Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk //

Compliance

9/22/2014
12:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

New Federal Regulations on Cyber Security Lead to Revenue Loss, Business Disruption and Loss of Productivity in Financial Services Sector, Radware Survey Finds

New survey published.

Radware® (NASDAQ: RDWR), a leading provider of application delivery and application security solutions for virtual and cloud data centers, released a new survey which finds that even though 87 percent of those surveyed in the financial service industry agree that current regulatory changes are very important or critical to keeping their companies and industry secure, these new federal guidelines were having an adverse impact on their businesses.

Survey respondents revealed that revenue loss (58 percent), business disruption (57 percent) and productivity loss (54 percent) ranked highly as the biggest consequences of new federal guidelines for the financial services sector. Four in ten respondents stated that federal regulations were adversely affecting bottom line results, causing a significant impact to IT CAPEX and OPEX. The survey also uncovered that while nearly all claim to be very or somewhat familiar with new guidelines, a substantial number, both in financial services and other industries, are still unaware of the specific regulations that would impact their business such as the Federal Financial Institutions Examination Council (FFIEC) Joint Statement on DDoS Cyber Attacks and Risk Mitigation.

Radware commissioned an in-depth survey from IDG Research Services, a leader in technology and media research, to gauge how changes to federal guidelines regarding application and network security have impacted medium to large businesses in the United States. Chief among the respondents were CIO/CTOs representing the financial services industry with global annual sales of $5 billion or more.

“Radware conducted this survey to investigate what organizations are doing in response to current regulatory changes that essentially were enacted to safe-proof their networks from future, potentially even more detrimental attacks,” said Carl Herberger, vice president of security solutions for Radware. “While companies are taking the right steps to adjust to the ever-changing regulatory landscape, institutions need to be better informed on the specifics of new laws in order to implement the most cost- and resource-efficient measures.”

In order to manage new guidelines, respondents cited investing in new or specialized technologies as the most common approach (53 percent) to currently dealing with these issues, followed by changing security processes, protocols and mandates (49 percent) and creating new security models (47 percent). 43 percent said they assigned extra budgets, with an average increase of 14 percent to address new federal regulations.

“Companies are implementing numerous strategic changes in order to remain compliant with new regulations and guidelines,” says Janet King, senior vice president, IDG Research Services. “Despite the significant cost to their businesses, most respondents agree that regulatory changes are critical in keeping data and personal information safe from the wrong hands.”

Results also show that escalated expenditures and resources were not the only concern. 86 percent of financial services respondents are more concerned about the possibility of cyber-attacks than non-financial organizations, and yet a third believe their businesses are ill-prepared to safeguard against them.

A small amount of respondents stated their business does not have a strategy for protecting against distributed denial of service (DDoS) attacks (eight percent) – a common attack vector employed by hackers.

“It is imperative that companies, not just the financial services industry, do everything in their means to not only mitigate cyber threats, but also to comply with emerging industry regulations in order to optimally protect their networks, applications and data – and most importantly, their customers,” added Herberger. “Although these responses quantify the growing importance of network security and indicate a clear desire for regulation, there is still more needed to be done in terms of cyber security education and implementation across all industries. By learning from other industries and working with peers, companies can implement technology and protocols that reduce the risk of a cyber attack while limiting the impact to their bottom lines.”

Other key findings from Radware and IDG’s latest survey include:

·         Unauthorized access (48 percent), theft of IP (47 percent), sabotage (47 percent), and worm and virus damage (46 percent) are the most harmful attacks to the business

·         Loss of revenue (39 percent) tops the list of negative outcomes resulting from a cyber attack, followed by loss of customers (38 percent)

·         63 percent of respondents indicated a willingness to adopt application and network security best practices from another industry

·         80 percent of respondents place a critical or very high degree of importance on the federal government imposing stricter regulations around application and network security

·         84 percent expect network and applications security to be more tightly regulated by the government over the next 12 months

·         35 percent expect the frequency of cyber attacks to increase over the next year, while 44 percent anticipate the number of attacks to remain the same

·         58 percent of survey respondents have filled out a Security and Exchange Commission questionnaire for compliance in the past 12 months

To access the survey findings, including methodology and research objectives, please visit: http://www.radware.com/idg-2014/

THIS PRESS RELEASE AND THE IDG SURVEY ARE PROVIDED FOR INFORMATIONAL PURPOSES ONLY. THESE MATERIALS ARE NOT INTENDED TO BE AN INDICATOR OF RADWARE'S BUSINESS PERFORMANCE OR OPERATING RESULTS FOR ANY PRIOR, CURRENT OR FUTURE PERIOD.

About Radware

Radware (NASDAQ: RDWR), is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware's solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.

Radware encourages you to join our community and follow us on: FacebookGoogle+LinkedInRadware BlogSlideShareTwitter,YouTubeRadware Connect app for iPhone® and our security center DDoSWarriors.com that provides a comprehensive analysis on DDoS attack tools, trends and threats.

About IDG Research Services

IDG Research Services specializes in marketing and media-related research for technology marketers. As a division of International Data Group (IDG), the world's leading technology media, research, and event company, IDG Research Services brings the resources and experience of a large, global company to its clients in the form of a small, customer-focused business. For more information please visit our website.

©2014 Radware, Ltd. All rights reserved. Radware and all other Radware product and service names are registered trademarks or trademarks of Radware in the U.S. and other countries. All other trademarks and names are property of their respective owners.


This press release may contain statements concerning Radware's future prospects that are "forward-looking statements" under the Private Securities Litigation Reform Act of 1995. Statements preceded by, followed by, or that otherwise include the words "believes", "expects", "anticipates", "intends", "estimates", "plans", and similar expressions or future or conditional verbs such as "will", "should", "would", "may" and "could" are generally forward-looking in nature and not historical facts. These statements are based on current expectations and projections that involve a number of risks and uncertainties. There can be no assurance that future results will be achieved, and actual results could differ materially from forecasts and estimates. These risks and uncertainties, as well as others, are discussed in greater detail in Radware's Annual Report on Form 20-F and Radware's other filings with the Securities and Exchange Commission. Forward-looking statements speak only as of the date on which they are made and Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware's public filings are available from the Securities and Exchange Commission's website at www.sec.gov or may be obtained on Radware's website at www.radware.com.

 

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14300
PUBLISHED: 2020-07-13
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in th...
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.