SYS-CON MEDIA Authors: Pat Romanski, Sean Houghton, Glenn Rossman, Ignacio M. Llorente, Xenia von Wedel

News Feed Item

NTT Innovation Institute Announces the Availability of the 2014 Global Threat Intelligence Report

Analysis of Three Billion Attacks in 2013 Reveals SQL Injections Cost $196,000 and Anti-Virus Solutions Fail More Than Half the Time

PALO ALTO, CA -- (Marketwired) -- 03/27/14 -- NTT Innovation Institute (NTT I3) is pleased to announce the release of the 2014 NTT Group Global Threat Intelligence Report (GTIR). The report focuses on five critical areas of security: threat avoidance, threat response, threat detection, investigative and response capabilities. A key portion of the report is dedicated to business and security leaders concerned with balancing cost and risk. Recommendations and strategies for minimizing the impact of threats and reducing the threat mitigation timeline are conveyed in multiple charts and real-world case studies.

The primary goal of the NTT Group GTIR is to raise awareness with C-level executives and security professionals alike that when the basics of security are done right, it can be enough to mitigate and even avoid the high-profile security and data breaches. We believe information security should be a strategic imperative that is an effective mix of threat avoidance, threat detection and threat response.

The NTT Group GTIR uses real-world case studies of several security incidents and provides recommendations for minimizing the impact of threats through easy to understand strategies and charts. We have also included our research on several Distributed Denial of Service (DDoS) attacks, malware attacks and the latest botnet activity.

Other key findings in the 2014 GTIR include:

  • Cost for a "minor" SQL injection attack exceeds $196,000 - Organizations must realize the true cost of an incident and learn how a small investment could reduce losses by almost 95 percent.
  • Anti-virus fails to detect 54 percent of new malware collected by honeypots - Additionally, 71 percent of new malware collected from sandboxes was also undetected by over 40 different anti-virus solutions. This supports the premise that simple endpoint solutions must be augmented with network malware detection and purpose-built solutions.
  • 43 percent of incident response engagements were the result of malware - Missing anti-virus, anti-malware and effective lifecycle management of these basic controls were key factors in a significant portion of these engagements. Read the "Administrator Releases a Worm" case study to see how it cost one organization $109,000.
  • Botnet activity takes an overwhelming lead at 34 percent of events observed - Almost 50 percent of botnet activity detected in 2013 originated from U.S. based addresses. The fact that healthcare, technology and finance account for 60 percent of observed botnet activity reflects the information worker burden that accompanies these industries.
  • PCI assessed organizations are better at addressing perimeter vulnerabilities - Organizations performing quarterly external PCI Authorized Scanning Vendor (ASV) assessments have a more secure vulnerability profile, as well as a faster remediation time (27 percent), than organizations performing unregulated assessments.
  • Healthcare has observed a 13 percent increase in botnet activity - Due to increased reliance on interconnected systems for the exchange and monitoring of health related data, more systems are potentially affected by malware.

The GTIR was developed using threat intelligence and attack data from the NTT Group companies -- Solutionary, NTT Com Security, Dimension Data, NTT Data and support from NTT R&D. The key findings in the GTIR are a result of the analysis of approximately three billion worldwide attacks over the course of 2013. The data analyzed for this report was collected from sixteen Security Operations Centers (SOC) and seven R&D centers with more than 1,300 NTT security experts and researchers from around the world.

"The report represents the culmination of months of research from our world-renowned experts and it strives to provide C-level executives and IT departments a platform to come together and discuss the foundation of their security programs in a way that benefits enterprises in today's Digital Economy," said NTT Innovation Institute CEO Srini Koushik, "The 2014 NTT Group GTIR describes the evolving global threat landscape and underscores the importance of doing the basics right. It also backs it up with real-world case studies and actionable insights for the security practitioners and succinct enough for the Fortune 100 CEO."

To access the full report, please visit: www.nttgroupsecurity.com

About NTT I3
NTT Innovation Institute, Inc., (NTT I3) is the Silicon Valley-based open innovation and applied research and development center of NTT Group. The institute works closely with NTT operating companies and their customers around the world to develop market-driven, customer-focused solutions and services. NTT I3 builds on the vast intellectual capital base of NTT Group, which invests more than $3.5 billion a year in R&D. NTT I3 and its world-class scientists and engineers partner with prominent technology companies and start-ups, to deliver market-leading solutions that span strategy, business applications, data and infrastructure.

To learn more about NTT I3, please visit us at www.ntti3.com.

Media Contact
Dave Murray
(408) 677-5310
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
AppZero has announced that its award-winning application migration software is now fully qualified within the Microsoft Azure Certified program. AppZero has undergone extensive technical evaluation with Microsoft Corp., earning its designation as Microsoft Azure Certified. As a result of AppZero's work with Microsoft, customers are able to easily find, purchase and deploy AppZero from the Azure Marketplace. With just a few clicks, users have an Azure-based solution for moving applications to the...
The BPM world is going through some evolution or changes where traditional business process management solutions really have nowhere to go in terms of development of the road map. In this demo at 15th Cloud Expo, Kyle Hansen, Director of Professional Services at AgilePoint, shows AgilePoint’s unique approach to dealing with this market circumstance by developing a rapid application composition or development framework.
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
The cloud is becoming the de-facto way for enterprises to leverage common infrastructure while innovating and one of the biggest obstacles facing public cloud computing is security. In his session at 15th Cloud Expo, Jeff Aliber, a global marketing executive at Verizon, discussed how the best place for web security is in the cloud. Benefits include: Functions as the first layer of defense Easy operation –CNAME change Implement an integrated solution Best architecture for addressing network-l...
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
SYS-CON Media announced today that Aruna Ravichandran, VP of Marketing, Application Performance Management and DevOps at CA Technologies, has joined DevOps Journal’s authors. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Aruna's inaugural article "Four Essential Cultural Hacks for DevOps Newbies" discusses how to demonstrate the...
“In the past year we've seen a lot of stabilization of WebRTC. You can now use it in production with a far greater degree of certainty. A lot of the real developments in the past year have been in things like the data channel, which will enable a whole new type of application," explained Peter Dunkley, Technical Director at Acision, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The move in recent years to cloud computing services and architectures has added significant pace to the application development and deployment environment. When enterprise IT can spin up large computing instances in just minutes, developers can also design and deploy in small time frames that were unimaginable a few years ago. The consequent move toward lean, agile, and fast development leads to the need for the development and operations sides to work very closely together. Thus, DevOps become...
“We help people build clusters, in the classical sense of the cluster. We help people put a full stack on top of every single one of those machines. We do the full bare metal install," explained Greg Bruno, Vice President of Engineering and co-founder of StackIQ, in this SYS-CON.tv interview at 15th Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...

ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's

SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...