information security incidents survey in russia
TRANSCRIPT
![Page 1: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/1.jpg)
![Page 2: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/2.jpg)
Information Security Incidents Survey in Russia
![Page 3: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/3.jpg)
Survey among the largest companies - Top 100
Number of company’s hosts
Source: Posi,ve Research Center, Survey among CISOs of Top 100 companies, May 2014
![Page 4: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/4.jpg)
Industries in the Survey
![Page 5: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/5.jpg)
Did you have information security incidents in 2013?
All the companies had such incidents.
58% of all incidents affected the availability of internal infrastructure or services.
![Page 6: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/6.jpg)
Incident types
![Page 7: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/7.jpg)
Which threats are the most dangerous?
![Page 8: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/8.jpg)
In fact …
• 2 vulners – to hack a corporate network’s perimeter
• 2 steps (2013) vs 3 steps (2012)
• 82% successful aQack – low aQacker qualifica,on
• 100% -‐ control cri,cal resources from internal network (83% -‐ 2012)
![Page 9: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/9.jpg)
Critical vulnerabilities fixing time
![Page 10: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/10.jpg)
In fact … • 57% system -‐ cri,cal vulnerabili,es (unpatched soWware)
• 57% -‐ 2013 vs 45% -‐ 2012
• 32 month -‐ average age of uninstall updates
• Absolute Champion – nine-‐year-‐old vulnerability (CVE-‐2004-‐0790)
![Page 11: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/11.jpg)
First-priority problems
![Page 12: Information Security Incidents Survey in Russia](https://reader034.vdocuments.us/reader034/viewer/2022052619/5551a7ebb4c9053c488b4fd0/html5/thumbnails/12.jpg)