|By Business Wire||
|June 25, 2014 03:01 AM EDT||
Tripwire, Inc., a leading global provider of risk-based security and compliance management solutions, today announced the results of a retail cybersecurity survey conducted by Dimensional Research and sponsored by Tripwire. The survey evaluated the attitudes of 154 retail organizations on a variety of cybersecurity topics.
Industry research indicates most breaches go undiscovered for weeks, months or even longer. The 2014 Trustwave Global Security Report reveals that retail is the top target for cybercriminals, comprising 35 percent of the attacks studied. The Mandiant 2014 Threat Report indicates that the average time required to detect breaches was 229 days. The report also states that the number of firms that detected their own breaches dropped from 37 percent in 2012 to 33 percent in 2013. The 2014 Verizon Data Breach Investigations Report indicates that 85 percent of point-of-sale intrusions took weeks to discover, and 43 percent of web application attacks took months to detect.
Despite these findings, U.S. retail firms are confident in their ability to detect data breaches, according to the Tripwire survey. When asked how quickly their organizations would detect a breach, 42 percent said it would take 48 hours, 18 percent said it would take 72 hours, and 11 percent said it would take a week.
Thirty-five percent of respondents were “very confident,” while 47 percent were “somewhat confident” that their security controls could detect rogue applications such as those used to exfiltrate data during data breaches.
“I always say that trust is not a control, and hope is not a strategy,” said Dwayne Melancon, chief technology officer for Tripwire. “Unfortunately, this data suggests that a lot of retailers are far too hopeful about their own cybersecurity capabilities. Despite ample historical evidence that most breaches go undiscovered for months, there is clearly a significant disconnect between perception and reality, even though the repercussions for failing to meet the required level of rigor around cybersecurity has led to the recent removal of retail executives and board members.”
Other key findings include:
- 70 percent of respondents said that the recent Target breach has affected the level of attention executives give to security in their organizations.
- Online-only retailers were less concerned with the Target breach; only 57 percent said it has increased the level of executive attention.
- 26 percent of respondents don’t evaluate the security of business partners, such as HVAC contractors who were implicated in the Target breach.
Melancon continued: “On the bright side, recent events have led to higher-level conversations about information security in the retail sector. This is a prime opportunity for retail information security executives to educate their nontechnical peers, advocate for resources and make substantive progress toward better information security.”
For more information about the survey please visit: http://www.tripwire.com/company/research/us-retail-survey/.
Tripwire is a leading global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business. Tripwire provides the broadest set of foundational security controls including security configuration management, vulnerability management, file integrity monitoring, log and event management. Tripwire solutions deliver unprecedented visibility, business context and security business intelligence allowing extended enterprises to protect sensitive data from breaches, vulnerabilities, and threats. Learn more at www.tripwire.com, get security news, trends and insights at our award winning blog http://www.tripwire.com/state-of-security/ or follow us on Twitter @TripwireInc.
The Internet of Things is tied together with a thin strand that is known as time. Coincidentally, at the core of nearly all data analytics is a timestamp. When working with time series data there are a few core principles that everyone should consider, especially across datasets where time is the common boundary. In his session at Internet of @ThingsExpo, Jim Scott, Director of Enterprise Strategy & Architecture at MapR Technologies, discussed single-value, geo-spatial, and log time series dat...
Jan. 31, 2015 05:45 AM EST Reads: 3,195
15th Cloud Expo, which took place Nov. 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA, expanded the conference content of @ThingsExpo, Big Data Expo, and DevOps Summit to include two developer events. IBM held a Bluemix Developer Playground on November 5 and ElasticBox held a Hackathon on November 6. Both events took place on the expo floor. The Bluemix Developer Playground, for developers of all levels, highlighted the ease of use of Bluemix, its services and functionalit...
Jan. 31, 2015 05:30 AM EST Reads: 2,866
Jan. 31, 2015 05:00 AM EST Reads: 2,905
Jan. 31, 2015 04:30 AM EST Reads: 3,480
Jan. 31, 2015 03:45 AM EST Reads: 1,669
Jan. 31, 2015 03:15 AM EST Reads: 1,948
Jan. 31, 2015 03:00 AM EST Reads: 3,498
Jan. 31, 2015 02:00 AM EST Reads: 8,092
Jan. 31, 2015 02:00 AM EST Reads: 3,099
Jan. 31, 2015 01:00 AM EST Reads: 2,951
Jan. 31, 2015 01:00 AM EST Reads: 2,846
Jan. 31, 2015 12:30 AM EST Reads: 3,096
Jan. 30, 2015 11:45 PM EST Reads: 2,665
Jan. 30, 2015 11:00 PM EST Reads: 3,764
Jan. 30, 2015 10:00 PM EST Reads: 2,884