50+ facts about state of cybersecurity in 2015

MarcosOrtiz(@marcosluis2186)

50+ facts about State of

#CyberSecurity in 2015

AGENDA

This is just a compendiumof the main facts, numbers and

statsof CyberSecurity Industry

The facts are focused in 4Sectors:

Mobile

Cloud

Security

Network Security

Internet of Things

GENERALFACTS

TheworldwideCyberSecuritymarketisdefinedby

marketsizingestimatesthatrangefrom$71billionin

2014to$155+billionby2019.

CyberSecurityMarketReportQ22015[1]

Nextgenerationcybersecurityspendingcould

reach$15billionto$20billion

inthenext3years.


Globalspendingonmobileandnetworksecurity

estimatedat$11billionannually,andgrowing.


CybercrimewillcostBusinesses

over$2Trillionby2019

JuniperResearch'sTheFutureofCybercrime&Security:FinancialandCorporateThreats&Mitigation[2]

Crimeinvolvingcomputersandnetworkshascosttheworldeconomy

morethan$445billionannually,accordingtoa2014reportbythe

CenterforStrategicandInternationalStudies.CyberSecurityMarketReportQ22015[1]

Demandfor(U.S.)informationsecurityprofessionals

isexpectedtogrowby53%through

2018.


APACspendingoncriticalinfrastructuresecurityissettohit$22billion(USD)

by2020


ABIResearchcalculatesCyberSecurityspendingforhealthcareprotection

willonlyreach$10billiongloballyby2020,justunder

10%oftotalspendoncriticalinfrastructuresecurity.


AccordingtoCBInsights,inthelast5years,

$7.3billionhasbeeninvestedinto1,208privateCyberSecuritystartups.

CBInsights[3]

Insummary,basedonmyyearsofexperienceinthefieldofTelecommunicationsandCyberSecurity,

Iseethisnextgenerationofbigdatastreaminganalyticsasperhapstheonlysolutionthatcould

protectagainstfuturecyberattacksinenterprise,criticalinfrastructure,telecommunications

andevengovernmentcomputersandserversandmassiveapplications,evendownto

SCADA(SupervisoryControlandDataAcquisition)systemsincludingsmartcitiesandtheworld

ofIoTwith50Bdevicesconnectedtotheinternet.

Dr.HosseinEslambolchi[4]

MOBILE

devicesareinfected

WithMobilesurveillanceand

MobileRemoteAccessTrojans(mRATs)

1 in 1000

CheckPointSoftwareTechnologiesThreatResearch:TargetedAttacksOnEnterpriseMobile[5]

ofbusinessessufferedMobile

Securityincidentscosting

morethan$250,000

toremediate

42% CheckPointSoftwareTechnologies'sSecurityReport2015[6]

newAndroidMalwareSampleseveryday4,900

GData'sMobileMalwareReportQ12015[7]

OutofTenofMillionsofdevices,thenumberof

onesinfectedwithtrulymaliciousexploits

wasnegligible0,03% Verizon's2015DataBreachInvestigationsReport[8]

IstheQuantityofdownloadedAndroid

appswhicharevulnerabletoremoteattackslike

JBOH(JavaScriptBindingOverHTTP)

5 B FireEye'sMobileThreatAssessmentReport[9]

ofAndroidappshaveatleastone

highrisksecurityrating48 % FireEye'sMobileThreatAssessmentReport[9]

Oforganizationsdonotmanage

corporatedataonEmployeeowned

devices

44% CheckPointSoftwareTechnologies'sSecurityReport2015[6]

Ofappdevelopersdonottesttheirapps

forSecurity33%

CheckPointSoftwareTechnologiesSecurityReport2015[6]

IstheQuantityofdownloadedAndroid

appswhicharevulnerabletoremoteattackslike

JBOH(JavaScriptBindingOverHTTP)

5 B FireEye'sMobileThreatAssessmentReport[9]

A2011viaForensicsstudyfound

ofpopularappssampled

storeddatainsecurely

83% NowSecure'sSecureMobileDevelopment[10]

MostPopularApps

that'sdon'tencryptdataTop 10

SkyhighNetworks'sHowtoThwartHackersandtheNSAwithEncryption[11]

ofAndroiddevicescouldbeaffected

bydangerousStagefright

bug95% Zimperium[12]

CLOUDSECURITY

AveragenumberofCloudservices

inusebycompany

923 SkyhighNetworks'sCloudAdoption&RiskReportQ12015[13]

Wefoundofcompaniespresentahighcyber

Securityrisktotheirpartners

8% SkyhighNetworks'sCloudAdoption&RiskReportQ12015[13]

Butofdatasharedwithpartnersisuploaded

tohighriskpartners29%

SkyhighNetworks'sCloudAdoption&RiskReportQ12015[13]

Whileof91%providersencryptdataintransit

betweenthecloudserviceandenduser,just

encryptdatastoredatrestinthecloud

10% SkyhighNetworks'sCloudAdoption&RiskReportQ12015[13]

In2013,ThemarketforCloudSecurity

solutionswasUSDandisestimatedtogrowatahealthy

rateof16%till2018

3.47 B ResearchFox'sCloudSecurityMarketOutlook(20142018)[14]

90%ofcompanieshavesecurityconcernsabout

CloudComputingand36%ofcompanies

believeCloudappsarelesssecurethanonpremiseapps

Bitglass'sTheDefinitiveGuidetoCloudAccessSecurityBrokers[15]

Ofrespondents,saynoneofthesecuritythreat

defensesusedareadministered

throughcloudbasedservices

13% Cisco'sAnnualSecurityReport2015[16]

NETWORKSECURITY

Oforganizationsstudiedwereinfected

Withbots.andabotcommunicates

withaC&Ceveryminute83% CheckPointTechnologies'sSecurityReport2015[6]

DdoSattacksocurredeverydayin201448

CheckPointTechnologies'sSecurityReport2015[6]

ofcriticalinfrastructurecompanies

sufferedasecuritybreachoverthelastyear

70% SecurityWeek[17]

OpenSourcevulnerabilitieslikeHeartbleed,PoodleandShellshock

affectednearlyeveryIToperationintheworld

CheckPointTechnologies'sSecurityReport2015[6]

FinancialTrojanscontinuetobesomeofthemostlucrativetools

forcybercrimegangs.

Symantec'sDyre:Emergingthreatonfinancialfraudlandscape[18]

Estimatedfinanciallostfrom700Mcompromised

recordsshowstherealimportance

ofmanagingdatabreachrisks400M

Verizon's2015DataInvestigationsReport[8]

OfWebAppsattacksinvolveharvesting

credentialsstolenfromcustomerdevices,then

loggingtowebappswiththem

95% Verizon's2015DataInvestigationsReport[8]

Akamai'sQ12015StateoftheInternetReport[19]

ManyDdoSrelyonimproperlysecuredservices,suchasNTP,DNSandSSDP,whichmakeitpossible

forattackerstospoofsourceIPaddress


NTPtoppedthelistwithmaxattackbandwidthhitting

325Gbps,withSSDPjumpingontheDoSboatfora

134Gbpscruise


TheadoptionofIPv6hasintroducednewattackvectors

forcompanies,becausemanythreatspreviouslyconsideredmitigatedinIPv4wereabletobypassfirewallsandother

SecuritymeasuresonIPv6


Thetwomostobservedwebapplicationattackvectorswere

LocalFileInclusion(LFI),at66%,andSQLInjection(SQLi),

at29%.


INTERNETOF

THINGS

IoTisakeyenablingtechnologyfordigitalbusinesses.

Approximately3.9billionconnectedthingswereinusein2014and

thisfigureisexpectedtoriseto25billionby2020.

Andwhiledeploymentisgrowing,therearefactorsslowingdowntherateofadoption.

Gartner'sMarketResearch[20]

IoTdevicesareactivelypenetratingsomeoftheworld'smostregulated

industriesincludinghealthcare,energyinfrastructure,government,

Financialservicesandretail

OpenDNS'sThe2015InternetofThingsintheEnterpriseReport[21]

SomeinfrastructurehostingIoTdataaresusceptibletohighlypublicizedandpatchablevulnerabilitiessuchas

FREAKandHeartbleed


WhilemostIoTinfrastructureisrunningontopof

modernserviceproviderslikeAmazon,SoftLayer,

Verizonandothers,OpenDNSSecurityLabsdiscoveredthatsome

providersarealsohostingmaliciousdomains.


SamsungSmartTVsuseuntrustedcertificatesfor

Itsinfolink.pavv.co.krdomain


Healthcare,Retail,HighEducationandOil&Gas

aretheTopIndustryVerticalsusing

Dropcamdevices


Lookingatourdata,thetopfiveautonomoussystems

hostingIoTinfrastructuresitesareAS36351(SoftlayerTechnologies,Inc.),

AS16509(Amazon.com,Inc.),AS702(VerizonBusiness/UUnetEurope),

AS14618(Amazon.com,Inc.),

andAS54113(Fastly).


Anotherfindingwasthat184uniqueFQDNs

werefoundtobesusceptibletoCVE20150204morecommonly

referredtoasthetheFREAKattack.


Adeepanalysisofthewidgets.iobridge.comFQDNusing

QualysSSLLabs'onlinescannerprovidedapoorresultofGradeF

forSSLciphers.


Asimplescanwithnmapofthewidgets.iobridge.comFQDNshowed

theresultofmanyservicesthatcouldbepotentially

exploitedtogainaccesstotheWidgetserver


Ourdatashowsthatnotallwd2go.comdomainsarevulnerable,

However.ofthe70uniqueMyCloudstorage

endpoints,only30werefoundto

bevulnerabletoCVE20150204.


Areastowatch:WIFIJamming

Passwordstrengh,ReuseandAttackResistance

UnencryptedandunauthenticatedcommsMisconfigurationofEncryption

Synack'sHomeAutomationBenchmarkingReport[22]

InourresearchatIOActiveLabs,weconstantlyfindveryvulnerabletechnologybeingusedacrossdifferentindustries.Thissametechnologyalsoisusedforcriticalinfrastructurewithoutanysecuritytesting.Althoughcitiesusuallyrigorouslytestdevicesandsystemsforfunctionality,resistancetoweatherconditions,andsoon,thereisoftenlittleornocybersecuritytestingatall,whichisconcerningtosaytheleast.

Cerrudo'sAnEmergingUS(andWorld)Threat:CitiesWideOpentoCyberAttacks[23]

DATAEXTRACTED

FROM

[1]CyberSecurityMarketReportQ22015[2]JuniperResearch'sTheFutureofCybercrime&Security[3]CBInsights[4]Anomalytics&CyberSecurityinthe21stCentury[5]CheckPointThreatResearchsTargetedAttacksOnEnterpriseMobile[6]CheckPointSoftwareTechnologies'sSecurityReport2015[7]GData'sMobileMalwareReportQ12015[8]Verizon's2015DataBreachInvestigationsReport

[9]FireEye'sMobileThreatAssessmentReport[10]NowSecure'sSecureMobileDevelopment[11]SkyhighNetworks'sHowtoThwartHackersandtheNSAwithEncryption[12]Zimperium[13]SkyhighNetworks'sCloudAdoption&RiskReportQ12015[14]ResearchFox'sCloudSecurityMarketOutlook(20142018)[15]Bitglass'sTheDefinitiveGuidetoCloudAccessSecurityBrokers[16]Cisco'sAnnualSecurityReport2015

[17]SecurityWeek[18]Symantec'sDyre:Emergingthreatonfinancialfraudlandscape[19]Akamai'sQ12015StateoftheInternetReport[20]Gartner'sMarketResearch[21]OpenDNS'sThe2015InternetofThingsintheEnterpriseReport[22]Synack'sHomeAutomationBenchmarkingReport[23]AnEmergingUS(andWorld)Threat:CitiesWideOpentoCyberAttacks

Slide 1Slide 2Slide 3Slide 4Slide 5Slide 6Slide 7Slide 8Slide 9Slide 10Slide 11Slide 12Slide 13Slide 14Slide 15Slide 16Slide 17Slide 18Slide 19Slide 20Slide 21Slide 22Slide 23Slide 24Slide 25Slide 26Slide 27Slide 28Slide 29Slide 30Slide 31Slide 32Slide 33Slide 34Slide 35Slide 36Slide 37Slide 38Slide 39Slide 40Slide 41Slide 42Slide 43Slide 44Slide 45Slide 46Slide 47Slide 48Slide 49Slide 50Slide 51Slide 52Slide 53Slide 54Slide 55Slide 56Slide 57Slide 58Slide 59Slide 60Slide 61Slide 62Slide 63Slide 64Slide 65Slide 66Slide 67Slide 68Slide 69Slide 70Slide 71Slide 72Slide 73

50+ facts about state of cybersecurity in 2015

Documents