomware attack.
In 2018, a legion of small businesses will wake up to the reality that they are under cyber-attack
Cyber Threat-Scape Report - Accenture - 56 pigs - 5 October 2017
Criminal marketplaces are profitable and tools are more accessible to all.
Destructive cyber-threat activity is becoming more common and attribution is getting harder
Although governments are trying hard to avoid future leaks, more exploit arsenals will be exposed in the coming years.
An increasingly lucrative criminal marketplace is driving differentiated criminal offerings, emboldening and enabling more actors with better capabilities.
Sensitive Data at Risk - Data Protection Survey
SANS - survey of 257 IT and security administrators - 24 pgs - 30th September 2017
48% of breaches resulted in the exfiltration of sensitive data via an encrypted channel established by malware.
31% say lack of staffing and resources is the biggest obstacle to protecting sensitive data.
Europol (EC3) - "The Internet Organised Crime Threat Assessment"
IOCTA – 2017 – 80pgs – 28th September 2017
Coercion and sexual extortion are increasingly being used to victimize children online.
USA remains one of the key destinations for cashing out counterfeit EU payment cards, along with Southeast Asia.
Most terrorist activity concerns the open internet; however there is a share of terrorist exchange in the Darknet too.
Malware developers are pushed to rely more on other infection methods, including spam botnets and social engineering.
Law enforcement is witnessing a transition into the use of secure apps and other services by criminals across all crime areas.
Cisco - 2017 Annual Cybersecurity Report - 110 pgs - September
The top constraints to adopting advanced security products and solutions, according to the benchmark study, are:
Budget (cited by 35% of the respondents), Product compatibility (28%), Certification (25%), and Talent (25%).
Uber Arrogance “God View” and Data Protection
Noel Doherty – 2pgs – 18th August 2017
Uber failed to implement basic security practices to protect customers.
Uber may be fined up to 4% of its total annual turnover under GDPR.
2017 Data Breach Investigations Report - 76 pgs - 14 Sept. 2017
81% of hacking-related breaches leveraged either stolen and/or weak passwords.
73% of breaches were financially motivated; 21% were for espionage.
75% of breaches are perpetrated by outsiders.
51% involved organised criminal groups.
The colossal Equifax data breach has hit 400,00 UK customers
Mark Burgess – Wired – 18th September 2017
Equifax failed to treat either people’s data or the law surrounding it seriously.
A flaw in the American firm's systems left the data of a potential 143 million people exposed.
UK’s Informational Commissioner’s Office is “pressing” Equifax on the “nature of the data breach”.
"[Equifax's] Safe Harbour certification suggests that it was not a process failure but a conscious choice."
Effective Ransomware Responses - 8 pgs - FireEye - 15 Sept. 2017
Most ransomware attacks target either the confidentiality or availability of data.
Ransomware operators have infected victims worldwide using their native languages.
Ransomware has primarily affected Windows operating systems, but recently it has affected other operating systems.
EU to beef up cybersecurity agency
EUOBSERVER – Teffer – 13th September 2017
Europe faced 4,000 ransomware per day in 2016.
Cyberattacks know no borders and no one is immune.
Jean-Claude Juncker's proposal to set up a European Cybersecurity Agency confirmed.
Government wants to remain in EU cyber security club after Brexit
Scroxton – ComputerWeekly – 12th September 2017
Cyber security is a key element of protecting European security and values.
The UK is a world leader in cyber security and seeks to maintain its position.
Need for continuation of collaboration to promote conflict prevention, cooperation and stability in cyber space.
CyberSecurity across US Government
Security Scorecard - analysis of security posture of 552 government bodies - 24 pgs - 24th August 2017
Government ranks 16th out of 18th sectors in the USA when it comes to protecting its computer systems from hackers.
Government performs particularly badly in four categories of security measurements: Endpoint Security, IP Reputation, and Patching Cadence.
Among large departments of Government, the IRS, Congressional Budget Office and FTC have the fewest vulnerabilities visibilities visible to hackers.
State of the Internet, 2017
Akamai – 27 pgs - 23rd August 2017
25% increase in total web application attacks since 2016
Gaming customers were targeted by 81% of all volumetric DDoS attacks.
U.S. retained the top position both the source (112 million) and the target (218 milion) of web application attacks.
Even the best, most rational, risk-driven decision made six months ago may no longer be appropriate today.
Patching is not a simple issue. Organizations make patching decisions based on risk and business priorities.
Patching has direct costs, such as staff and testing, and indirect costs, such as downtime.
Data Protection: Employer Obligations and Motivations
General global assistance – White Paper – 24 pgs – 21st August 2017
Vetting third-party ventors could prevent information leakage into the wrong hands.
Establishing a cyber security culture within a workplace, eliminates the chances of a ‘human error’.
Employee data can be by far more valuable than customer data.
In cybersecurity, the only certainty is change.
Cyber security among charities: findings from qualitative research
IPSOS MORI – Department for Digital, Culture Media & Sport – 29pgs – 21st August 2017
“At the moment cyber security is not a priority, but I do see it becoming a big one in two or three years. Now our turnover’s low...”
“Because of the way we're structured, it's very difficult to have somebody that really focuses on cyber security ... “
Some charities lack the knowledge and skills to pull together training themselves.
Lack of awareness of the notion of cyber insurance among charities.
Online Privacy Guide: How to Stay Safe on the Web
Crace – 21st August 2017
Encryption minimises the risk of your data being stolen.
Employ two-factor authentication against password cracking.
FTSE 350 Cyber Governance Health Check Report 2017
HM Government – 28pgs – 21st August 2017
31% of Boards say they receive comprehensive and informative management information on cyber risk.
54% of Boards view cyber risk as a top risk when compared with all the risks faced by their company.
6% of Boards see themselves as completely prepared to meet the requirements of the GDPR.
68% of respondents have not received any training to deal with a cyber incident.
10% of Boards admit they do not have a plan to respond to a cyber incident.
Security Intelligence Report, 2017
Microsoft - data from over 600 million computers – 74 pgs – 18 August 2017
Over two-thirds of incoming attacks on Azure services in 1Q17 came from IP addresses in China (35,1%) and the U.S. (32.5 %).
Trojans were the most commonly encountered category of malicious software in 1Q17 by a large margin, led by Win32/Xadupi.
About 8 % of RCE and EOP vulnerabilities were exploited within 30 days of the corresponding security update release.
300% increase in user accounts attacked the past 12 months.
Second Annual State of Ransomware Report: UK Survey Results
Osterman Research – 23pgs –10th August 2017
14% of UK organisations admit they do not conduct ransomware security awareness training.
43% of UK companies paid their worst ransomware, vs 21% in USA, 17% in Germany and 16% in France.
For many UK- based organisations, the source of ransomware is unknown and higher than any country other than France.
71% of the UK-based organisations vs 75% globally see dealing with ransomware to be their highest priority but lack confidence in their abilities.
Downtime is the small business killer, not ransom demands.
Cyber attack landscape of 2017
Cyber Security Insider – 9th August 2017
2016 was one of the biggest years yet in cyber security terms.
The USA receives the most cyber attacks, followed by Germany, Netherlands and UK.
In the second half of 2016, the top five sources of activity were Russia, the Netherlands, the U.S., China and Germany.
Maintaining effective information security is a constant uphill struggle as you are never done.
Insider Threat Survey
Dtex Systems – SANS - 23 pgs - 7th August 2017
Managing internal threats is a Herculean task because of all the unknowns associated with this attack vector. It's easier to focus on external threats.
Organizations are spending over $4.3 million to mitigate, address and resolve insider-related incidents.
Malicious insiders continue to be a top concern (40%), followed by negligent user (36%).
68% of enterprises believe they have never experienced an insider attack.
2017 Risk Value Report: Business Security – Always a Journey, Never a Destination
NTT Security – White Paper – 12 pgs - 4th August 2017
33% of respondents don’t know where their data is physically stored.
Globally, only 40% of organisations believe that they will be subject to GDPR.
Just 39% of organisations in the U.K. currently identify GDPR as a compliance issue.
Outside Europe may organisations are failing to grasp how GDPR regulations will affect them.
Cyber Threats to SMEs in 2017
Webroot - online survey of 600 IT Decision-Makers at mid-sized businesses - 6 pgs - 1st August 2017
94% of medium sized businesses plan to increase their IT security budget, by an average of 12% this year.
96% of medium sized businesses say their organisations will be susceptible to external cybersecurity threats in 2017.
89% of medium sized businesses are confident they could successfully address and/or eliminate issues caused by a cyber attack.
Risk Index for Small & Medium Sized Businesses
Zurich - survey of 1,087 decision makers from British SME businesses (less than 250 staff) - 1st August 2017
16% of UK SMEs have fallen victim to a cyber-attack in the last 12 months, equating to more than 875,000 nationwide.
Businesses in London are the worst affected with almost a quarter (23%) reporting that they have suffered a breach within this period.
Of the SME businesses that were affected, 21% reported the cyber attack cost them over £10,000, including 11% who said it cost over £50,000.
25% of medium sized businesses say they have been directly asked by a customer or prospect about what cyber security measures they have in place.
5% of SMEs claim to have gained an advantage over a competitor because of stronger cyber security credentials.
49% of SMEs plan to spend less than £1,000 on cyber security in the next 12 months.
Cybersecurity Trends for Managed Service Providers
Webroot - Survey of 500 MSPs - 18 pgs - 28th July 2017
Nearly 90% of Managed Service Providers (MSPs) say their clients were hit by ransomware in last 12 months.
Nearly 70% of MSPs are not completely confident their clients’ endpoints are secure against future ransomware attacks.
Webroot has seen a 3,500% increase in cybercriminal internet infrastructure for launching attacks since January 2016.
12% of MSPs have paid Ransomware for their clients; 78% of MSPs say they never would.
Data Breach Trends, H1 2017
RiskBased Security - analysis of 2,227 breaches reported - 19 pgs - 27 July 2017
2,227 reported breached in the first half of 2017, exposing over 6 billion records.
Web, the leading cause of records compromised (68.3%) in 2017, but only 7.1% of incidents reported so far this year.
41.6% of reported breaches were the result of Hacking, yet accounted for 30.6% of the exposed records.
121 breaches, or 5.4%, affected Third Parties.
Black Hat 2017 Hacker Survey Report
Thycotic – 6pgs – 27th July 2017
The ‘human factor’ is to blame for the majority of the security breaches (85%).
Hackers cite “remembering and changing passwords” as the biggest source of cyber fatigue.
73% of the respondents see traditional perimeter security firewalls and antivirus as irrelevant and obsolete.
Nearly 10, 000 Vulnerabilities Disclosed so far in 2017 – Major vendors continue to be affected
Risk Based Security – 26th July 2017
Large number of unreported vulnerabilities makes PCI compliance problematic.
Midyear Cybersecurity Report
Cisco - 90 Pgs - 20th July 2017
20% of 300 companies surveyed by Cisco were infected by Spyware.
US$1 billion raised by criminals through Ransomware exploits in 2016.
$5.3 billion was stolen through "business email compromise" between October 2013 and December 2016.
6% of end users per cloud platform have privileged user accounts, which generates risk as only about 1% need them.
28% of IT experts at Medium Sized Businesses doubt the viability of their disaster recovery and business continuity plans.
Trends in Encryption and Data Security: Retail Edition
2017 Thales Data Threat Report – 16pgs – 20 July 2017
80% of global retail organisations deploy new technologies such as cloud, big data, IoT.
19% of U.S. retail organizations feel very or extremely vulnerable, vs 39% of retail organizations globally.
Compliance remains the number one reason for spending on security globally (44%).
At Mid-Year, U.S. Data Breaches Increase at Record Pace
ITRC – 18th July 2017
The business sector continues to top the list at 54.7% of the total breaches, followed by the healthcare/medical industry at 22.6%.
The exposure of credit/debit cards in the first half of 2017 rose slightly over 2016 figures, at 12.6 % and 9.6% respectively.
Bad news for consumers: cyber criminals intent on stealing their Social Security numbers, the most effective route to identity theft.
Counting the cost – cyber exposure exposed
Lloyd’s of London and Cyence, input from over 50 experts, 56 pgs, 17th July 2017
Lloyd’s estimates insurers will receive $3bn to $3.5bn in premiums for cyber insurance in 2017, with 85% of that paid in the USA.
$53bn direct losses could be suffered by businesses if a major cloud service provider (eg Amazon, Microsoft, IBM) suffered an extreme outage.
Successful attacks on popular hypervisor software used by cloud service providers could result in cascading outages & significant losses.
Decoding Cyber Risk: Cyber Risk Survey – UK results
Willis Towers Watson – Survey of 71 companies – 38 pgs – 14th June 2017
4% of UK businesses claim to have embedded cyber risk management within our company culture.
33% of UK businesses claim their Risk Management and HR functions work closely together on cyber
61% of UK businesses claim that insufficient employee understanding limits effective management of cyber.
Employees’ cyber behaviour is strongly linked to training time, type of work and age.
46% of employees spent less than 30 minutes in training in the last year.
Troops, Trolls and Troublemakers: A global inventory of organised social media manipulation
Computationa Propaganda Research Project– Oxford University – 37pgs – 14th July 2017
Governments have their own in-house teams tasked with influencing public opinion.
Fake accounts are “bots” or bits of code designed to interact with and mimic human users.
Cyber troop teams are highlystructured with clearly assigned duties and a reporting hierarchy.
Cyber troops engage in wide range of activities, from politology to research and development.
Major governments and political parties make use of social media for public opinion manipulation.
Organised social media manipulation occurs in many countries around the world.
Analysis: How data breaches affect stock market share prices
Information Security – 11th July 2017
On average, share prices suffer an immediate decrease following a breach of 0.43%.
More recent breaches had less of a negative impact on share price than older ones.
E-commerce and social media companies experience the long term share price drop.
The sensitivity of breached data had a less clear impact on share price in the long term.
Quarterly Report on Cyber Attacks on UK Firms
Beaming - Analysis of 1 pg - 6th July 2017
52% increase in number of internet-borne attacks on UK firms, in Q2 2017 vs Q2 2016
105 attempts per day by hackers to take control of database applications at each average UK firm
UK firms were, on average, subjected to almost 65,000 internet-borne cyber attacks each in the three months to June.
The Impact of a Security Breach
Dark Reading - Survey of 330 IT security professionals at companies with >100 staff -25 pgs - 30 June 2017
18% suffered from intellectual property theft or compromise of information confidentiality in the past year.
25% suffered direct financial losses due to an attack or breach in the past 12 months.
55% experienced phishing-initiated breaches in the past 12 months.
65% fell victim to malware-related breaches in the past 12 months.
Data Protection Risks & Regulations in the Global Economy
Ponemon Institute – 33pgs – 27thJune 2017
49% of organizations have outdated and inadequate security solutions to manage a global data breach.
70% of companies do not believe or are unsure whether the GDPR will benefit the victims of a data breach.
59% of companies are struggling to understand how to comply with the GDPR regulations.
Cyber Resilience Report
Business Continuity Institute (BCI) – Report – 33pgs – 27th June 2017
33% of organisations with a business continuity professional suffered cyber disruptions costing > €50,000
60% of organisations have top management committed to cyber defences (up from 55% last year)
57% of organisations say Phishing & Social Engineering are the top driver of cyber disruption
23% of organisations involve their Business Continuity teams in cyber resilience issues
Reputation management remains a key driver in pushing the cyber resilience agenda
Sensitive Data in SharePoint and other Collaboration Tools
Ponemon - survey of 1,043 IT security professionals in Germany, UK and USA - 49 pgs - 25th May 2017
79% don't have very effective tools for protecting sensitive content
68% don't have sufficient visibility of where sensitive data is located
PhishMe Malware Review 2017
PhishMe - analysis of 10,000 unique malware samples - 20 pgs - 6th June 2017
69% percent increase in botnet activity, which can facilitate a lengthy espionage operation
WannaCry was the “atom bomb of ransomware” worming malware
Know the Odds - Cost of a Data Breach
Ponemon - 1 pg - 20th June 2017
28% chance of suffering a material data breach, vs 0.5% chance of dating a millionaire
An experienced incident response team can help you quickly identify and contain a cyber attack
Be prepared to provide responders with logs & tools to help them understand what happened
Be prepared to quickly execute a reset of all passwords and service accounts
Cost of Data Breach - Annual Study
Ponemon - interviews of 419 organisations in 11 countries - 35 pgs - 20th June 2017
28% chance of businesses suffering a material data breach in next 24 months
14% reduction in total cost of a breach if companies have good incident response
$225 per lost record is average cost of breach in USA, vs $123 in UK and $64 in India
47% of breaches are caused by criminal or malicious activity; 28% by human error; 25% by system glitch
$380 per lost record is average cost of breach in healthcare, vs $150 in communications & $71 in public sector
National Exposure Index for cyber risk
Rapid7, study of percentage of internet servers that are insecure – 39 pgs – 14th June 2017
Belgium hugely reduced its cyber exposure in last 12 months, through national leadership efforts
In the worst 10 countries (e.g. Australia, Ireland) 5% of internet servers are insecure
The Russian Federation and China are among the top 50 most exposed nations
United States and China are leaders in providing internet services to the globe
In the best countries, less than 1% of internet servers are insecure
2017 User Risk Report: Results of an international cybersecurity awareness survey
WOMBAT (security technologies) – 16 pgs – 13th June 2017
US employees outpaced the UK nearly 2-to-1 in the misuse of corporate devices (71% vs 39%)
58% of US employees believe that their anti-virus software could save them from an attack
38% of US employees are using a password manage vs 10% in the UK
54% believe that a trusted location = trusted WiFi
Rethink Security: A massive paradigm shift in the age of access
Centrify – ebook – 36 pgs – 12th June 2017
Over $75B spent on cyber security last year to protect important assets
Cybercrime related damage costs are expected to exceed $6 Trillion annually by 2021
2/3 of all recent confirmed data breaches involved weak, default or stolen passwords
80% of security breaches involve privileged credential misuse
An average of 165,000 records are compromised every hour
Financial Infrastructure Report
Riksbanken - Sweden's Central Bank - 22 pgs - 7th June 2017
A comprehensive cyber attack could result in central financial services becoming unavailable.
Even an insignificant part of operations that has been outsourced can become a target for cyberattacks.
Cyber attack against an important external supplier of IT services could put critical IT systems out of action for several banks.
The Current State of Enterprise Endpoint Security
Duo - review of security on 4.6 million computer endpoints, e.g. smart phones - 53 pgs - 5th June 2017
62% of phishing campaigns captured at lease one credential and 68% had at least one out-of-date device.
53% of devices are running our of date Adobe Flash software, leaving them open to devastating attacks.
The majority of phishing cases feature phishing as a means to install persistent malware.
5% of mobile devices are "jailbroken" ("rooted") which opens them to malware attacks.
Hacking UK Trident nuclear systems
BASIC (British American Security Information Council) - 38 pgs - 2nd June 2017
80% of global cyber attacks originate from social engineering and spear phishing
Cyber warfare: a vital part of conventional warfare and a new military domain
A cyber attack on a submarine may be apart of a multidimensional attack
UK nuclear weapons’ cyber vulnerabilities and challenges are immense
Breach Impact Study
Ponemon, survey of 1,010 IT managers – Marketeers and Consumers – 31st May 2017
A data breach is one of the top three negative effects on brand reputation
61% of CMOs believe the biggest cost of a security incident is the loss of brand value
5% immediate stock price decline following the disclosure of a data breach
79% of consumers believe organisations have an obligation to control access to their information
70% of IT practitioners for not believe their companies have a high level of ability to prevent breaches
Modelling the cyber (insurance) gap
Novae Insurance, study with Oxford University, 7 pgs, 17th May 2017
Oxford University have modelled relationships between risk controls, assets, and cyber harm
78% of UK organisations are not fully confident they can recover after a cyber disruption
40% of SMEs don’t back up their data at all and 60% of business data held on PC does not get regularly backed up
Data loss and downtime cost enterprises over $1.7 trillion round the globe
51% of organisations lack a disaster recovery plan
Akamai’s [state of the internet] / security
Akamai - Report 80 pgs - 16th May 2017
28% increase in SQLi attacks in the last year
35% increase in total web application attacks in the last year
57% increase in web application attacks coming from the USA in the last year
UK Firms sleepwalking into cyber attach chaos
Lockton - Survey of 200 CFOs, CROs and CIOs - 1 page - 15th May 2017
27% of firms fail to ensure their staff know how to deal with a cyber breach
60% of UK firms “think” they are well-prepared for cyber threats, despite being dangerously exposed
Only 50% of UK businesses involve the Board in cyber-breach planning
Just 8% of UK companies use hacking detection methods every day
26% of companies do not fail to “cyber” educate new staff
Half of UK firms claim their broker fails to discuss cyber
CFC - research method not explained by author - 1 page - 8th May 2017
90% of cyber claims come from businesses with less than £50 million in revenue
50.8% of SMEs say that their insurance broker has not raised the issue of cyber insurance with them
56% do not have an incident response plan in place outlining roles and responsibilities in the event of a cyber attack.
UK Annual Statistics on Data Protection reports
ICO - the UK Information Commissioner's Office - key statistics - 15th May 2017
ICO becoming slower, with 18% decrease in percentage of concerns addressed in 30 days, from 50% (2015/16) to 32% (2016/7)
80% of breaches reported to ICO come from the sectors required to report to ICO: health (41%) & telecoms (39%)
31.5% increase in data breaches reported by UK organisations to ICO over last 12 months, to 2,565
12% increase in the number of concerns received from the public over last 12 months
0.7% of organisations that reported a breach are fined, while 3% are given an Improvement Action Plan
Today's security is not secure
Centrify – infographic – 1 pg – 15th May 2017
90% of all organisations are moving to the cloud
200 Billion IoT devices will need to be secured by 2020
$2.1. Trillion is the projected cost of data breaches by 2019
An average of 166,000 records are lost or stolen every hour
66% of organisations experience an average of 5 or more security breaches
Worldwide DDoS Attacks & Cyber Insights Research Report
NeuStar Security Solutions – 52 pgs – 5th May 2017
40% of respondents learned of an attack on their network from their customers
90% of companies are investing more on DDoS- specific defences more than they did 12 months ago.
63% of all respondents indicated that the average peak hourly revenue loss was greater than $100,000
Your employees won’t protect you
Glasswall – 10 pgs – 4th May 2017
Conventional antivirus and sandboxing solutions are no longer effective.
Relying on the vigilance of employees leaves a business open to devastating cyber-attacks.
94% of cyber attacks use what seems a legitimate email, Word files, Excel, PDF or PowerPoint.
In the US and UK, data-theft is the most commonly feared consequence of an attack.
Business E-mail Compromise - Annual Statistics by FBI and IC3 - 4th May 2017
2,370% increase in identified losses in 2 years.
20 business victims reported to IC3 per day in most recent 6 months.
The email accounts of Executives are hacked or spoofed, and used to ask a second employee to make a funds transfer.
Global Threat Intelligence Report
Dimension Data - includes analysis of over 6.2 billion cyber attacks - 36 pgs - 4th May 2017
73% of malware that entered organisations came through phishing attacks
68% of organisations have no formal plan for (technical) incident response
47% of cyber vulnerabilities at organisations are more than 3 years old
USD 67,000 is the average cost of a business email compromise
USD 700 is the average cost of a ransomware incident
2017 Internet Security Threat Report
Symantec - Data from 98 million sensors in 158 countries - 77 pgs - April 2017
266% increase in average ransomware demand over last 12 months, now at $1,077, vs $294.
237% increase in types of ransomware over last 12 months, now at 101, vs 30.
76% of websites have vulnerabilities, including 9% with critical vulnerabilities.
1 in every 131 emails sent worldwide is malicious.
2017 Thales Data Threat Report
Thales - Report - 20 pgs - 2017
68% of respondents have experienced a breach with 26% experiencing a breach in the 12 months
73% of organizations have increased IT security spending in last 12 months, up from 58% in previous year.
European Cyber Security Perspectives
KPN - report 68 pages - 11 May 2017
The threat to reliability, integrity and availability has never been this alarming.
Vulnerabilities in our information security lead to global instability.
The Realist's Guide to Practical Endpoint Protection
F-Secure - Report - 24 pgs
A hands-on guide to fighting emerging cyber security threats like ransomware.
Many organizations think they’re protected because they comply with cyber security regulations. The truth is, compliance is not enough.
Cyber Security: Are we barking up the wrong tree?
Article - Cyber Security Review - Ken Soh - The Good Hackers Alliance
Malware that crashes hard-disks and slows down desktop operations are common today and act by stealth.
Telstra Cyber Security Report
Telstra - survey of 360 IT decision makers - 52 pages - May 2017
30% of Australian organisations that suffered a ransomware incident and paid the ransom did not recover their files (pg 18)
26% of Australian executives say the CEO is responsible for cyber security; 19% say it's the CIO's job (pg 11)
23% of Australian businesses have conducted a cyber attack rehearsal (pg 12)
23% of Australian businesses have estimated the value of their data (pg 12)
7% of Australian Directors say cyber security is not at all important (pg 9)
Cyber threat to UK business
National Cyber Security Centre & National Crime Agency - report 24 pgs - April 2017
Cyber Threat to UK business is significant and rising
Cyber Insurance, Privacy and Data Security Newsletter
DAC Beachcroft - May Newsletter
"Significant and growing" risk of cyber threats, as outlined by a recent report by the National Crime Agency.
Warning of increased risk related to Industrial Connected Devices; Internet of Things and Botnets.
Cyber crime is becoming "more aggressive and confrontational".
JOINT COMMITTEE REPORT ON RISKS AND VULNERABILITIES IN THE EU FINANCIAL SYSTEM
Joint Committee of the European Supervisory Authorities - Report 16 pgs - 26 April 2017
Blockchain poses an increasing risk to Europe’s financial system
Inadequate IT governance can contribute to poor operational management practices
"Supervisors should consider to further assess the resilience of financial institutions to cyber security and ICT risks."
2017 Data Breach Investigations Report
Verizon annual survey Data Breach Investigations Report (DBIR) April 27, 2017.
81% of hacking-related breaches leveraged either stolen and/or weak passwords.
75% of breaches perpetrated by outsiders.
73% of breaches were financially motivated.
62% of breaches featured hacking.
Cyber Security Breaches Survey 2017
HMG (UK Government) + University of Portsmouth: survey of 1,500 businesses - April 2017
66% of medium sized businesses "experienced a cyber security breach or attack" in the last year (Fig 5.1, pg 39)
57% of those companies have been materially impacted, eg 4% suffered reputational damage (Fig 5.5, pg 44)
3.8 days is the average time taken by medium sized businesses to deal with a breach (Table 5.2, pg 45)
19% of companies that suffered breaches or attacks reported the most disruptive one to the Police (Fig 6.4, pg 53)
8% of all UK businesses are aware of Cyber Essentials scheme, including 18% of medium firms and 28% of large firms (Fig 3.3, pg 13)
Why computers will never be safe
Economist Magazine - Leader Page - April 2017
The incentives for software firms to take security seriously are too weak.
The risks posed by bugs and hacking are large and growing.
Computer security is a contradiction in terms.
The problem is about to get worse.
Phishing For Funds (BEC)
Keith Turpin - CISO, UWA - 33 pgs - 10th March 2017
In 1 ½ years there has been a 1,300% increase in reported losses.
22,000 victims have lost 3$ billion.
Cyber Threat Defense Report
Imperva - Cyber Edge -Survey of 1,100 IT Security decision makers - 37 pgs - 8th March 2017
33% of Ransomware victims paid the ransom, equal to 20% of all 1,100 surveyed
34% are confident they can monitor what their Privileged Users do online
Low security awareness among staff is the main concern among respondents
Likelihood of a breach
Forrester, survey of 203 IT decision makers – 16 pgs – 28th February 2017
49% of Level 4 firms are likely to never experience a security breach across six key areas vs 32% of Level 1 firms
Level 4 firms experience about 50% fewer breaches than Level 1 firms
Level 4 firms average $5 million in cost savings
Level 1 firms endure $5,184, 600 more in costs than Level 4 firms
Level 1 firms experience 90% less benefits than Level 4 firms
The Currency of Trust
CapGemini - survey of 180 security professionals + 7,600 consumers - 24 pgs - February 2017
21% of retail banks and insurers are highly confident that they can detect a cybersecurity breach.
29% of retail banks and insurers offer both strong data privacy practices and a sound security strategy.
26% of these institutions have been hacked, Vs 3% of consumers believe their bank or insurer has ever been breached.
74% of consumers [say they] would switch their bank or insurer in the event of a data breach.
85% of consumers want to be notified within one day of a breach.
Annual Cybersecurity Report 2017
Cisco - Survey of 2,912 security professionals - 110 pgs - 31 Jan 2017
After a public breach, 29% of organizations lost revenue, including 22% that lost customers (pg 57).
The cost of a public data breach is ">20% of business opportunity" according 42% of security professionals.
56% of security alerts are investigated at average organisations. Of investigated alerts, half are "legitimate."
44% of "legitimate" security alerts are remediated at the average organisation.
65% of all email is spam, with about 9% of spam being malicious.
Data Breach Report
ITRC (Identity Theft Resource Center) - Details 1,093 publicly reported data breaches in USA - 19th Jan 2017
40% increase in the number of publicly reported data breaches in USA: 1,093 in 2016 vs 780 in 2015.
106% increase in number reported data breaches caused by hackers: 607 in 2016 vs 295 in 2015.
55.5% of data breaches reported in 2016 caused by hackers (including skimming & phishing).
GRIZZLY STEPPE – Russian Malicious Cyber Activity
NCCIC & FBI - 13 pgs - 29th December 2016
Report details the tools and infrastructure used by Russians to compromise networks associated with the U.S. election.
APT28 leverages domains that mimic those of targeted organizations and trick victims into entering legitimate credentials.
APT29 crafts targeted spearphishing campaigns leveraging web links to a malicious dropper to Remote Access Tools (RATs).
Actors likely associated with Russian Intelligence are continuing to engage in spearphishing campaigns.
Indicators of Compromise and recommended Mitigations are detailed.
Microsoft Security Intelligence Report
Microsoft - 19 pgs - 14th December 2016
20.6% of computers worldwide that give feedback to Microsoft encountered threats that were not blocked by their web browser.
Microsoft's Malicious Software Removal Tool (MSRT) identified a highly prevalent or serious threat on 1% of reporting computers.
Ransomware was detected by Microsoft on 0.82% of computers in Italy, and 0.74% in Bulgaria (the worst 2 countries worldwide).
According to Microsoft, 27% of computers that still use Windows Vista do not have any real-time security running on them.
Security of Mobile Payments and Digital Wallets
ENISA - 47 pgs - 19th December 2016.
Quotes ISACA survey of 900 mobile cybersecurity experts:
Reviews security features of Apple Pay, Google Pay, Samsung Pay.
ENISA identify 8 key threat areas and makes 4 recommendations.
Securing Smart Airports
ENISA - Interviews with 20 organisations in 8 countries - 84 pgs - 16th December 2016
Most critical information assets held by airports: passenger check-in (38%); baggage handling (38%); CIPPS (31%); ATM (31%).
This report details three attack scenarios (e-Tickets; Baggage Handling; Drone Intercept) and their cascading effects.
This report details 8 main gaps in relation to cyber security in smart airports, and offers 8 recommendations.
Yahoo announces largest breach in history (again)
14th December 2016 - Data shown on "Information is beautiful"
Breach of 1 billion accounts included Passwords, Secret Questions, DOBs, Names and Phone Numbers.
Breach occurred 5 years after warning that Yahoo's MD5 encryption is "broken and unsuitable for further use."
Yahoo responds: "We have invested more than $250 million in security initiatives across the company since 2012."
Yahoo added "we have a deep understanding of threats and strive to stay ahead to keep our users and our platforms secure."
Cyber security incidents reported to UK's ICO
ICO - Information Commissioner's Office - 5th December 2016
46% increase over last 3 months in cyber security incidents reported in UK to ICO
54% increase in over last 3 months in cyber exfiltration incidents (where hacker extracts data)
Cyber Security & Intelligent Mobility
Transport Systems Catapult (TSC) - over 54 organisations interviewed - 44 pgs - 24th November 2016
Cyber Security issues faced by Transport will not simply be an acceleration of the current constant, with more cyber-attacks.
The UK government has classified its transport network as one of its 13 critical national infrastructures.
80% of security & mobility professionals identify autonomous vehicles as major cyber security issue.
"Many IoT products are being released without even basic security protocols in place."
In excess of 250 million connected vehicles will be on the roads globally by 2020.
"A rogue actor seizing control of a fleet of vehicles does not bear thinking about."
Cyber Insurance Claims Study
NetDiligence - sampling of 176 cyber liability insurance claims - 56 pgs - 17th October 2016
The average (mean) total breach cost was $665K, with an average (mean) payout for Crisis Services of $357K.
The average (mean) payout from cyber insurance is $495K (74% of cost), with typical (median) payout $49K (82% of cost).
The typical (median) breach cost was $60K, including a typical (median) cost for Crisis Services of $43K, including $16K on legal.
Cause of the Loss covered by Cyber Insurance reported as: Hackers (23%); Malware (21%); Lost Device (13%); Staff Mistake (9%).
Uncovering hidden threats within encrypted traffic
Ponemon - Survey of 1,023 IT & Security Practitioners - 16 pgs - 30th Aug 2016
Nearly 50% of attacks used malware hidden in encrypted traffic to evade detection.
75% of IT experts admit malware could steal employee credentials from their networks.
A surprising outcome of the growing use of encryption technology is an increase in cyber attacks.
Encryption that protects sensitive data can allow malware hidden inside encrypted traffic to pass uninspected into an organization.
Cost of cyber incidents affecting CIIs
ENISA - 32 pgs - Review of 17 studies of cost of cyber-security incidents on Critical Information Infrastructures - 5th August 2016
"Measuring real impact of cyber incidents in terms of the costs needed for full recovery proved to be quite a challenging task."
A large majority of organisations still have not implemented basic security controls against cyber attacks.
DoS/DDoS and malicious insiders constitute approximately half the annualized cost of all cybercrime.
It is estimated that cyber-attacks against oil and gas infrastructures will cost $1.87 billion by 2018.
The financial loss from cyber incidents reaches up to 1.6% of GDP in some EU countries.
Cyber-attacks affecting IoT and similar infrastructures are increasing dramatically.
Are Data Breaches Becoming More Common?
Motherboard - 1 pg - 28th July 2016
Dumps of databases of breached personal information appear to be increasing over 50% per year
The 2016 State of Privileged Account Management Report
Thycotic - Survey of over 500 IT security professionals - 35 pgs - 25th July 2016
76.5% of organisations say Privileged Account Management security a high priority.
67.2% of organisations allow a single approver to create a new Privileged Account.
39.8% of organisations use the same security for Privileged Accounts as Standard Accounts.
17.8% of organisations have not changed the default passwords on Privileged Accounts for some of their systems.
UK Crime Rate set to double after true scale of internet offences laid bare
The Guardian - 1 page summary of Office of National Statistics report - 21 July 2016
One in 10 people in England and Wales have been victim of cybercrime in the past year, first official figures show.
These figures include online shopping scams, virus attacks, theft of bank details and other online offences.
2m computer misuse offences include 1.4m virus attacks plus 0.6m hacks of personal information.
5.8m incidents of cybercrime in the UK in the last year according to ONS estimate.
Law firms’ cyber fraud losses up 40% in a year
Hazelwoods - 1 pg - 20th July 2016
UK law firms’ losses to cyber fraud have jumped by 40% in the last year alone as the costs of email hacking continue to rise.
Cyber frauds at UK law firms in the six months from November 2015 to April 2016 totalled £2.53 million.
Law firms expected to repay lost client funds immediately.
Ransomware and Businesses 2016
Symantec - 30 pgs - 19th July 2016
$679 is the average Ransomware demand - more than double the $294 at the end of 2015. Highest demand is $5,083.
31% of Ransonware attacks are in USA, followed by Italy, Japan, NL, DM, UK, Canada, Belgium, India & Australia.
57% of Ransomware attacks are on Consumers. Among businesses, Services & Manufacturing suffer half attacks.
Keep security software, operating system & other software up to date, delete suspicious email, back-up data.
Security Beyond the Traditional Perimeter
Ponemon - BrandProtect - interviews with 591 IT and IT security practitioners in the United States - 5 pgs - 18th July 2016
External threats include socially engineering, impersonations, ransomware, malware, rogue social domain activity and hactivism.
The assets that executives believe external threats put at risk: Reputation (60%), Revenue (52%), Employee Safety (47%).
79% of respondents have inadequate security processes for monitoring social media and the internet for external threats.
62% of respondents say external threats are harder to detect than internal threats.
$3.5 million is average spend to deal with each external attack.
Mapping the CyberSecurity Landscape
Ward Solutions - Survey of 133 senior IT professionalsin Ireland - 16 pgs - 15th July 2016
79% of Irish companies invest in IT security more for reasons of "Compliance" than to "Reduce Security Risks"
23% of Irish companies don’t have policies or controls in place when it comes to third-party access to data.
46% of Irish companies would not disclose a data breach to impacted third parties.
26% of Irish companies have not planned for potential data breaches.
52% rise in young identity fraud victims in the UK
Cifas (the UK’s leading fraud prevention service) - data on confirmed fraud cases from 261 member organisations - 5th July 2016
57% increase in confirmed Identity Fraud cases in UK, to 148,463.
86% of all identity frauds in 2015 were perpetrated online.
Video shows Social Media risks: https://goo.gl/o59LJt
Taking the Offensive - Working together to disrupt digital crime
BT & KPMG - 33 pgs - 4th July 2016
Gartner estimates that spending on digital security in 2015 was $75bn.
A DDoS attack costs just $5 per hour to mount but more than $40,000 an hour to defend against.
22% of companies say they are fully prepared to combat security breaches perpetrated by organised crime.
The internet economy is estimated to be about $4.2 trillion, but digital crime currently costs the world in the region of $400 billion.
2016 State of Cybersecurity in SMBs
Ponemon - 30 pgs - 30th June 2016
14% of SMBs (Small & Medium Sized Businesses) rate their ability to mitigate cyber attacks as highly effective.
59% of SMBs say they have no visibility into employees' password practices and hygiene.
65% of SMBs do not strictly enforce their documented password policies.
Cyber Resilience Report 2016
Business Continuity Business Continuity Institute (BCI) - 369 respondents in 61 countries - 29th June 2016
Top causes of Cyber Disruption: 61% Phishing, 45% Malware, 37% Spear Phishing, 24% Denial of Service, 21% Old Software.
Some respondents cited that they only came to know about a disruption through law enforcement & the media.
19% of respondents report it takes over 4 hours for their organisation to respond to a cyber incident.
7% of respondents estimated the cumulative cost of cyber incidents at over €250k.
66% of respondents report at least 1 cyber incident in last 12 months.
CyberSecurity and the M&A Due Diligence process
NYSE Governance & Veracode - Survey of 276 Directors - 8 pgs - 30th June 2016
78% of deal makers didn’t specifically quantify cybersecurity risk in their M&A due diligence processes in 2015.
74% of directors claim a high profile breach would significantly lower the valuation of an acquisition, or stop it completely.
31% of Directors say the discovery of major security vulnerabilities would "very likely" affect an acquisition or merger.
Assessing the risk of the expanded security perimeter created by adding web applications of acquired company.
Perimeter assessments by Veracode identified nearly 40% more applications than their owners were aware of.
Security & the C-Suite
Radware - survey of 205 IT executives 19 pgs - 28th June 2016
91% of British Executives say they won't pay cyber ransom, but 64% do pay when attacked.
29% of Executives say IoT devices are extremely likely to be top avenues for cyber attacks.
Companies that paid cyber ransoms reported an average of $7,500 in the U.S. and £22,000 in the U.K.
Board-level concerns about cyber attacks: damage to brand (34%), operations (31%), revenues (30%), productivity (24%).
Cost of Data Breach
Ponemon - IBM - 32 pgs - Study of 383 companies in 12 countries - 15th June 2016
Mean Time to Identify a breach = 201 days (range = 20 to 569). Then Mean Time to Contain = 70 days (range of 11 to 126).
48% of breaches in this study caused by malicious or criminal attacks, 27% by "system glitch," 25% by human error.
$4 million is the average total cost of data breach (up 29% since 2013): more in Healthcare, Education & Finance.
Abnormal churn following a breach ranges from 6.2% in Finance and 5.3% in Health to 0.1% in Public Sector.
Probability of a data breach in next 12 months involving a minimum of 10,000 records = 25.6%.
Cost is reduced most by: Incident Response Team (-10%), Encryption (-8%), Training (-6%).
$158 is the average cost per lost or stolen record (up 15% since 2013).
£1bn lost by UK businesses to online crime in a year
Action Fraud - Crimes reported to NFIB - published 13 June 2016
22% increase in number of online crimes reported, at 37,070 in last year.
Other types of fraud which have spiralled are CEO Fraud and extortion (RansomWare).
Hacking is one of the most widely reported types of fraud in the past 12 months, with 1,314 reported cases.
66% increase in Mandate Fraud (when fraudster gets victims to change a direct debit or standing order): 2,323 crimes reported.
Cyber Resilience - How to protect small firms
Federation of Small Businesses - Questionnaire completed by 1,006 respondents in UK - 10th June 2016
66% of small businesses have been a victim of at least one cyber crime in the last 2 years.
Phishing & Spear Phishing are the most common cyber attacks, experienced by 49% & 37% of small businesses.
The highest incidence of Phishing is suffered in the arts, entertainment and recreation sector.
The average cost of cyber crime to small businesses is just under £3,000.
State of the Internet
Akamai - 10 pgs - 7th June 2016
125% increase in total DDoS attacks in last year, (including 138% increase in mega attacks over 100 Gigabytes per second).
26% increase in Web Application Attacks in last year, (including 236% increase in web application attacks over HTTPS).
Symantec Monthly Threat Report
Symantec - Global Intelligence Network (GIN) - 3rd June 2016
1 in every 2 emails are spam.
1 in every 134 emails link to malware.
1 in every 2,284 emails are phishing.
Phishing Activity Trends Report
APWG - 23rd May 2016
123,555 unique Phishing sites identified in March 2016.
42% of Phishing attacks target the Retail & Services sector.
18% of Phishing attacks target the Financial Services sector.
250% surge in unique Phishing websites detected over last 6 months.
51% of PCs in China are infected with Malware, 23% in UK, 20% in Sweden.
Managing Insider Risk through Training & Culture
Ponemon survey of 601 individuals in companies with data protection and privacy training - 23rd May 2016
60% of companies believe employees are not knowledgeable about the company’s security risks.
49% of companies that offer data protection training include Phishing in the course.
46% of companies that offer data protection training make it mandatory.
43% of companies that offer data protection training provide only one basic course.
35% of companies have leaders who prioritise training staff about data security risks.
29% of companies with mandatory data protection training give an exception to CEOs.
Users really do plug in USB Drives they find
IEEE Security Symposium - University of Illinois + Google - 14 pgs - 23rd May 2016
48% of the USB drives dropped randomly were picked up, plugged in, and clicked on by users.
USB Drives marked "Confidential" more likely to be opened than those marked with Owners return label.
No difference between the demography, security knowledge and education of the users who plugged USB drives.
This research raises the question of the effectiveness of security education at preventing breaches.
Timeline of Disruption
HPE - Hewlett Packard Enterprise - Infographic - May 2016
55 years after Passwords were introduced on computers, 33% of companies still allow weak ones.
41 years after Encryption was introduced on computers, 35% of organisations still don't use it.
117 million LinkedIn Passwords for sale
Motherboard - report of sale by Hacker called "Peace" - 18 May 2016
Details actions taken today by LinkedIn's CISO, about these passwords stolen in 2012
Cyber and The City
TheCityUK and Marsh - 36 pgs - 17th May 2016
Includes map of the 31 organisations fighting cyber threats to Financial Services in the UK.
"Surveys say average annual cost of cyber crime to large firms is £1.5m – £3m, but this is likely to be far short of the actual cost."
"We propose that the financial sector sets up a Cyber Forum comprising a steering group of Board level cyber risk owners."
Recommended Check-List for Board: #8 - Preparations have been made to respond to a successful cyber attack.
Recommended Check-List for Board: #1 - The main cyber threats for the firm have been identified and sized.
"The City should work on systemic cyber risk reduction: infosharing, risk aggregation & sector resilience."
The Business of Hacking
HPE - Hewlett Packard Enterprise - 20 pgs - 17th May 2016
Weaknesses of Hacker Business Model: paranoia, anonymity, breakdown of trust, extra tracking features in tools.
Threats to Hacker Business Model: Law Enforcement, New Security Tech, "Noisy" Newbies, Weakest Link in Groups.
Breaches of Unsecured Health Information in USA
U.S. Department of Health and Human Services - Breaches affecting >500 individuals - 13th May 2016
1,551 breaches of personal medical data reported in USA, impacting 158 million individuals, in the last 60 months
20% of medical data breaches involved a "business associate" of the medical organisation, eg billing, insurance, software provider.
Privacy & Security of Healthcare Data
Ponemon - survey of 91 healthcare organisations & 84 of their business associates in USA - 51 pgs - 12th May 2016
50% of breaches affecting healthcare entities are reported to be caused by a criminal attack, 41% by a "third-party snafu."
53% of healthcare entities in USA are confident they would be able to detect the loss or theft of patient data.
89% of healthcare entities in USA say they know they experienced at least 1 data breach in the last 2 years.
69% of healthcare entities in USA believe they are at greater risk than other industries for a data breach.
40% of healthcare entities in USA hire external third parties to help with breach response.
31% of actual breaches known to healthcare entities in USA were identified by patients.
The real cost of data breaches
FireEye - Interviews with 6,500 individuals in 6 countries - 11th May 2016
91% of consumers say "24 hours or less" is acceptable delay before an organisation holding their data informs them of any breach.
21% of consumers think an organisation that has suffered a breach in the past would be more secure than other organisations.
Among causes of a breach, the least harmful to consumer loyalty is Human Error (vs eg organisational negligence).
15% of consumers say "I do not want to be associated with any brand capable of losing its customers' data."
32% of consumers say their loyalty to an organisation would diminish if it suffered a data breach.
13% of consumers say they would definitely pay more to a provider with better data security.
UK Cyber Security Breaches Survey
UK Government - telephone survey of 1,008 representative UK businesses - 50 pgs - 8th May 2016
95% of all UK businesses kept their most disruptive breach from the public, including 82% who don't report breaches to police.
24% of all UK businesses detected at least 1 cyber security breach in last year, including 51% of medium firms and 65% of large firms.
17% of all UK businesses provided any training on cyber security to any staff in last year, including 38% of medium firms and 62% of large firms.
Where a breach is detected, business operations are back to normal in under a week in 92% of cases, including 78% in under a day.
10% of all UK businesses have formal cyber security incident processes, including 25% of medium firms and 42% of large firms.
6% of all UK businesses are aware of Cyber Essentials scheme, including 11% of medium firms and 20% of large firms.
18% of all UK businesses are aware of ISO27001, including 39% of medium firms and 60% of large firms.
FTSE 350 Cyber Governance Health Check
UK Government - Survey completed by 113 companies in the FTSE 350 - 36 pgs - 8th May 2016
71% of Britain's 350 top companies anticipate that net cyber risk will increase in the next year or so.
In the last 2 years, the percentage of UK's top companies that place Cyber as a Top Risk has doubled, to 49%.
In the last 2 years, the percentage of UK's top companies that clearly set their appetite for cyber risk has doubled, to 33%.
In the last 2 years, the % of UK's top companies that review Information Assets "regularly and thoroughly, at main Board" doubled, to 15%.
2% of Britain's top 350 companies say that Cyber Risk "is a technical subject, not warranting Board-level consideration."
World's Biggest Data Breaches
Information is Beautiful - 6th May 2016
Reuters report: 273 million email passwords stolen
5th May 2016: Reuters reporting that 1 in 7 Yahoo email accounts appear compromised, plus hundreds of millions of other email accounts.
Social Engineering by Chocolate
University of Luxembourg - Survey of 1208 random individuals - published 4th May 2016
48% expressed their gratitude for a piece of chocolate by giving the researcher their password.
(This is better than 2007, when 64% did so, & much better than the 71% who did in 2004.)
Data Breach Investigations Report
Published by Verizon - 85 pgs - 25th April 2016
Analysis of 2,260 confirmed data breaches across 82 countries in last 10 years.
63% of confirmed data breaches involved weak, default or stolen passwords.
89% of breaches have a financial or espionage motive.
30% of phishing messages are opened, and 12% of targets actually download malicious software.
Organisations are told of their Breach by Law Enforcement (41%), Third Parties (35%), Fraud Detection (14%) or Internal (10%)
Internet Security Threat Report
Published by Symantec - 81 pgs - April 2016
The number of sophisticated “zero day” cyber attacks is rising at 125% a year
The number of personal identities reported as breached jumped 23% to 429 million
Companies choosing not to report the size of their data breach increased by 85% in the last year
Spear-phishing campaigns targeting employees increased 55% in 2015
78% of web sites reviewed by Symantec had vulnerabilities, of which 15% were "critical"
Ransomware increased 35% in 2015
Web Site Hijacking
Google and University of California - Analysis of 760,935 web sites that were hijacked - April 2016
In an average week, Google identifies 15,000 web sites that have been compromised by hackers.
Google finds that 40.5% of web site hijackings aren’t fixed a month after Google has notified the site owner.
Google finds that 12% of hijacked web sites fall victim to a new attack within 30 days.
Google reports that “webmasters often find hijacking to be a traumatic experience”
Cybersecurity as a growth advantage
Cisco - survey of 1,014 C-level executives - 23 pgs - April 2016
41 percent of C-Level Executives are much more concerned about cybersecurity than they were just three years ago.
The main purpose of cybersecurity is to Enable Growth, according to 35% in Retail, 34% in Transport, 33% in Banking, vs 23% in Hospitality.
"Secure Digitizers" capitalize on Cybersecurity and Compete to win.
SMEs Under Threat - Databreach preparedness study (UK)
Experian - survey of 302 IT business decision makers + 2,008 consumers in UK - 14 pgs - 7th April 2016.
The average SME under-estimates the cost of a data breach by 40%.
Staff disagree about who is responsible for a breach: 44% say CEO & Board; 42% say IT.
Almost all organisations that have experienced a breach now invest in response plans.
23% of SMEs believe their customers would stop using the company if the safety of their personal data was jeopardised.
77% of SMEs say the financial impact of a breach would be significant to the day-to-day running of their organisation.
Consumer Attitudes Toward Data Breach Notifications
RAND Corporation - 78 pgs - Survey of 2,038 American adults - April 2016
11% of US adults who received a breach notification say they quit doing business with the hacked company
Older, Richer & more Educated consumers are about 50% more likely to close or switch from breached account (pg 31)
62% of US adults say they accepted offers of free credit monitoring after a breach
Actions wanted from hacked company: prevent repeat of breach, offer free credit monitoring, notify consumers immediately.
The Accountability Gap Report – Cybersecurity and Building a Culture of Responsibility
Tanium & Nasdaq - 32 Pgs - April 2016
The worst 10% of the 1,530 Executives interviewed in 8 countries are "highly vulnerable"
Among the "highly vulnerable" Executives: 91% can’t interpret a cybersecurity report, only 10% are updated about cybersecurity.
40% of these Executives don't feel responsible for the repercussions of cyber attack
FBI warns of Dramatic Increase in Business E-Mail Scams
FBI - Phoenix, USA - April 2016
Victims range from large corporations to tech companies to small businesses to non-profit organizations
270% increase in identified victims and exposed losses from this "spear fishing" and "whale fishing" since January 2015
Over $2.3 billion in losses reported by 17,642 victims since October 2013
Schemers spoof company e-mail or use social engineering to assume the identity of the CEO, etc.
Code 42 - 25 pgs - March 2016
25% of knowledge workers don't trust their employers with their data
25% of knowledge workers don't tell their IT Teams about external systems they use to share company data
55% of enterprise IT decision makers say end users don’t understand the risks that poor data security poses to the business
Annual Data Breach Trends
Kroll - 8 pgs - March 2016
32% of data breaches investigated by Kroll were of paper records.
16% increase in cyber hacking incidents investigated by Kroll over previous year.
58% of breaches considered malicious or non-accidental were low-tech, such as from laptop thefts.
60% of breaches investigated by Kroll were caused by human errors (eg accidental exposure, or lost devices).
Cause of breach: 48% Current Employee; 31% Outside Perpetrator; 17% Related Third Party; 4% Former Employee.
Cyber Risk Diligence in M&A
Good Harbor and Sidley Austin LLP - 20 pgs - 4th March 2016
Annual Loss Expectancy of future years should be discounted to provide risk discount on acquisition.
Buyers should assess major upstream & downstream players in the supply chain of company being acquired.
Cyber Risk is "material" when M&A target possesses data on consumers, employees, cardholders, or intellectual property.
State of Cybersecurity - Implications for 2016
ISACA and RSA - global survey of 461 cybersecurity managers - 23 pgs - March 2016
75% of cybersecurity managers expect to fall prey to a cyberattack in 2016.
82% of companies’ board of directors are “concerned” or “very concerned” about cybersecurity.
62% of cybersecurity managers expect risk will increase in the long term, Vs 7% who think it will decrease.
Only 31% of cybersecurity managers are comfortable with their ability to detect and respond to complex cyber incidents.
BYOD & Mobile Security
LinkedIn ISC on "Bring Your Own Device" to work - survey of 882 IT professionals - 39 pgs - March 2016
Main concerns among IT about BYOD: 72% data leak; 56% unauthorised access to systems; 54% users download unsafe apps.
42% of IT staff struggle to detect and remediate threats on mobile devices.
39% of IT staff know that mobile devices used by staff have downloaded malware, 35% are unsure.
24% of IT staff know that mobile devices used by staff have access a malicious WiFi, 48% are unsure.
21% of IT staff know that mobile devices used by staff have been involved in a security breach, 37% are unsure.
Cyber security in the boardroom
CGI - 28 pgs - 15th March 2016
28% of UK board members think that a cyber breach is an IT issue.
38% of UK board members think their company will suffer a cyber security breach in the next twelve months.
52% of CEOs in B2B companies are accountable for cyber security, but only 18% of CEOs in B2C companies.
Cyber Security - Underpinning the digital economy
Institute of Directors (UK) - 24 pgs - March 2016
12.5% of IoD members have experienced damage due to a cyber attack that interrupted business
72% of cyber attacks on UK companies aren’t reported to the police
68% of IoD Members are unaware of Action Fraud, the UK’s national reporting centre for fraud and internet crime
Cyber Chasm: disconnect between C-suite & Security
EIU (Economist Information Unit) - Survey of 1,100 executives at large firms - 25 pgs - 3rd March 2016
The #1 asset to be protected during a cyber attack is Reputation, according to the C-Suite.
Reputation is the #5 priority among assets that cyber security leaders focus on.
Data Breach Digest
Verizon - 82 pgs - March 2016
Of the breaches Verizon has investigated, 16% due to Social Engineering, 9% to Digital Extortion.
The types of attack that hit Services companies most often are Crimeware, then Web App attacks.
The types of attack that hit Mining companies the most are Insider, then Espionage.
Business leaders inadvertently leave their companies open
Digitalis Reputation - March 2016
51% of UK business leaders have altered privacy settings on websites such as Facebook to protect sensitive personal information.
Only 24% of UK business leaders regularly check what information about them is easily accessible online.
64% of UK business leaders use strong passwords and change them regularly.
55% of UK business leaders only accept friend requests from people they already know.
CyberThreat Defense Report
CyberEdge - Survey of 1,000 IT Security Professionals from Large Organisations - 36 pgs - March 2016
85% of large companies spend >5% of their IT budgets on security, including 30% spending >15%.
62% of IT Security staff at large companies expect their organization will fall victim to a successful cyberattack in the coming year.
30% of IT Security staff at large companies are confident their employer adequately monitors privileged IT users.
25% of security professionals doubts their organization has invested adequately in cyberthreat defenses.
Low security awareness among staff is the strongest inhibitor of efforts to defend large organisations from cyberthreats.
State of the Internet - Security Report
Akamai - 76 pgs - 29th February 2016
149% increase in last 12 months in number of DDoS (Denial of Service) attacks
49% decrease in last 12 months in average attack duration, to 15 hours.
The gaming sector is most frequently hit by DDoS attacks.
The retail sector is most frequently targeted in web application attacks.
Global Economic Crime Survey
PWC - 56 Pgs - Feb 2016
Over 60% of businesses express no confidence in the ability of law enforcement to deal with cyber crime
55% of UK organisations have suffered economic crime in last 24 months
24% of UK organisations have suffered cyber crime in the last 24 months (an increase of 20%)
51% of UK organisations expect to be the victim of cybercrime in next 24 months
Cyber Threat Brief
Webroot - 24 pgs - February 2016
Cybercriminals created 29% more Malware files (such as Ransomware) in 2015 vs 2014
Cybercriminals now design 97% of Malware to be polymorphic (changing shape to avoid detection)
Cybercriminals created 100,000 new malicious IP addresses each day in 2015, up 18% on 2014
Horizon Scan 2016
Business Continuity Institute - 32 Pgs - February 2016
Survey of 568 organisations in 74 countries
The top threats to business continuity in 2016: #16 = Earthquake, # 4 = Terrorism, #2 = Data Breach, #1 = Cyber Attack
85% of Business Continuity Managers fear the possibility of a cyber attack
Annual Data Breach Report
California DoJ - 76 Pgs - February 2016
Analysis of 657 breaches in 4 years to December 2015
90% of all the data records reported lost are caused by cyber attack
Failure to implement all 20 ISCS Controls constitutes a lack of reasonable security... .
Cyber Risk Report 2016
HP - analysis of over 7,000 scanned applications - 17th Feb 2016
153% yearly growth in newly discovered malware samples on Android platform
The most exploited bug in 2014 (Allaple) is still the leader in 2015, demonstrating poor patching by organisations. [The malware was created in 2006, and the author was jailed in 2010, but Allaple is still the most frequently seen malware on corporate systems.]
Threat Landscape 2015
ENISA - 88 pgs - 27th January 2016
Top 3 Threats all increased in last 3 months: Malware, Web based attacks, Web application attacks.
Malware increases by about 1m new samples per day, to over 2bn, mostly held in Russia (50%), USA (12%), NL (8%), DM (5%).
Web Based Attacks are based on bad URLs, with 58,000 new ones detected daily, of which 50% are hosted in USA.
Web Application Attacks support malware injections & data breaches, with key methods being Shellshock (40%), SQLi (28%).
DDoS attacks rose in number by 130%. The most attacked sectors are Gaming (35%), Software (27%) & Internet Providers ( 13%).
Physical theft / loss is the fastest rising threat (up from #10 to #6), and is a leading cause for data breaches and identity theft.
Phishing attacks cost large companies about $380 per employee, vs $3.7 for training to bring a 50% mitigation of this threat.
Attitudes to Data Protection in Ireland
Irish Computer Society DPO - 26 pgs - January 2016
20% of Irish organisations are certain they had a breach in 2015
4.4% of organisations are certain they had a breach in 2015 that affected over 100 individuals
Only 12% of breaches caused by malicious attack, Vs 70% by staff & 12% by 3rd party over last 2 years
2.8% of Irish organisations identified they suffered 1 or more breaches caused by malicious attack in last 2 years
Cybersecurity in Private Equity
eSentire and PEI - Survey of 91 PE Firms - 24 pgs - January 2016
61% of PE Firms expect to come under cyber attack in next 12 months
45% of PE firms believe that cybersecurity is a high threat to business their operations
11% of PE firms have standardised cybersecurity for all of their portfolio companies
Responsibility for cybersecurity sits with the PE Firm's CFO (50%), COO (24%), CIO (12%)
Annual Security Report
Cisco - 87 pgs - January 2016
55% of CEOs are not told about data breaches
45% of security professionals are confident they can determine scope of a breach
Who gets told about about security incidents: CEO (45%), HR (32%), Legal (28%), PR (24%), Authorities (18%)
State of the Data Nation
Informatica - January 2016
62% of consumers say they’d lose trust if a company didn’t communicate about a breach
56% of consumers say they’d lose trust if a company suffered a 2nd confirmed breach in a year
Cyber is #1 Operational Risk for 2016
Survey of Chief Risk Officers worldwide, by Risk.Net - January 2016
"Cyber risk has been shown to be a clear and present danger to business and the public generally"
Cyber preparedness: the next step for boards
EY - 2pgs - January 2016
46 days is the average time needed to resolve an attack.
19% - the annual increase in cost of cybercrime to businesses.
Only 5% of Directors at the world’s largest firms are knowledgeable about cybersecurity matters.
Only 7% of organizations claim to have a robust incident response program for cyber attacks.
Cyber Resilient Enterprise - UK
Ponemon Institute and Resilient Systems (IBM) - Survey of 450 IT practitioners in UK organisations - Jan 2016
44% of UK firm's leaders recognise that cyber resilience affects enterprise risks and brand image.
43% of UK organisations do not have any CSIRP (Cyber Security Incident Response Plan) at all.
32% of UK organisations experience collaboration between business functions that is either poor or non-existent in cyber.
18% of UK organisations have a well-defined CSIRP (Cyber Security Incident Response Plan) that is applied consistently
Annual CEO Survey
PWC - 44 pgs - January 2016
Cyber security is a worry for 61% of CEOs worldwide, including for 79% of those working in Insurance
74% of UK CEOs worry about cyber security
Only 38% of CEOs in the Mining sector are worried about cyber security
Targeted cyber attacks - trouble at your door
Quocirca - 17 pgs - December 2015
State of the Internet - Security
Akamai - 61 pgs - December 2015
State of Cybersecurity Survey
Inhouse Lawyers - ACC - Association of Corporate Counsel - 14 pgs - December 2015
Survey of in-house lawyers hailing from 887 organizations in 30 countries
Employee Error is the number-one cited cause of breaches, said to be behind 26%-36% of system breaches
48% of American inhouse laywers say their company has mandatory training on cybersecurity for all employees
Cyber security - A failure of imagination by CEOs
KPMG - 12 pgs - December 2015
20% of CEOs say information security is the risk they are most worried about
10 cyber security predictions
ThreatStream - 2 pgs - December 2015
Cyber security sector struggles to fill skills gap
Financial Times - 2 pgs - 18th Nov 2015
"Largest human capital shortage in the world” as demand for cyber security experts forecast to outstrip supply by a third.
Only 103,000 people are CISSP-certified, but there were almost 50,000 job openings for CISSP-certified workers in the US in 2014.
Cyber security is more difficult to recruit for than data science, advanced manufacturing and petroleum engineering.
(ISC)2 expects demand for cyber staff to increase 10.8% pa to 2019, while supply will increase 5.6% pa.
In the UK, salaries have increased up to 10% pa for cyber security staff, & 16% for consultants.
Data Breach Trends
Risk Based Security - 14 pgs - November 2015
Retail and eCommerce Security
SecurityScorecard - 19 pgs - November 2015
Attacks on Industrial Control Systems
HBKU and MIT - 33 pgs - November 2015
Cyber Risks - Alternate cyber futures for the world
Atlantic Council - 25 pgs - November 2015
Cyber Risk of growing importance to Credit Analysis and Ratings
Moodys Investor Service - 17 pgs - November 2015
Data Breach Industry Forecast
Experian - 9 Pgs - November 2015
RSA EMC - 25pgs - November 2015
Global state of Information Security
PWC - 39 pgs - November 2015
In 2015, the average organisation detected 38% more information security incidents than in 2014
Retail and Consumer organisations detected 154% more incidents in 2015 than in 2014
Security Issues that deserve a Logo
Tenable - 31 pgs - November 2015
Global Information Security Survey 2015
EY - 34 pgs - November 2015
Retail Hacking Season
R-CISC - 12 pgs - November 2015
CyberCrime - Consumer Data Under Threat
Deloitte - 28 Pgs - November 2015
73% of consumers "would reconsider a company it failed to keep their data safe”
33% of consumers would "close their online account following a breach"
Global Cybersecurity Assurance Report Card
Tenable - 19 pgs - November 2015
Insider Threat Index
Clearswift - 11 pgs - November 2015
Botnets are the new data breach threat
ThreatMetrix - 2pgs - November 2015
Vulnerability Risk Management
NopSec - 8 pgs - November 2015
High Profile and International Events Cyber Security Advice
Australian Cyber Security Centre - 5 Pgs - November 2015
UK National Computer Emergency Response Team - Q2 Report
CERT UK - 13 pgs - Published November 2015
Malware remains the greatest threat to cyber-security
The 5 sectors reporting the most incidents: Government, Communications, Professional Services, Financial Services, Health
The Conficker worm is the most prolific malware affecting the UK, despite being discovered almost seven years ago
European Cyber Risk Survey Report
Marsh - 14 pgs - October 2015
79% of European organisations don't assess suppliers they trade with for cyber risk.
68% of European organisations have not estimated the financial impact of a cyber-attack.
55% of European organisations don't have cyber risk on their corporate risk register.
27% of European organisations possess an incident response plan for material cyber events.
Insider Risk Report - Riskiest Users
Intermedia - LARGE FILE - Survey of 2,031 users in UK and USA - October 2015
32% of IT professionals admit they have given out their login / password credentials to other employees
28% of IT professionals admit they have accessed systems belonging to previous employers after they left the job
31% of IT professionals admit they would take data from their company if it could positively benefit them
52% of IT professionals admit they use re-use their personal passwords for business apps
41% of Millennials think it’s OK to install applications on their work computer without consulting IT
30% of Millennials admit they have emailed company information to a personal email address
What CEOs should know about Cybersecurity
ATT - 36 pgs - October 2015
78% of employees don't obey company policy on information security
APT - Advanced Persistent Threat report
ISACA CSX - 17 Pgs - October 2015
Cost of Cyber Crime to UK organisations with 1,000+ staff
Ponemon - HP - 31 pgs - 2015
Denial of service, malicious insiders and web-based attacks account for 49% of all cyber crime costs per organisation
Average cyber crime costs are up 14% in last 12 months
Navigating the threat landscape
10 tips - Kaspersky - 20 pgs - October 2015
Biggest data breaches
Information is Beautiful - October 2015
Cyber Attacks cost business $300bn per year
Grant Thornton - 2 pgs - Sept 2015
Debate: The Market for Cyber Insurance isn't Sustainable
Professional Liability Underwriting Society (PLUS) - 17th September 2015
Cybersecurity - Executive Guide
Foley and Lardner - 18 pgs - September 2015
Information Security Data Breaches Survey
PWC - InfoSecurity - UK Government - 8 pgs - September 2015
Typical cost of each "Worst" data breach of year: for a large firm = £1.5m to £3.1m; for a small firm = £75k to £311k
90% of large UK businesses & 74% of small ones know they suffered "some form" of information security breach in last 12 months
75% of large UK businesses & 31% of small ones know they suffered staff-related security breaches in the last year
69% of large UK businesses & 38% of small ones know they experienced cyber attack last year
50% of the worst security breaches were caused by "human error," 28% "partly by senior management"
The Greatest Cybersecurity Risk Comes From Within - Insider Threat
Caresani and Snyder - 5 pgs - September 2015
Guide to Cyber Risk
Allianz - 32 pgs - Sept 2015
$445bn - the estimated annual cost to the global economy from cyber crime
$200bn - the estimated annual cost to the world’s largest four economies (US, China, Japan and Germany).
80% of cyber-attacks can be prevented or mitigated by basic information risk management
50 billion machines will be exchanging data on a daily basis in the near future.
By 2025 the cyber insurance market could be worth $20bn
A catastrophic cyber loss is increasingly likely.
Data Breaches 2005-2015 - Debunking Myths
TrendMicro - 51 Pages - Sept 2015
Data Breaches 2005-2015 - By Industry
TrendMicro - 24 Pages - Sept 2015
Most Ransomware Isn’t As Complex As You Might Think
Engin Kirda - LastLine Labs - 26 pgs - 5th August 2015
Only 36% of Ransomware studied actually delete files, & most "deletion" manipulates but leaves data on disk.
60% of Ransomware studied don't delete, simply create a persistent new desktop
Executive Brief on Information Security
Universities in USA - Educause - 11 pgs - August 2014
Top 10 Risks for Internal Audit in 2015
KPMG - 16 pgs - July 2015
DDOS - Distributed Denial of Service
Akamai Technologies - pg 70 - July 2015
Cyber Risks as viewed by UK Captains of Industry
AIG - 6 pgs - July 2015
52% of businesses rarely discuss cyber security policy at board meetings (only 26% actually do)
47% of companies do not designate cyber security to be a boardroom issue.
Lists the 5 key questions companies should be asking themselves as the cyber threat continues to evolve.
Cyber Threat Report 2015
Australian Cyber Security Centre - 28 Pgs - July 2015
Audit Committee Oversight of Cyberrisk
EY - 12 Pgs - July 2015
Global CEO Outlook - Cyber
KPMG -32 Pgs - July 2015
Cybercrime Survey in USA
PWC - 16 Pgs - July 2015
Hackers expose credentials of staff at half of FT 500 Europe
Recorded Future - 7 pgs - June 2015
National Crime Agency UK - 47 pgs - June 2015
Cybersecurity threat to Growth
GrantThornton - 8 pgs - June 2015
Cyber Security Infographic
HP and FireEye - 4 pgs - June 2015
Cost of Data Breach in USA
Ponemon - IBM - 22 Pages - May 2015
Last year there was an 11% increase in the total cost of a data breach, to a $217 average per lost or stolen record
An Incident Response team can decrease the average cost of a data breach by 11%.
CyberCrime & the Internet of threats
0.12% of cyber attacks resulted in security incidents in 2013
The cost of malicious data breaches will exceed $2 trillion in 2019, equivalent to 2.2% of global GDP.
Are Millennials the latest security threat?
Software Advice - Survey of 529 employees of U.S. businesses - May 2015
85% of those born after 1980 re-use passwords etc across different sites
19% of those born after 1980 accept social media invites from strangers "most, or all of the time"
15% of those born after 1980 “very likely” to find a way around security controls they consider too restrictive
Website Security Statistics
WhiteHat - 30 pgs - May 2015
86% of all websites have a serious vulnerability
Cybersecurity for For-for-Profit Leadership
GrantThornton - 47 Pgs - May 2015
Threat Brief 2015
Webroot - 24 pgs - April 2015
Interactive Exercise Game on responding to a Targeted Cyber Attack
Trend Micro - March 2015
Cyber Crime Extortion
ThreatTrack Security Study - 3pgs - March 2015
Cyber Guide for SMEs
UK Government - CyberEssentials - 14 pgs - March 2015
Cyber Risk Report for IT Directors
HP - 76 Pgs - March 2015
Global Megatrends in Cybersecurity
Raytheon Ponemom - 23 pgs - February 2015
Cyber security risks in the supply chain and third party risks
CERT-UK and CiSP - 12 Pgs - February 2015
"A determined aggressor will identify the organisation with the weakest cyber-security, & gain access to other members of the supply chain."
Risks highlighted include your suppliers of: web site development, data aggregation, data storage.
"Challenge your suppliers to practice and develop collaborative processes for reacting to compromise or data breaches"
Internet of Things (IoT) - research study
HP Enterprise - February 2015
80% of IoT devices have privacy concerns
80% of IoT devices have poor passwords
70% of IoT devices lack encryption
60% of IoT devices have vulnerabilities in the User Interface
Cybersecurity - You are Already Compromised
Level 3 - 5 pgs - February 2015
"There are more than 100,000 new strains of malware distributed by over 10,000 malicious new domains each day."
Horizon Scan Survey
BSI - 34 pgs - Feb 2015
Data Breach Trends of 2014
Risk Based Security - 12 pgs - February 2015
Breach Notice Letter to Customers - Anthem - 3pgs - Feb 2015.pdf
Reducing Cyber Risk in 10 Critical Areas
UK Government - CyberEssentials - 21 pgs - Jan 2015
Cyber Governance - FTSE 350 Healthcheck
KPMG and UK Government - 24 pgs - January 2015
Common Cyber Attacks
CESG GCHQ - 21 Pages - Jan 2015
Common Cyber Attacks InfoGraphic
CESG GCHQ - 1 Page - Jan 2015
California Data Breach Statistics
California Attorney General - 1pg - Jan 2015
Executive Breach Response Playbook
Brochure - HP - 12 pgs – Jan 2015
Steps to surviving your first data breach as CIO
AlienVault - 12 pgs – Jan 2015
Insider Threat Report
Vormetric - 24 pgs - Jan 2015
Cyber Threat Landscape
ENISA - EU Agency for Network and Information Security - 89 pgs - December 2014
California Data Breach Report
CDoJ - 56 pgs - Oct 2014
Senior Exec Involvement in Breach Response
Ponemon - 30 pgs – Oct 2014
Privileged Users and Data Breaches
IANS - Thycotic - 11 pgs - Sept 2014.pdf
Data Breach Notification Guide
Australian Government - 49 pgs - Aug 2014
Data Breach Resilience example - Castle 1204
Alan Calder - 1pg - July 2014
Consumer Data Insecurity Report
Javelin - 33pgs - June 2014
Cyber Risk Oversight - Director's Handbook
ISA NACD AIG - 64 pgs - June 2014
Economic Impact of Cybercrime