Welcome!

News Feed Item

NTT Innovation Institute Announces the Availability of the 2014 Global Threat Intelligence Report

Analysis of Three Billion Attacks in 2013 Reveals SQL Injections Cost $196,000 and Anti-Virus Solutions Fail More Than Half the Time

PALO ALTO, CA -- (Marketwired) -- 03/27/14 -- NTT Innovation Institute (NTT I3) is pleased to announce the release of the 2014 NTT Group Global Threat Intelligence Report (GTIR). The report focuses on five critical areas of security: threat avoidance, threat response, threat detection, investigative and response capabilities. A key portion of the report is dedicated to business and security leaders concerned with balancing cost and risk. Recommendations and strategies for minimizing the impact of threats and reducing the threat mitigation timeline are conveyed in multiple charts and real-world case studies.

The primary goal of the NTT Group GTIR is to raise awareness with C-level executives and security professionals alike that when the basics of security are done right, it can be enough to mitigate and even avoid the high-profile security and data breaches. We believe information security should be a strategic imperative that is an effective mix of threat avoidance, threat detection and threat response.

The NTT Group GTIR uses real-world case studies of several security incidents and provides recommendations for minimizing the impact of threats through easy to understand strategies and charts. We have also included our research on several Distributed Denial of Service (DDoS) attacks, malware attacks and the latest botnet activity.

Other key findings in the 2014 GTIR include:

  • Cost for a "minor" SQL injection attack exceeds $196,000 - Organizations must realize the true cost of an incident and learn how a small investment could reduce losses by almost 95 percent.
  • Anti-virus fails to detect 54 percent of new malware collected by honeypots - Additionally, 71 percent of new malware collected from sandboxes was also undetected by over 40 different anti-virus solutions. This supports the premise that simple endpoint solutions must be augmented with network malware detection and purpose-built solutions.
  • 43 percent of incident response engagements were the result of malware - Missing anti-virus, anti-malware and effective lifecycle management of these basic controls were key factors in a significant portion of these engagements. Read the "Administrator Releases a Worm" case study to see how it cost one organization $109,000.
  • Botnet activity takes an overwhelming lead at 34 percent of events observed - Almost 50 percent of botnet activity detected in 2013 originated from U.S. based addresses. The fact that healthcare, technology and finance account for 60 percent of observed botnet activity reflects the information worker burden that accompanies these industries.
  • PCI assessed organizations are better at addressing perimeter vulnerabilities - Organizations performing quarterly external PCI Authorized Scanning Vendor (ASV) assessments have a more secure vulnerability profile, as well as a faster remediation time (27 percent), than organizations performing unregulated assessments.
  • Healthcare has observed a 13 percent increase in botnet activity - Due to increased reliance on interconnected systems for the exchange and monitoring of health related data, more systems are potentially affected by malware.

The GTIR was developed using threat intelligence and attack data from the NTT Group companies -- Solutionary, NTT Com Security, Dimension Data, NTT Data and support from NTT R&D. The key findings in the GTIR are a result of the analysis of approximately three billion worldwide attacks over the course of 2013. The data analyzed for this report was collected from sixteen Security Operations Centers (SOC) and seven R&D centers with more than 1,300 NTT security experts and researchers from around the world.

"The report represents the culmination of months of research from our world-renowned experts and it strives to provide C-level executives and IT departments a platform to come together and discuss the foundation of their security programs in a way that benefits enterprises in today's Digital Economy," said NTT Innovation Institute CEO Srini Koushik, "The 2014 NTT Group GTIR describes the evolving global threat landscape and underscores the importance of doing the basics right. It also backs it up with real-world case studies and actionable insights for the security practitioners and succinct enough for the Fortune 100 CEO."

To access the full report, please visit: www.nttgroupsecurity.com

About NTT I3
NTT Innovation Institute, Inc., (NTT I3) is the Silicon Valley-based open innovation and applied research and development center of NTT Group. The institute works closely with NTT operating companies and their customers around the world to develop market-driven, customer-focused solutions and services. NTT I3 builds on the vast intellectual capital base of NTT Group, which invests more than $3.5 billion a year in R&D. NTT I3 and its world-class scientists and engineers partner with prominent technology companies and start-ups, to deliver market-leading solutions that span strategy, business applications, data and infrastructure.

To learn more about NTT I3, please visit us at www.ntti3.com.

Media Contact
Dave Murray
(408) 677-5310
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
20th Cloud Expo, taking place June 6-8, 2017, at the Javits Center in New York City, NY, will feature technical sessions from a rock star conference faculty and the leading industry players in the world. Cloud computing is now being embraced by a majority of enterprises of all sizes. Yesterday's debate about public vs. private has transformed into the reality of hybrid cloud: a recent survey shows that 74% of enterprises have a hybrid cloud strategy.
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
Get deep visibility into the performance of your databases and expert advice for performance optimization and tuning. You can't get application performance without database performance. Give everyone on the team a comprehensive view of how every aspect of the system affects performance across SQL database operations, host server and OS, virtualization resources and storage I/O. Quickly find bottlenecks and troubleshoot complex problems.
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
"Coalfire is a cyber-risk, security and compliance assessment and advisory services firm. We do a lot of work with the cloud service provider community," explained Ryan McGowan, Vice President, Sales (West) at Coalfire Systems, Inc., in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
Major trends and emerging technologies – from virtual reality and IoT, to Big Data and algorithms – are helping organizations innovate in the digital era. However, to create real business value, IT must think beyond the ‘what’ of digital transformation to the ‘how’ to harness emerging trends, innovation and disruption. Architecture is the key that underpins and ties all these efforts together. In the digital age, it’s important to invest in architecture, extend the enterprise footprint to the cl...
Fact: storage performance problems have only gotten more complicated, as applications not only have become largely virtualized, but also have moved to cloud-based infrastructures. Storage performance in virtualized environments isn’t just about IOPS anymore. Instead, you need to guarantee performance for individual VMs, helping applications maintain performance as the number of VMs continues to go up in real time. In his session at Cloud Expo, Dhiraj Sehgal, Product and Marketing at Tintri, sha...
Whether your IoT service is connecting cars, homes, appliances, wearable, cameras or other devices, one question hangs in the balance – how do you actually make money from this service? The ability to turn your IoT service into profit requires the ability to create a monetization strategy that is flexible, scalable and working for you in real-time. It must be a transparent, smoothly implemented strategy that all stakeholders – from customers to the board – will be able to understand and comprehe...
CloudJumper, a Workspace as a Service (WaaS) platform innovator for agile business IT, has been recognized with the Customer Value Leadership Award for its nWorkSpace platform by Frost & Sullivan. The company was also featured in a new report(1) by the industry research firm titled, “Desktop-as-a-Service Buyer’s Guide, 2016,” which provides a comprehensive comparison of DaaS providers, including CloudJumper, Amazon, VMware, and Microsoft.
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
"Dice has been around for the last 20 years. We have been helping tech professionals find new jobs and career opportunities," explained Manish Dixit, VP of Product and Engineering at Dice, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
"Qosmos has launched L7Viewer, a network traffic analysis tool, so it analyzes all the traffic between the virtual machine and the data center and the virtual machine and the external world," stated Sebastien Synold, Product Line Manager at Qosmos, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.