Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk //


12:00 PM
Dark Reading
Dark Reading
Products and Releases

New Federal Regulations on Cyber Security Lead to Revenue Loss, Business Disruption and Loss of Productivity in Financial Services Sector, Radware Survey Finds

New survey published.

Radware® (NASDAQ: RDWR), a leading provider of application delivery and application security solutions for virtual and cloud data centers, released a new survey which finds that even though 87 percent of those surveyed in the financial service industry agree that current regulatory changes are very important or critical to keeping their companies and industry secure, these new federal guidelines were having an adverse impact on their businesses.

Survey respondents revealed that revenue loss (58 percent), business disruption (57 percent) and productivity loss (54 percent) ranked highly as the biggest consequences of new federal guidelines for the financial services sector. Four in ten respondents stated that federal regulations were adversely affecting bottom line results, causing a significant impact to IT CAPEX and OPEX. The survey also uncovered that while nearly all claim to be very or somewhat familiar with new guidelines, a substantial number, both in financial services and other industries, are still unaware of the specific regulations that would impact their business such as the Federal Financial Institutions Examination Council (FFIEC) Joint Statement on DDoS Cyber Attacks and Risk Mitigation.

Radware commissioned an in-depth survey from IDG Research Services, a leader in technology and media research, to gauge how changes to federal guidelines regarding application and network security have impacted medium to large businesses in the United States. Chief among the respondents were CIO/CTOs representing the financial services industry with global annual sales of $5 billion or more.

“Radware conducted this survey to investigate what organizations are doing in response to current regulatory changes that essentially were enacted to safe-proof their networks from future, potentially even more detrimental attacks,” said Carl Herberger, vice president of security solutions for Radware. “While companies are taking the right steps to adjust to the ever-changing regulatory landscape, institutions need to be better informed on the specifics of new laws in order to implement the most cost- and resource-efficient measures.”

In order to manage new guidelines, respondents cited investing in new or specialized technologies as the most common approach (53 percent) to currently dealing with these issues, followed by changing security processes, protocols and mandates (49 percent) and creating new security models (47 percent). 43 percent said they assigned extra budgets, with an average increase of 14 percent to address new federal regulations.

“Companies are implementing numerous strategic changes in order to remain compliant with new regulations and guidelines,” says Janet King, senior vice president, IDG Research Services. “Despite the significant cost to their businesses, most respondents agree that regulatory changes are critical in keeping data and personal information safe from the wrong hands.”

Results also show that escalated expenditures and resources were not the only concern. 86 percent of financial services respondents are more concerned about the possibility of cyber-attacks than non-financial organizations, and yet a third believe their businesses are ill-prepared to safeguard against them.

A small amount of respondents stated their business does not have a strategy for protecting against distributed denial of service (DDoS) attacks (eight percent) – a common attack vector employed by hackers.

“It is imperative that companies, not just the financial services industry, do everything in their means to not only mitigate cyber threats, but also to comply with emerging industry regulations in order to optimally protect their networks, applications and data – and most importantly, their customers,” added Herberger. “Although these responses quantify the growing importance of network security and indicate a clear desire for regulation, there is still more needed to be done in terms of cyber security education and implementation across all industries. By learning from other industries and working with peers, companies can implement technology and protocols that reduce the risk of a cyber attack while limiting the impact to their bottom lines.”

Other key findings from Radware and IDG’s latest survey include:

·         Unauthorized access (48 percent), theft of IP (47 percent), sabotage (47 percent), and worm and virus damage (46 percent) are the most harmful attacks to the business

·         Loss of revenue (39 percent) tops the list of negative outcomes resulting from a cyber attack, followed by loss of customers (38 percent)

·         63 percent of respondents indicated a willingness to adopt application and network security best practices from another industry

·         80 percent of respondents place a critical or very high degree of importance on the federal government imposing stricter regulations around application and network security

·         84 percent expect network and applications security to be more tightly regulated by the government over the next 12 months

·         35 percent expect the frequency of cyber attacks to increase over the next year, while 44 percent anticipate the number of attacks to remain the same

·         58 percent of survey respondents have filled out a Security and Exchange Commission questionnaire for compliance in the past 12 months

To access the survey findings, including methodology and research objectives, please visit: http://www.radware.com/idg-2014/


About Radware

Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware's solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.

Radware encourages you to join our community and follow us on: FacebookGoogle+LinkedInRadware BlogSlideShareTwitter,YouTubeRadware Connect app for iPhone® and our security center DDoSWarriors.com that provides a comprehensive analysis on DDoS attack tools, trends and threats.

About IDG Research Services

IDG Research Services specializes in marketing and media-related research for technology marketers. As a division of International Data Group (IDG), the world's leading technology media, research, and event company, IDG Research Services brings the resources and experience of a large, global company to its clients in the form of a small, customer-focused business. For more information please visit our website.

©2014 Radware, Ltd. All rights reserved. Radware and all other Radware product and service names are registered trademarks or trademarks of Radware in the U.S. and other countries. All other trademarks and names are property of their respective owners.

This press release may contain statements concerning Radware's future prospects that are "forward-looking statements" under the Private Securities Litigation Reform Act of 1995. Statements preceded by, followed by, or that otherwise include the words "believes", "expects", "anticipates", "intends", "estimates", "plans", and similar expressions or future or conditional verbs such as "will", "should", "would", "may" and "could" are generally forward-looking in nature and not historical facts. These statements are based on current expectations and projections that involve a number of risks and uncertainties. There can be no assurance that future results will be achieved, and actual results could differ materially from forecasts and estimates. These risks and uncertainties, as well as others, are discussed in greater detail in Radware's Annual Report on Form 20-F and Radware's other filings with the Securities and Exchange Commission. Forward-looking statements speak only as of the date on which they are made and Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware's public filings are available from the Securities and Exchange Commission's website at www.sec.gov or may be obtained on Radware's website at www.radware.com.



Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Look Beyond the 'Big 5' in Cyberattacks
Robert Lemos, Contributing Writer,  11/25/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I think the boss is bing watching '70s TV shows again!
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-12-02
CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.
PUBLISHED: 2020-12-02
Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.
PUBLISHED: 2020-12-02
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access,...
PUBLISHED: 2020-12-02
HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system.
PUBLISHED: 2020-12-02
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat ...