Cyberthreat: Real Answers to Real Problems IDG

A new survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that in the past 2 years, 48% of companies have experienced a data breach. Clearly companies can’t afford to forge blindly ahead, doing the same old “business as usual.”

In this episode Bob Bragdon, Senior Vice President and Publisher of CSO, and Piero DePaoli, Sr. Director for Security and Risk at ServiceNow, explore the cost of conducting “business as usual.”

Sponsored by ServiceNow

A new global survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that more than half the companies have experienced a breach in the past year.

In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Piero DePaoli, Sr. Director for Security and Risk, ServiceNow, explore how respondents in 2 specific industries – financial services and healthcare – are handling threats.

The survey found that both sectors had similar responses regarding breaches: 45% of financial services companies have had one or more breach in the last 2 years, and 50% of healthcare organizations. But the survey also revealed that financial services organizations appear better at handling those breaches. Why is this the case?

“First, [financial services organizations] are less dependent on the manual processes,” says Bragdon. “Only 55% of financial service firms use email and spreadsheets to manage their patch process versus 63% of healthcare organizations. Secondly, financial services firms are also more aware of known patch-related risks. Forty-seven percent of them were breached due to an unpatched known vulnerability versus 58% for healthcare organizations. Neither are stellar, but there’s a clear difference.”

What’s more, financial services has significantly more resources dedicated to cybersecurity. The average headcount, for example, is 48, versus 22 in healthcare.

“It’s really clear that financial services institutions are significantly better funded for this,” says DePaoli. “Security organizations in financial institutions tend to be more mature and they’re also earlier adopters of newer technologies as they’re really – they’re likely to get targeted more than others and they really want to stay ahead of it.”

Sponsored by ServiceNow

A new global survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that more than half the companies have experienced a breach in the past year.

In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Cliff Huntington, head of global sales for governance, risk, and compliance at ServiceNow, explore how high-performing security teams prevent breaches and what other teams can do to emulate their success.

One particular area deserves a close look: unpatched enterprise software. The survey revealed that a majority of cyber-attack victims say their breaches could have been prevented by installing patches – and the survey also found that organizations can reduce their breach risk by 20% by scanning.

“I think the survey absolutely exposed that there’s a lot of low hanging fruit for adversaries,” says Huntington. “That’s said, the same low hanging fruit for those adversaries could be an opportunity for these organizations to make themselves more secure.”

“The patching paradox usually applies to a few things,” says Huntington. “So first of all, just throwing more resources at this problem doesn’t necessarily solve it when you take a prioritized approach. It also refers to the fact that sometimes the simplest and most basic countermeasures, while not the sexy work that everyone wants to be doing, they will actually provide the most risk reduction for the organization.”

“So if we can start to break down these siloes of process and ownership between IT and security, this will go a long ways towards unwinding this paradox,” he notes.

Sponsored by ServiceNow

A new global survey by Ponemon and ServiceNow of nearly 3,000 cybersecurity professionals reveals that more than half the companies have experienced a breach in the past year. Compounding this issue: the volume of cyberattacks continue to increase, and the industry is facing a shortage of qualified security pros.

But experts agree that hiring more people isn’t necessarily the answer to solving this cyber threat puzzle. In this session Bob Bragdon, Senior Vice President and Publisher of CSO, and Myke Lyons, Security Transformational Leader at ServiceNow, explore the answers.

Sponsored by ServiceNow

In the last two years, 48% of companies have experienced a data breach, and the severity and volume of cyberattacks continue to increase. A global survey of nearly 3,000 cybersecurity professionals shows that organizations can dramatically reduce the risk of being breached by improving end-to-end vulnerability response processes.

Listen and learn as Bob Bragdon, SVP and Publisher of CSO, talks with security professionals from ServiceNow about real technology answers to very real cyber security problems.

Sponsored by ServiceNow