Ponemon Institute is pleased to present the findings of Assessing the DNS Security Risk, sponsored by Infoblox. The purpose of this study is to understand the ability of organizations to assess and mitigate DNS risks. As part of the research, an online index has been created to provide a global measure of organizations’ exposure to DNS security risks and assist them in their response to DNS security risks.

Measuring & Managing the Cyber Risks to Business Operations, which was sponsored by Tenable and conducted by Ponemon Institute, reveals global trends in how organizations are assessing and addressing cybersecurity risks. We conclude from the findings that current approaches to understanding cyber risks to business operations are failing to help organizations minimize and mitigate threats. We surveyed 2,410 IT and IT security practitioners in the United States, United Kingdom, Germany, Australia, Mexico and Japan. All respondents have involvement in the evaluation and/or management of investments in cybersecurity solutions within their organizations. The consolidated global findings are presented in this report.

Security automation architecture can improve organizations’ security posture by augmenting or replacing human intervention in the identification and containment of cyber exploits or breaches through the use of such technologies as artificial intelligence, machine learning, analytics and orchestration. Sponsored by Juniper, the purpose of this research is to understand the challenges companies face when deciding how, when and where to implement the right automation capabilities in order to improve productivity, reduce costs, scale to support cloud deployments and ultimately strengthen the security posture of the business. Ponemon Institute surveyed 1,859 IT and IT security practitioners in Germany, France, the United Kingdom and the United States. All participants in this research are in organizations that presently deploy or plan to deploy security automation tools or applications and are familiar with their organizations use of security automation and have some responsibility for evaluating and/or selecting security automation technologies and vendors.

Ponemon Institute is pleased to present the results of The 2018 State of Cybersecurity in Small and Medium Size Businesses sponsored by Keeper Security. The goal of this study is to track how small and medium size companies address the same threats faced by larger companies. This report features the findings from 2018 and 2017.

The purpose of this research, sponsored by Lookout, is to understand the value of the data we access and store on our mobile devices and if we are doing enough to protect that data.

This year’s study reveals the increasing risk of noncompliance with new global privacy and data protection regulations. Another important trend over the past three years is IT security’s continuing loss of control over cloud security practices and budget.

From the report, “We are pleased to present the findings of The Rise of Ransomware, sponsored by Carbonite, a report on how organizations are preparing for and dealing with ransomware infections. We surveyed 618 individuals in small to medium-sized organizations who have responsibility for containing ransomware infections within their organization.”

This report deals with the state of cybersecurity in small and medium-sized businesses. To develop this research, they surveyed 598 individuals in companies with a headcount from less than 100 to 1,000.

Ponemon Institute is pleased to present the findings of the 2018 Global Study on The State Application Security sponsored by Arxan Technologies. We surveyed 1,399 IT and IT security practitioners in the United States, European Union and Asia-Pacific to understand the risk unprotected applications pose to businesses when running in unsecured environments and how they are addressing this risk in practice.

The purpose of the research, in this report, is to understand how organizations qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident.

IBM Security and Ponemon Institute are pleased to release the 2018 Cost of Data Breach Study: Global Overview1. They conducted interviews with more than 2,200 IT, data protection, and compliance professionals from 477 companies that have experienced a data breach over the past 12 months. According to the findings, data breaches continue to be costlier and result in more consumer records being lost or stolen, year after year.

This global study examines 383 companies in 12 countries. It finds that $4 million is the average total cost of a data breach. It sees a 29% increase in total costs of data breaches since 2013. It finds that $158 is the average cost per lost or stolen record. Finally, there has been a 15% increase in per capita cost since 2013.

The purpose of this research is to examine trends in the benefits of threat intelligence and the challenges companies face when integrating threat intelligence with existing security platforms and technologies.

This year’s study examines the costs incurred by 62 U.S. companies in 16 industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims as required by various laws. It is important to note the costs presented in this research are not hypothetical, but are from actual data loss incidents. They are based upon cost estimates provided by individuals, interviewed over a ten-month period in the companies that are represented in this research

IBM Resilient and Ponemon Institute are pleased to release the findings of the study on the importance of cyber resilience for a strong security posture. We surveyed more than 413 IT and IT security professionals in the UK1, Only 25 percent of respondents say their organisation has a high level of cyber resilience. According to the findings, 71 percent of respondents believe their organisation is not prepared to recover from cyber attacks.

In this report, they examine two factors that affected the financial consequences of a data breach. The first is executive involvement in their organization’s IT security strategy and response to data breaches. The second is the purchase of cyber insurance to mitigate the cost of a data breach.

Sponsored by Valimail, Email Impersonation Attacks: A Clear & Present Danger, was conducted by Ponemon Institute to understand the challenges organizations face to protect end-users from email threats, such as impersonation attacks.

A key takeaway from this research is that accountability for managing third party risk is dispersed throughout the organization. Not having one person or function with ownership of the risk is a serious barrier to achieving an effective third part risk management program.

From the report, “Cyber attacks are a reality for all organizations. In this year’s cost of cyber crime research they focus on the importance of thriving and innovating while simultaneously reducing the financial and reputational consequences of a cyber attack. An important finding of this research is that a high security profile, as determined by the deployment of specific practices and technologies, will support business innovation and reduce the cost of cyber crime.”

The purpose of this research is to examine how the use of encryption has evolved over the past 11 years and the impact of this technology on the security posture of organizations. The first encryption trends study was conducted in 2005 for a US sample of respondents.3 Since then we have expanded the scope of the research to include respondents in all regions of the world.

This paper was written to understand understand how organizations qualify and quantify the financial risk to their tangible and intangible assets in the event of a network privacy or security incident.