poor collaboration.26 The upshot: system downtime, excessive labor costs, and .... Collaborative workflow processes that
SecOps Solutions Help Teams Address Critical Security Vulnerabilities
N
o company is immune from cyberattacks. As FBI director James Comey famously noted, there are now two kinds of big companies: those that have been hacked and those that don’t know they’ve been hacked.1 Security threats are a more serious and frequent problem than ever. As hackers demonstrate increasing sophistication, enterprises are bracing for the worst. At the annual Black Hat gathering of security professionals, 72% of the people responding to an attendee survey said it was likely that their organizations would suffer a major data breach in the next 12 months and 15% said they had “no doubt,” up from 13% last year.2 It’s one thing to say that your company could be a victim; it’s quite remarkable when the overwhelming majority has no doubt that they are destined to suffer a major security breach. That pessimistic view of the threat environment was consistent with the security worries expressed by many other business executives. Case in point: A whopping 97% of the executives polled in a recent BMC-Forbes Insights survey expected a rise in data breach attempts in the next 12 months, and 99% said they planned to invest more in security than they did in 2015. 3
Not only are the security challenges facing IT greater than ever but the price of failure is also climbing. Since 2013 the total cost of a data breach has increased 29%, to an average of $4 million per incident.4 The heightened threat landscape means that enterprises must learn to manage what Gartner describes as an “acceptable” level of digital risk. 5 There are new potential points of vulnerability: As organizations migrate data to the cloud, expand their deployment of mobile computing, and embrace the Internet of Things, security executives confront threat environments with more potential digital touchpoints to protect.
Mobile Mobile devices were, until recently, a negligible source of data breaches, with less than a 1% infection rate in 2015. 6 Looking back, that was the calm before the
storm. A year later, more than three-fifths of IT security professionals at Global 2000 companies believe that it is either certain or likely that their organizations has suffered a data breach related to the use of mobile devices. 7 Many device owners still fail to take basic steps to secure their devices with passwords, personal identification numbers, or pattern locks. 8 The risk is amplified by the growing popularity of bring-your-own-device, with employees using their personal devices for work. That presents a new calculus of worry, given that employees still constitute the weakest link in any defense. 9 Cybercriminals have taken due notice, with malicious code writers embedding malware into legitimate mobile applications. 10 Elsewhere, cybercriminals are targeting poorly secured Wi-Fi hotspots that aren’t under the control of network administrators. They steal passwords or erect rogue Wi-Fi access points that mimic the characteristics of trusted networks to dupe mobile users into connecting to their access points.
The Cloud The cloud has moved beyond the early-adopter phase, with more than 90% of organizations now using some form of cloud computing in their operations. The shift is particularly noticeable among large enterprises that were slower to embrace the cloud. As the cloud handles more of our data, it also presents a more visible target for cyberattackers. As information gets dispersed in hybrid environments that combine public clouds, private clouds, and on-premises systems, intruders are probing for vulnerabilities, using many of the same techniques they have employed successfully elsewhere to break into corporate networks. Attackers regularly test cloud security with exploits such as SQL injection flaws and spear-phishing campaigns, trying to take advantage of poor user security practices as well as network misconfigurations that result in badly designed APIs and interfaces.
A more recent wrinkle in cloud-related security stems from the practice of many departments of procuring hardware and software without explicit organizational approval. The popularity of “shadow IT” presents a formidable security challenge to CISOs and CIOs, who find out only after the fact—and only if they’re luckywhen new systems and solutions are being added. The risk is that attackers will exploit unauthorized products that have weak security controls to penetrate the corporate cloud.
The inspiration behind the attacks is random, although the intent is often to make a political or moral pointwitness the hack last year of the Ashley Madison website, which revealed personal user data identifying millions of would-be spousal cheaters. Hacktivists have also grown increasingly sophisticated. Case in point: a series of distributed denial-of-service attacks targeting banks around the world this past spring, which also marked the reappearance of the hacktivist group Anonymous. 17
SCOPE OF THE CURRENT THREAT ENVIRONMENT:
D. Malicious insiders: Both the FBI and the Department of Homeland Security warn that malicious insiders now pose a significant risk to business networks and their information. 18
The volume and types of cyberattacks have increased in scope and complexity, to the point where Internet crime has become a veritable growth industry. 12 Security executives responsible for protecting their organization’s data must now defend against a constellation of threats that include malware, ransomware, advanced persistent threats, theft of proprietary information, and insiders seeking to steal the organization’s digital crown jewels via unauthorized access to corporate data.
Threats and motivations: A. Cybercriminals and organized crime: Sophisticated criminals—domestic and foreign—have been attracted to cyberspace because that’s where the money is. Businesses nowadays face regular attacks by sophisticated criminal organizations that operate with the professionalism, discipline, and structure of legitimate enterprises. 13 Indeed, the sale of stolen intellectual property and other information on the black market constitutes a big and growing business. Economists estimate the annual cost of cyberattacks to the world economy at around $445 billion, or almost 1% of global income. 14 B. Nation-states: Proxies operating at the behest of nation-states are targeting enterprises as part of their sponsors’ information-gathering and espionage activities. 15 The attackers’ goals range from stealing intellectual property to disrupting a company’s computer networks to make political points, such as in the attack against Sony in 2014. 16 C. Hacktivists: Unlike the pranks and practical jokes that characterized the early years of hacktivism, the current generation of individuals or groups practicing hacktivism can inflict serious damage on their targets.
Indeed, insider crimes can be costlier or more damaging than outsider threats. 19 Motivated by revenge, politics, or financial gain, insiders may include employees, contractors, or vendors who have intimate knowledge of an organization and its systems—as well as the whereabouts of its most valuable information.
97 % of execs expect a rise in data breach attempts in the next 12 months.
99 % of execs plan to invest more in security in the next 12 months than they did in 2015.
Security Is Now Everyone’s Responsibility It wasn’t long ago that cybersecurity was the exclusive purview of the IT department. No longer. The mainstreaming of cybercrime tools and techniques puts new responsibilities on the entire enterprise to implement best practices. 20 That means it’s now up to CIOs and CISOs to manage the security of their digital assets with strategies that meet the enterprise’s overall business objectives while also promoting security as a shared corporate social responsibility. Forrester Research frames data security as a corporate social responsibility. Clearly, data security and privacy protection now rank as core business concerns and go to the heart of what it means to be a trusted brand rather than simply an organization that meets basic compliance obligations. Competitive impact: When discussing strategic objectives, organizations need to include security and customer data protection as chief priorities. Data breaches and regulatory audits following a compromise can affect a company’s reputation as well as its competitive ranking when customers, uneasy about a company’s ability to protect personal data, vote with their feet. 21
Current Tools, Processes, and Teams Still Fall Short Against a backdrop of rising attacks, the tools, processes, and teams tasked with protecting organizations aren’t keeping up with the challenges.
FAILURE TO FIX KNOWN ISSUES New vulnerabilities emerge literally each day, but organizations still lag in their patch implementation response times, according to the “Cisco 2016 Midyear Cybersecurity Report.” About half of all exploits now take place between 10 and 100 days after the vulnerability is published, with the median number estimated to be around 30 days, says the “Verizon 2016 Data Breach Investigations Report.” The failure to patch known vulnerabilities in a timely fashion—it takes an average of 193 days a patch to be installed that will fix known vulnerabilities—allows intruders to exploit the path of least resistance and attack unpatched vulnerabilities. Unfortunately, different priorities have led to poor
synchronization between Security and Operations, preventing agreement on which systems they ought to fix first. 22
ZOMBIES OPEN DOORS TO HACKERS By one estimate, there are as many as 10 million servers around the world that do little but consume electricity. 23 These so-called zombie servers aren’t just wasting billions of dollars in energy costs; left unattended or not kept up-to-date with the latest patches, they also offer backdoor entry points through which intruders can access company networks. For example, when cybercriminals hacked into J.P. Morgan in 2015 and stole information on more than 80 million account holders, they got in by exploiting a no updated server. 24
44% of executives say security breaches occur even when vulnerabilities and their remediation have already been identified
Among enterprises, 50% experience outages and poor performance in IT systems due to poorly applied security patches, further underscoring the poor collaboration between the security and operations departments. Their inability to prioritize and fix vulnerabilities is responsible for unnecessary downtime as well as lingering security vulnerabilities. 25
44% of executives say it takes their businesses weeks to fix high-impact vulnerabilities.
The Big Disconnect As they battle external threats, companies are also weighed down by bureaucratic silos that negatively affect integration and coordination between Security and Operations. In fact, some 60% of executives surveyed by BMC and Forbes Insights said that the two groups often have little understanding of the other’s requirements, an organizational obstacle that results in poor collaboration. 26 The upshot: system downtime, excessive labor costs, and challenges in meeting regulatory requirements and staying audit-ready. Although each is essential for the success of any organization, the responsibilities of two key stakeholders often have them working at cross-purposes to identify, remediate, and track vulnerabilities easily. Whereas Operations is focused on maintaining the productivity and competitiveness of the enterprise, the security team’s prime directive is to do whatever is possible to keep the organization safe from attack. Even though the security team provides overall security policies and compliance terms, it doesn’t have the authority to implement the steps needed to address the issues across the organizations. Although it may seem to think it is “done” once it has highlighted the problem or opened a ticket, the reality is that the work is really just beginning at that point. The challenge is made that much steeper by the fact that the groups are stuck on opposite sides of what we describe as the SecOps gap, driven by competing priorities and tech tools that don’t mesh. Operations teams are responsible primarily for uptime and stability. But when Operations receives information from its Security counterparts, it frequently lacks the automation or the context needed to take or prioritize action to meet the demands of the business. Logjams result when reports arrive that were composed for use by the security team, not Operations. If a multithousand-line report is organized by IP address, Operations can’t do anything with it if that department doesn’t track IP addresses. Even if it is able to read the report, Operations is still left to manually hunt down the common vulnerabilities and exposures (CVEs) or fixes and then manually set them up to deploy. How bad does it get? This manual effort and the lack of coordination lead to huge time losses, and the hackers take advantage.
It takes
193 days on average, to resolve a known vulnerability.
IMPACTS ON THE ORGANIZATION Poor coordination between Security and Operations has ripple effects throughout the rest of the organization. In the survey by BMC and Forbes Insights, 34% of the responding North American executives and 54% of the European respondents said that it takes weeks to resolve a “high-impact vulnerability” in applications or operating systems once a patch becomes available. In more than one-third of the cases, delays occurred during attempts to prioritize which systems should be addressed first.
DISJOINTED EXECUTION Organizations need better visibility to prioritize critical issues so they can confidently protect customers. At first blush, that seems straightforward and unremarkable. But the lack of integration between Security and Operations makes this anything but easy. What may seem like a high priority to security executives may not be viewed that same way by the operations team, where the focus is on uptime and performance. The organizational disconnect also has ramifications in other areas of corporate performance, particularly when it comes to regulatory compliance. The failure to align around a set of common compliance objectives creates blind spots, overlap, and duplicative efforts. Most organizations are forced into a stream of manual processes or tools that aren’t built for the problem. This leaves them frustrated to the point that they just give up because they can’t keep up with the volume, complexity, and scale.
Penalties for Failing to Avoid Data Breaches The lack of integration and coordination between Security and Operations leaves enterprises open to security risks, including the theft of IP, financial losses, compromised customer data, damaged reputation, and regulatory sanctions. Federal and state laws governing data privacy exact severe penalties on organizations that fail to implement appropriate data security measures. 27
security and operations teams to understand what is in their environments at any given time. That’s no easy task. Given the myriad of new security and regulatory compliance demands on their IT infrastructure, the job of putting in place controls governing this changing set of policies can prove overwhelming. That’s where enterprises need an automated SecOps solution that offers effective compliance controls, rapid remediation, and blind spot detection.
Cybersecurity has become a business issue that now demands active involvement from the top management of an organization. When data breaches occur, the failure to protect the information of the company and its customers can cause CIOs, CISOs, and even CEOs to lose their jobs. 28
60%
Repairing the SecOps Gap
59%
The absence of integration between Security and Operations comes at the very worst time and has created a veritable SecOps gap that handicaps an organization’s ability to defend itself in today’s elevated security threat environment. Enterprises have a tough enough job identifying, remediating, and tracking vulnerabilities easily. Their task is made unnecessarily harder when there are clashing priorities, tools that fail to mesh well, and too little technology automation. Instead of working at cross-purposes, Security and Operations can merge heretofore disconnected initiatives into a unified process that fosters close alignment that pays dividends for both teams—from accelerating the process of vulnerability resolution to reducing the costs of remediation.
AUTOMATION CAN ADDRESS THE PROBLEM The biggest risks facing companies are the things they don’t know about—and they need to be addressed to reduce the unknown risk of blind spots. Organizations have a limited ability to take action and fix vulnerabilities if they don’t possess scalable processes and contextualized information. What’s more, they will be hardpressed to know whether they are indeed fixing the most important problems if they can’t prioritize risks. There is no shortage of unknowns in this era of digital transformation, stepping up the pressure on both the
of the survey respondents wanted tools for automating corrective actions, and
wanted a centralized view into vulnerabilities and remediation actions.
Conclusion Collaborative workflow processes that eliminate friction and misalignments between the security and operations teams sharply lower the risk of data loss and operational downtime. Now, more than ever, enterprises can advance their overall business agenda by closing the SecOps gap and minimizing communications breakdowns that leave organizations vulnerable to cyberattacks. As the industry’s SecOps leader, BMC offers technology solutions that offer security teams visibility into operational plans while providing operations with an actionable view of threat information based on risk level. • Learn how automation can close the SecOps gap. • See BMC BladeLogic Threat Director in action.
Additional Reading Here is an excerpt from the Voke Research Solution Snapshot™ report: BMC SecOps Solutions.
Market Context Each day security breaches have a profound impact on the way a business interacts with its customers. When the news of a security breach breaks, businesses are immediately thrown into crisis management mode. In many cases, hacker access company systems months before breaches get identified, confirmed, and reported. This problem of delayed acknowledgment of a hacker entering into a system is a costly endeavor. More importantly, and ultimately costlier, it is taking excessive amounts of time to remediate a known vulnerability. The gap between IT security and IT operations widens each time a known vulnerability is not remediated in a timely and business-oriented fashion.
Both the IT security and IT operations teams are responsible for protecting the IT infrastructure. But their defined goals for carrying out their respective roles can come into conflict.
Surprisingly, most security vulnerabilities are known and have published patches; however, the patches are not always installed in timely fashion. Attackers know this and will exploit unpatched, known vulnerabilities, to harm your business and brand while threatening the privacy, health, or safety of your customers. Both the IT security and IT operations teams are responsible for protecting the IT infrastructure. But their defined goals for carrying out their respective roles can come into conflict.
The IT security team runs scans for vulnerabilities and provides overall security policy, compliance, and governance terms. While the IT security team highlights the issues, the ownership of implementation to address the issues is the responsibility of IT operations. The IT security team may or may not understand the operational impact of these policies, compliance, and governance terms. Meanwhile, the IT infrastructure is dynamically managed by IT operations teams to meet the demands of high availability for productivity against the ever-present risk of failure. IT operations, which constitutes the first line of defense in a security breach, is also the first team responsible for system stability and uptime. Hence the conundrum that IT security and IT operations teams face: How will IT operations know what to do with the recommendations from the IT security team? And how will the IT security team understand the operational impact of what the IT operations team does or does not do? It’s up to CIOs and CISOs to sort this out and eradicate the isolation and contention between the departments. Strong executive leadership can ensure collaboration between IT security and IT operations by leveraging automation to proactively protect the IT infrastructure. Organizations must use processes and technology to unite the IT security and IT operations teams with more focus on collaboration and visibility, while allowing the IT operations team to take a more active role in IT security. But this gets complicated. Opening the ticket is only the beginning of the problem resolution path to remediating security vulnerabilities. While IT security and IT operations teams remain independent of one another, they still must find ways to cooperate.
Strong executive leadership can ensure collaboration between IT security and IT operations by leveraging automation to proactively protect the IT infrastructure.
IT Complexity IT security and IT operations usually function in isolated silos. Elements of the gap that exists between the two teams include: • Lack of process integration • Lack of automation to quickly implement recommended patches • Conflicting priorities between the two teams (i.e., governance vs. stability and uptime) • Lack of insight between IT security and IT operations regarding a pipeline of planned patches • Lack of collaboration to make systems more reliable and predictable in order to achieve better business outcomes Poor handoffs between IT security and IT operations on vulnerability information • Lack of understanding between IT security and IT operations on initiatives and requirements of each team Lack of coordinated efforts to create a path to operationalize security While both IT security and IT operations perform discrete functions as they relate to the systems and software, the two teams must no longer work in isolation. Each team must retain independence but work towards operationalizing security for the betterment of the business. The call for both teams to work together and eliminate the persistent gap is not an option. It is a necessity. But too often teams are isolated from one another and do not have clear lines of communication with insight into the results of actions conducted by the teams. Because of this isolated approach to overall security, attackers are able to take a path of least resistance and exploit vulnerabilities that have languished for months or years.
BMC Rolls Out Modern Solutions Enough businesses have been damaged by security breaches that, in hindsight, were preventable. Enough individuals have been victims of hacks. It is now time for IT security and IT operations to heed the needs of the business and work together to solve the technical problems presented by ongoing security threats and vulnerabilities. Often, hackers have been found to lurk in systems for months or years before an actual attack was identified
and made public. These scenarios are the stuff of dreams for nefarious hackers and yet enterprises have a “why bother” attitude of coordinated IT security and believe that an attack is simply a matter of time.
Two types of enterprises exist—those that know a security vulnerability has been exploited and those that do not know that a security vulnerability has been exploited.
Too frequently IT security becomes a top priority only when an enterprise experiences a damaging security breach. This cycle will continue to play out unless there is a concerted effort by IT security and IT operations to change their behaviors to be more proactive and focus on ensuring secure operations. Two types of enterprises exist—those that know a security vulnerability has been exploited and those that do not know that a security vulnerability has been exploited. It is up to the IT operations teams of every enterprise to know and communicate this status. Unfortunately, in most enterprises today, the classic finger-pointing of IT security and IT operations is a reality. It is safe to say that IT operations does not understand the intricacies of what IT security does, And, IT security does not understand the intricacies of what IT operations does. This is not a fault of one team or the other. It is simply two distinct professional teams with different roles for achieving the same goal. IT security and IT operations must work more closely together to maintain secure operations. Enterprise organizations must set a mandate to operationalize security from the C-level to mitigate the business risk of security threats and vulnerabilities. Adopting solutions such as BMC’s BladeLogic Server Automation, BladeLogic Network Automation, and BladeLogic Threat Director will help solve technical
problems and form a well-coordinated offensive approach to solving ever-present security threats and vulnerabilities.
Here are highlights of how the products work together to achieve a unified attack on security threats and vulnerabilities.
Solutions that are purpose-built for operationalizing security allows more visibility into the role of IT security and IT operations. Hackers are aggressive, intrusive, and invasive unwanted guests. Enterprises must combat the criminal vigorously, actively, and boldly to protect the business. Solutions such as BMC SecOps will help organizations defeat 21st century enemies.
1. Compliance Digital initiatives are forcing enterprises to conduct business in new ways and consequently exposing enterprises to new and unique security and risk challenges. These new ways of conducting business bring the need for advanced security and regulatory compliance protection and enforcement. Failure to adequately enforce and protect these complex regulatory standards results in damaging business consequences.
Solution Overview BMC’s BladeLogic Server Automation, BladeLogic Network Automation, and BladeLogic Threat Director (released in April 2016) are the company’s product offerings to bring a better approach for IT security and IT operations teams to work together. Joint accountability between the teams is critical in order to deliver a unified and coordinated security approach for physical or virtual IT infrastructure assets in the traditional data center or in the cloud. Since its founding in 1980, BMC has been a trusted and reliable partner to enterprise IT operations professionals. BladeLogic Server Automation, BladeLogic Network Automation, and BladeLogic Threat Director work in combination to help enterprise IT teams automatically link security vulnerabilities to identified patches and create the attack plan to deploy countermeasures on demand. Solving this technical problem with a purposebuilt solution mitigates the business risk associated with security threats and vulnerabilities.
BMC has an offering they describe as “vigilant, precise, and relentless automation in the pursuit of security for the digital era.”
BMC positions the combined offering of BladeLogic Server Automation, BladeLogic Network Automation, and BladeLogic Threat Director as “vigilant, precise, and relentless automation in pursuit of security for the digital era”.
BMC products work in concert to achieve an “auditready” state at all times through vigilant compliance. The “audit-ready” state is critical to protecting data security and privacy and means that time to create reports or prove compliance is reduced, while allowing IT operations professionals to engage in more meaningful work. 2. Precise Threat Analysis Getting the right information to the right people at the right time about a security threat or vulnerability is critical in avoiding security incidents. Precision in gathering the correct information means that the business is protected because threats are prioritized and attack plans are based on needs and parameters of the business. BMC products work together to deliver precise threat analysis to: Identify and target the most vulnerable systems Isolate what to remediate and how to remediate it Provide current and up-to-date status for the entire environment This means that both IT security and IT operations teams have the same information to work with to address threats and close the window of risk. 3. Remediation The biggest and most intellectually challenging problem IT operations professionals deal with is how to keep everything running at an acceptable performance level while reducing the attack surface. IT operations professionals live in a dual state—a proactive state of maintaining productivity of systems and a reactive state of patching and fixing when a security vulnerability is identified. IT operations professionals must be able to be proactive in both states. That means that the resolution of security threats and vulnerabilities must be accelerated while protecting uptime.
SECURITY INCIDENTS MUST BE AVOIDED. BMC PRODUCTS WORK TOGETHER TO: • Provide security hardening (e.g., reducing the attack surface) • Prevent threats from becoming breach entry points • Balance operations requirements of availability and capacity with the needs of security • Understand threat reports from different providers • Optimize maintenance windows • Improve response times
The value of the BMC product offerings of BladeLogic Server Automation, BladeLogic Network Automation, and BladeLogic Threat Director is twofold: 1. For IT security, the solutions provide a dashboard with a real-time view into the plans and service level agreements (SLAs) of the IT operations team. 2. For IT operations, the solutions deliver prescriptive and actionable data to address security threats and vulnerabilities based on perceived impact and policy. The solutions deliver the ability to automatically link vulnerabilities to identified patches and create the offensive attack plan to deploy countermeasures on demand and eliminate the gap between IT security and IT operations.
Addressing the Gaps Up until now this problem of eliminating the gap between IT security and IT operations has not been addressed. Enterprises use a variety of security tools that are essential to the protection of today’s complex enterprise software, systems, and infrastructure.
The enterprise must be in an offensive position … so that the hacker cannot and does not want to exploit.
All of these types of tools are defensive in nature and work incredibly well as a line of defense to detect security threats and vulnerabilities. At some point, the enterprise must be in an offensive position to create an environment that the hacker cannot exploit and does not want to exploit. BMC has figured out how to make it easy to take defensive data from vulnerability scans and use it for offensive purposes to automatically remediate security vulnerabilities. Because of its history with IT operations, BMC is aware of the struggles faced by IT operations teams that must make business critical decisions about security. This approach is strategic—be inhospitable to hackers by not letting them in at the outset. BMC products are purpose-built for IT security and IT operations teams to deliver an offensive approach through automation by avoiding, remediating, and identifying security threats and vulnerabilities that have the potential to harm the business. The ability of a solution to remediate the security threat or vulnerability is the difference between knowing there is a problem and knowing there is a problem that is solvable. BMC’s BladeLogic Server Automation and BladeLogic Network Automation are able to take vulnerability scan data as input and deliver remediation through automation. Vulnerability scanning is exposing a problem but knowing what to do with that data is solving the problem. Enterprises need to have the problem solved.
READ THE FULL REPORT
Additional Video View the Web series: Hacker Hierarchy: BMC and GuidePoint Security Present a Hack and Defend Demo • Hacker Breaches the Perimeter • Hacker goes for Gooey Center • Hacker goes for the Crown Jewels
Footnotes 1 FBI’s James Comey accuses China of hacking into every major American company 2 72% of Black Hat Attendees Expect To Be Hit By ‘Major’ Data Breach Within A Year 3 IT compliance and security: SecOps 4 2016 Cost of Data Breach Study: Global Analysis 5 Gartner Says By 2020, 60 Percent of Digital Businesses Will Suffer Major Service Failures Due to the Inability of IT Security Teams to Manage Digital Risk 6 Verizon DBIR: Mobile Devices Not A Factor In Real-World Attacks 7 Mobile risk is a real number 8 Most Americans don’t secure their smartphones 9 Employees Are the Weakest Link in Computer Security
19 PwC’s 2014 U.S. State of Cybercrime Survey 20 Markets for Cybercrime Tools and Stolen Data 21 Target data breach has lingering effect on customer service, reputation scores 22 IT Security and Operations Survey the Game Plan for Closing the SecOps Gap 23 Zombie Servers: They’re Here and Doing Nothing but Burning Energy 24 Neglected Server Provided Entry for JPMorgan Hackers 25 A Game Plan for Closing the SecOps Gap: Coordinate Security and Operations Staffs to Improve Security, Uptime and Compliance 26 IT Security and Operations Survey the Game Plan for Closing the SecOps Gap
10 Check Point Research Reveals Threat of Mobile Malware Persists as Attacks Targeting iOS Devices Increase
27 Data security laws and penalties: Pay IT now or pay out later
11 Cyberattacks move to cloud with increased adoption
28 14 Security Fails That Cost Executives Their Jobs
12 PwC Study: Biggest Increase in Cyberattacks in Over 10 Years 13 Cybercrime: Much more organized 14 Center for Strategic and International Studies: Cybercrime and espionage costs $445 billion annually 15 McAfee 2016 Threat Predictions 16 What caused the Sony hack 17 Anonymous’ Op Icarus campaign targets banks worldwide 18 Increase in Insider Threat Cases Highlight Significant Risks to Business Networks and Proprietary Information
