Ponemon Institute will present findings from its 2013 Cost of Failed Trust Report: Threats & Attacks, underwritten by Venafi, the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions, at RSA Conference 2013 in San Francisco on Thursday, February 28. Dr. Larry Ponemon will present the report findings during a joint track session titled &ldquoControlling Trust and Risk: New Ponemon Research.” The session will present how digital certificates and cryptographic keys provide the foundation of trust in today’s enterprises, and expose the hard costs associated with sub-standard key and certificate management.
Click to Tweet:#PonemonInstitute to present 2013 Cost of Failed Trust Report at #RSA on Thurs. Controlling #Trust & #Risk track session “During this track session I will discuss how systemic enterprise failures in key and certificate management create vulnerabilities that cybercriminals are exploiting to breach corporate and government networks, steal data and disrupt critical business operations,” said Larry Ponemon, chairman and founder of Ponemon Institute Research. “I will present the findings from the 2013 Cost of Failed Trust report, including the research methodology, which quantifies for the first time the cost of trust exploits. “I’ll share some of the expected and startling findings, including the fact that more than half of the companies surveyed do not know how many keys and certificates they have, that every company had experienced an attack on trust due to failed key and certificate management, and that trust attacks are projected to cost organizations an average of $35 million over 24 months, with a maximum cost exposure of $398 million per organization.” “These new research findings make it clear that organizations must remediate this problem quickly,” said Kevin Bocek, Venafi vice president of product marketing. “Every organization participating in the research experienced at least one trust exploit in the last two years, and more exploits are expected in the coming 24 months. Enterprises need to proactively manage their keys and certificates or the attacks will only increase. Given our dependence on keys and certificates in the activities of everyday life, from payments to healthcare, that are conducted online, on mobile devices and in the cloud, enterprises have no alternatives. The only difference will be between enterprises that are ahead of the problem and those that are forced into action when under attack. Attend Dr. Ponemon’s session at this year’s RSA Conference in San Francisco to learn more about the findings.” Download the full Ponemon 2013 Cost of Failed Trust Report: Threats & Attacks here. Some of the key findings Dr. Ponemon will share include:
- High costs: On average, enterprises are projected to risk losing an average of $35 million over 24 months from attacks on trust. Total possible cost exposure could be almost $400 million per organization.
- Widespread vulnerability: All surveyed enterprises suffered at least one attack on trust due to failed key and certificate management.
- Too vast a problem for manual management: Enterprises have on average 17,807 keys and certificates each, according to the report.
- Unknown and unquantified risk: Fifty-one percent of surveyed organizations do not know exactly how many keys and certificates they have.
- Clear and present danger to cloud computing: Respondents believe difficult-to-detect attacks on Secure Shell (SSH) keys, critical for cloud services from Amazon and Microsoft, present the most alarming threat arising from failure to control trust.
- The need to establish control over trust: Already, 59 percent of enterprises believe that proper key and certificate management can help them regain control over trust and avoid these risks.
The RSA Conference session details:
- Who: Larry Ponemon, chairman and founder of Ponemon Institute Research
- What: Controlling Trust and Risk: New Ponemon Research
- When: Thursday, February 28, 1 to 2 p.m.
- Where: RSA Conference 2013, Room 123
For more information on the session, visit http://goo.gl/flZfM To view the report, visit www.venafi.com/Ponemon To view a video clip of Venafi CEO Jeff Hudson discussing the research, visit: www.venafi.com/videos To learn more about the report methodology and key findings, visit the Ponemon Institute blog
About Ponemon Institute
Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.