The Ivanti Threat Thursday Update for November 2, 2017: Discouragement – and Help

Greetings. A recent survey highlights disturbing differences between perception and reality among senior executives, IT and cybersecurity leaders, and their teams. An upcoming summit offers hope and help. Your opinions, reactions, and suggestions, welcome – please share. Thanks in advance.

Survey: Huge Gaps Separate Cybersecurity Perceptions and Realities

In May, IDG Research surveyed 700 IT and cybersecurity decision makers worldwide for AT&T’s Global State of Cybersecurity study. As summarized in a white paper from IDG’s CIO.com, that survey identified some significant gaps, between perception and reality and among the perceptions of senior executives, IT and cybersecurity team leaders, and their respective teams.

  • Cyberinsurance is a popular hedge against cybersecurity attacks – perhaps too popular. Some 84 percent of respondents have purchased cyberinsurance, and 28 percent of all respondents plan to allocate all or most of their cybersecurity budget to insurance in anticipation of future incidents. Those organizations “appear to view cyberinsurance as a substitute for cyberdefense investment, rather than as one component of a multilayered cybersecurity strategy.”
  • Respondents were asked if their organizations had “adequate in-house talent to address their cybersecurity needs in the year ahead.” Some 70 percent of C-level executives believe they do, compared with 65 percent of IT and cybersecurity leaders and only 56 percent of “those closer to the front lines.” Nearly 80 percent of all respondents say they have been breached at least once in the past year.
  • More than half of respondents “admit to breaches from employee mobile devices infected with malware.” Despite this, only 61 percent of those respondents work at organizations that require security awareness training for all employees. Some 6 percent of respondents work at organizations that require no such training at all.

What We Say: No single tool, technique, or resource can provide adequate protection for your organization. Multi-layered cybersecurity demands a combination of modern protective technologies, proven and consistently executed processes and workflows, effective remedies for operational and financial remediation and restoration, and meaningful user engagement and education. This approach will help you discover your environment’s vulnerabilities, detect exploits and other threats, prevent threats from infecting your network, and take action against those that get in. Success here begins with the basics, including comprehensive patch management and control of applications, devices, and privileges across your entire environment. (See “The Equifax Breach, Patch Management, and Your Cybersecurity” and “User Education for Cybersecurity: Yes, It’s Worth It.”)

Ivanti to Host Security Summit in Seattle Nov. 8

The Ivanti Security Summit, Powered by The Chertoff Group, takes place in Seattle, WA on Wednesday, November 8. This complimentary, one-day event combines a powerhouse roster of speakers with sessions designed to help you improve cybersecurity at your organization, now and in the future.

  • The theme of the Summit is Cybersecurity for Today’s Extreme Threats. The Chertoff Group is a premier global advisory firm with a focus around security and technology. They combine insights into technology, threat, and policy to help clients improve their resiliency, build competitive advantage, and accelerate growth. Their expertise and focus make them a great partner for this summit.
  • Speakers from Ivanti will include CEO Steve Daly, Chief Information Security Officer (CISO) Phil Richards, Manager of Product Marketing (and security evangelist) Amber Boehm, and Manager of Product Management Chris (“Mr. Patch Tuesday”) Goettl.
  • Speaking from The Chertoff Group will be Jim Pflaging, Technology Sector Principal and Strategy Practice Lead, and Director Chris Duvall. Also speaking will be Scott Carlson, Technical Fellow and Executive Security Advisor at privilege access management solution provider BeyondTrust. Scott was previously Director of Information Security Strategy & Integration at PayPal, and held similar roles before PayPal at Charles Schwab, Cargill, and the U.S. National Security Agency (NSA).
  • The summit will comprise focused, interactive sessions intended to spur discussion, ideas, and creation of actionable, effective cybersecurity strategies. The day will wrap up with an interactive roundtable Q&A session, and closing remarks from Jim and Phil.

What We Say: As the survey results discussed above and what we’ve said in many of our security blog posts all make clear, multi-layered, proactive measures are essential for effective cybersecurity. Credible expertise can help, which is why we are inviting you to attend this summit with our compliments. (You are responsible for your own travel and accommodation costs, if any.) Visit the summit web page to view more details about the speakers and sessions, or to register. We look forward to seeing you in Seattle.

Improve Your Cybersecurity. Ivanti Can Help.

Ivanti has the solutions, experience, expertise, and ecosystem of partners that can help you detect, succeed with any and all of the above critical elements of an effective cybersecurity strategy. Ivanti can help you discover and inventory what’s in your environment, and get and keep your client and server system patches up to date. Ivanti can help you achieve and maintain control over your users’ applications, devices, and admin rights, with minimal disruption or objection. Ivanti can help your organization fight and remediate malware and other attacks, rapidly and effectively. Ivanti can help deliver reporting and analysis that improves your ability to protect your network and your organization. Get in touch with us to learn more (And keep reading, sharing, and commenting on our posts and our Patch Tuesday and Threat Thursday updates!)