The 2009 study examined 138 cases involving laptop computers lost by an employee, a temporary worker or contractor. Based on replacement cost, lost intellectual property and other factors, the average value is an estimated $49,246. In cases examined by the study, 80% of that cost was attributed to lost intellectual property.
Social Insecurity: What Millions of Online Users Don't Know Can Hurt Them
Conducted by: Consumer Reports National Research Center
Sponsored by: Unsponsored
Number of respondents: 2,000 online U.S. households.
Twice as many U.S. households now use social networks than did last year, and, in many cases, are exposing themselves to new risks. A 2010 study found 40% posted their full birth date, exposing themselves to identity theft, while 26% posted their children's photos and names, potentially exposing them to predators. Also, one quarter didn't use Facebook's privacy controls at a time when 9% of social network users experienced malware infections, scams, identity theft or harassment.
Security of Paper Documents in the Workplace
Conducted by: Ponemon Institute
Sponsored by: Alliance for Secure Business Information
Number of respondents: 819 individuals who work in IT operations, IT security, data protection and compliance in large organizations in a variety of industries.
This 2008 study appears to stand the test of time and has not been replaced by more current research. Eighty percent of respondents said they had one or more data breaches in the past 12 months; of those, 49% said one or more of the breaches involved the loss or theft of paper documents. Seventy-one percent of respondents acknowledge an incident in which sensitive or confidential paper documents were lost or misplaced in their organizations.
Airport Insecurity: The Case of Lost Laptops
Conducted by: Ponemon Institute
Sponsored by: Dell
Number of respondents: 864 business air travelers in the U.S.
2008 survey reports that, on average, 12,255 laptops go missing at U.S. airports each week and 42% don't back up the data in their laptop computers. Only one-third of those turned into airport Lost and Found departments are ever reclaimed.
Business Risk of a Lost Laptop: A Study of U.S. IT Practitioners
Conducted by: Ponemon Institute LLC
Sponsored by: Dell Corporation
Number of respondents: 714 IT and IT security practitioners with an average of almost 7.5 years of domain-specific experience.
2009 study looks at the business risk of poor laptop security. Sixty-five percent of respondents say the number of lost or stolen laptops is up from previous years; 75% say they know of an incident in their organization where sensitive or confidential data was at risk because of a lost or stolen laptop computer.
The 2010 State of Cyberethics, Cybersafety, Cybersecurity Curriculum in the U.S. Survey
Conducted by: Zogby International
Sponsored by: National Cyber Security Alliance
Number of respondents: 1,003 teachers, 400 K-12 school adminstrators and 200 technology coordinators.
Survey targets teachers, school administrators and technology coordinators in an effort to understand whether students are receiving adequate guidance to use digital technology and the Internet in a safe and responsible manner. Thirty-nine percent of teachers responded that over the last 12 months they'd taught students how to make decisions about sharing personal information online; 33% about the dangers of social networking sites; 30% about watching for online predators; and 28% about what to do if they receive harassing messages.
The National Campus Safety and Security Project Survey
Conducted by: The National Association of College and University Business Officers
Sponsored by: Funded in part by the Lilly Endowment.
Number of respondents: 342 institutions.
Roughly 15% of repondents do not currently have an emergency preparedness plan that at least meets the standards set by the National Fire Protection Association; of those, 40% are near completion of one. Survey looks at many factors including use of security cameras and other technologies, emergency communication plans and business continuity.
More Than Half of Americans Surveyed Are Not Worried About Swine Flu
Conducted by: Harris Interactive
Sponsored by: Deloitte Center for Health Solutions
Number of respondents: 1,010 U.S. adults.
2009 survey reports that 52% of Americans don't believe the H1N1 virus will have a major impact in the United States; 41% do not plan to get vaccinated. It also examines who plans to get vaccinated, and if they know where to get vaccinated.
Energy Security&America's Best Defense
Conducted by: Deloitte Global and U.S. Aerospace & Defense
Sponsored by: Unsponsored
Number of respondents: Not applicable.
2009 study reports that a huge increase in fuel use by the military (175% increase per soldier during wartime since Vietnam) puts a focus on fuel security. Energy supplies are often a primary target, and, according to its methodologies, the Deloitte study found that "without game-changing shifts, the current Afghan conflict may result in a 124% increase in U.S. casualties through 2014."
Security Controls
Securosis 2010 Data Security Survey
Conducted by: Securosis, L.L.C.
Sponsored by: Imperva
Number of respondents: 1,176
Roughly half of responding organizations have some form of data security controls deployed; e-mail filtering was listed as the most common control and also the least effective. While 88% of respondents must meet at least one regulatory requirement, "to improve security" was the most common driver for adding data security controls.
SANS Sixth Annual Log Management Survey Report
Conducted by: SANS Institute
Sponsored by: ArcSight, LogLogic, NetForensics, Novell, RSA and Trustwave
Number of respondents: 500+
Conducted in April 2010, survey reveals log management is gaining popularity and now includes logs gathered from other devices than firewalls, switches, routers and IDS/IPS. While the number of users trying to derive more value from their log data has increased, many respondents say analyzing and reporting on all the data remains a critical problem.
Security Software and Services Spending Will Outpace Other IT Spending Areas in 2010
Conducted by: Gartner, Inc.
Sponsored by: Unsponsored
Number of respondents: More than 1,000 IT professionals with budget responsibility worldwide.
Note: $95.00 fee and registration required.
A 4% increase in security software budgets is anticipated for 2010, including the areas of security information and event management (SIEM), e-mail security, URL filtering and user provisioning. A managed security services spending increase is also expected.
Data Security and Data Breaches
2010 Data Breach Investigations Report
Conducted by: The Verizon RISK Team in cooperation with the U.S. Secret Service.
Sponsored by: Unsponsored
Origin of data: The primary dataset analyzed in this report contains the 141 confirmed breach cases worked by Verizon (57) and the USSS (84) in 2009.
Survey examines origins and frequency of breaches, who caused tham and what they have in common. This in-depth perspective now spans 6 years, more than 900 breaches and more than 900 million compromised records.
Securosis 2010 Data Security Survey
Conducted by: Securosis, L.L.C.
Sponsored by: Imperva
Number of respondents: 1,176
Roughly half of responding organizations have some form of data security controls deployed; e-mail filtering was listed as the most common control and also the least effective. While 88% of respondents must meet at least one regulatory requirement, "to improve security" was the most common driver for adding data security controls.
Application Security: It's a Case of Good News/Bad News
Conducted by: BankInfoSecurity.com
Sponsored by: Unsponsored
Number of respondents: More than 100 banking/security leaders from financial institutions of all sizes.
Note: Registration required for full results.
Survey guages perceived strength of financial institutions' application security programs; 81% are only somewhat or not at all confident in the security of third-party applications.
Federal Cyber Security Outlook for 2010 Survey
Conducted by: Ernst & Young
Sponsored by: Unsponsored
Number of respondents: Nearly 1,900 organizations worldwide across all major industries.
12th annual survey finds forty-one percent of respondents reported increased internal attacks while 25% saw a rise in internal attacks; 50% plan to spend more this year to improve information security risk management.
2010 HIMSS Analytics Report: Security of Patient Data
Conducted by: HIMSS Analytics
Sponsored by: Kroll Fraud Solutions
Number of respondents: 250 senior information technology (IT) executives, Chief Security Officers and Health Information Management (HIM) Directors/Managers Compliance Officers and Privacy Officers.
A study on the shift to electronic health records (EHRs) over the next several years highlights the inability of healthcare providers to adequately secure data--even in the face of increased regulation of the HIPAA and HITECH acts.
Registration required
Employees Put Personal Security, Interests Above Company's
Conducted by: Trend Micro
Sponsored by: Unsponsored
Number of respondents: 1,600 end users in the U.S., U.K, Germany and Japan.
Survey examines employees' unsanctioned use of corporate networks and tools. About half of respondents admitted leaking confidential data through a Web mail account; 60% of mobile workers and 44% of stationary workers also admitted to having done so through IM or social media applications.
Outbound Email and Data Loss Prevention in Today's Enterprise, 2010
Conducted by: Osterman
Sponsored by: Proofpoint
Number of respondents: 261 responses from companies with 1,000 or more employees.
Note: Registration required
Managing the risks of outbound e-mail, blog postings, social media, mobile devices, etc. is the focus of this survey. One quarter of U.S. companies investigated the leakage of confidential, sensitive or private information via a blog or message board posting; 24% disciplined an employee for such a breach in the last year. One fifth investigated a similar breach involving a social networking site.
BBusiness Risk of a Lost Laptop: A Study of U.S. IT Practitioners
Conducted by: Ponemon Institute LLC
Sponsored by: Dell Corporation
Number of respondents: 714 IT and IT security practitioners with an average of almost 7.5 years of domain-specific experience.
2009 study looks at the business risk of poor laptop security. Sixty-five percent of respondents say the number of lost or stolen laptops is up from previous years; 75% say they know of an incident in their organization where sensitive or confidential data was at risk because of a lost or stolen laptop computer.
60 Percent of Facebook Users Consider Quitting over Privacy
Conducted by: Sophos
Sponsored by: Unsponsored
Number of respondents: 1,588 Facebook users.
Concerns over privacy settings and sharing private information have prompted nearly two thirds of Facebook users to consider leaving the social networking service and 16% more say they have already stopped.
2009 Annual Study: Cost of a Data Breach
Conducted by: Ponemon Institute LLC
Sponsored by: PGP Corporation
Number of respondents: 45 organizations from 15 different industry sectors.
Survey released in January 2010 reports that, contrary to what many believe, the overall cost of data breaches is increasing, though slowly (up 2% over 2008). It also found that breaches caused by malicious attackers or botnets cost 40% more than those caused by negligence or a system problem.
Conducted by: ElcomSoft
Sponsored by: Unsponsored
Number of respondents: About 1,000 security and IT professionals from more than 70 countries.
Up to 77% of computer users use a single password to access multiple applications and websites. It also examines password reuse for multiple accounts, passwords written down and use of weak passwords.
Conducted by: Deloitte
Sponsored by: Unsponsored
Number of respondents: More than 750 technology executives ranging from upper management to consultant across multiple industries.
A 2009 webcast-based poll found 60% of executives believe cloud computing will benefit enterprise services but 35% remain concerned about security and privacy.
Conducted by: Ponemon Institute LLC
Sponsored by: Intel Corporation
Number of respondents: N/A
The 2009 study examined 138 cases involving laptop computers lost by an employee, a temporary worker or contractor. Based on replacement cost, lost intellectual property and other factors, the average value is an estimated $49,246. In cases examined by the study, 80% of that cost was attributed to lost intellectual property.
Why Encrypt? Federal File Transfer Report
Conducted by: MeriTalk
Sponsored by: Axway
Number of respondents: 200 Federal IT and information security professionals.
Note: Registration required.
Comprehensive 2010 survey examines data security at federal agencies. It finds that more than half of employees use personal email, CDs, DVDs, FTP, and USB drives to transfer business files despite known risks. Sixty-two percent of respondents said file transfer security is a top priority, and 80% call their agency's secure file transfer policies adequate but only 58% say employees are aware of those policies.
Airport Insecurity: The Case of Lost Laptops
Conducted by: Ponemon Institute
Sponsored by: Dell
Number of respondents: 864 business air travelers in the U.S.
2008 survey reports that, on average, 12,255 laptops go missing at U.S. airports each week and 42% don't back up the data in their laptop computers. Only one-third of those turned into airport Lost and Found departments are ever reclaimed.
Security of Paper Documents in the Workplace
Conducted by: Ponemon Institute