1

IMPACT OF BREACHES ON REPUTATION AND

SHAREHOLDER VALUE

Ponemon 2017 Study

2

In March alone

129 BREACHES

3

YTD increase in breaches

65% INCREASE

4

2/3 of companies report experiencing 5 or more

data breaches within the past two years

66% BREACHED

5

THERE’S NO SINGLE ENTRY POINTHackers have no common path in where they decide to breach

MOBI LE / ENDPOI NT

DATABASES

N E T W O R K

ON-PREM A N D

SAAS A P P S

SERVERS 4.7

6.6

5.2

5.8

6.4

# OF DATA BREACHES IN 2 YEARS

6

after Chipotle reported better than expected Q1 results but gains chopped in half when it revealed it had a breach

$400 MILLIONLOSS TO SHAREHOLDERS

7

TODAY’S SECURITY IS NOT SECURE

8

RETHINK SECURITY

Enterprises breached 5+ times

in last two years (Forrester)66%

IT security spend in 2016(Gartner)$80B

THE ENTERPRISE TODAY HAS NO PERIMETER

150,000Enterprise cloud apps

90% Enterprises using cloud

50BIoT devices

8Bmobile devices

PROTECTED BY ONLY A PASSWORD

breaches involve privileged

credential misuse (Forrester)80%

breaches involve weak, default

or stolen passwords (Verizon)81%

NO USER IS SAFE

Hackers target all users whether customers,

partners, employees or privileged IT users

THE IMPACTS OF A DATA BREACH

ON REPUTATION AND SHARE VALUE

Ponemon Institute surveyed three groups that

influence companies brand and reputation:

• IT operations and information security (448 professionals)

• CMOs and corporate communications (334 professionals)

• Consumers (549 individuals)

Ponemon also studied the affect on stock

value and customer churn after a breach of

113 COMPANIES

MISCALCULATION OF SECURITY RISK

ON SHAREHOLDER VALUE

12

Avg stock price decline after breach announced

5% DROP

13

AVERAGE STOCK INDEX DROPS THE DAY

A BREACH IS ANNOUNCED

14

LOW SECURITY POSTURE COMPANIES

DROPS UP TO 7% & RECOVERS SLOWER

15

In customer churn for companies with poor security posture(lack of response plan, inadequate investment in security — especially IAM, frequent turnover of security personnel, etc.)

Up to 7% INCREASE

16

Impacted consumers stated intent to

discontinue relationship with breached organization30%+

BLIND SPOTS IN THE C-SUITE

WITH COSTLY CONSEQUENCES

18

IT leaders are not confident in their ability

to prevent, detect and resolve data breaches

56% NOT CONFIDENT

19

Marketing and IT leaders have a blind spot

regarding the impact of a breach on stock price

80+% HAVE BLIND SPOT

20

CMOs & IT professionals disagree with consumers

who say companies have an obligation to control

access to personal information

50%+ DISAGREE

21

MISCALCULATION of security risk on shareholder value

BLIND-SPOTSin C-suite have costly consequences

DATA BREACHESare a board and C-suite challenge not just an IT issue

RETHINK SECURITY

HOW DO ENTERPRISES REDUCE RISK?

23

MATURITY

Mitigate VPN Risk

Automate App Provisioning

Require Access Approvals

BETTER

Limit Lateral Movement

Grant Just Enough Privilege

Grant Just-in-Time Privilege

GREAT

EnforceLeast

Privilege

Risk Analytics

Complete automation

OPTIMAL

Log & Monitor

DANGER

Too Many Passwords

Too Much Privilege

REDUCING RISK IN HYBRID ENTERPRISE

MFA Everywhere

Risk-based Access

Consolidate Identities

SSO Everywhere

GOOD

Establish Identity Assurance

RISK

24

HOW CUSTOMERS USE CENTRIFY

STOP BREACHES THAT

Target Application

Single Sign-on

Adaptive MFA

Workflow & Lifecycle

Device Management

App Gateway

STOP BREACHES THAT

Start on Endpoints

Device Management

Adaptive MFA

App Management

Endpoint Privilege

Smartcard & Derived Credentials

STOP BREACHES THAT

Abuse Privileged Access

Least Privilege

Adaptive MFA

Identity Consolidation

Shared Password Management

Secure Remote Access

Session Recording & Monitoring

Auditing & Reporting

25

A RECOGNIZED LEADER

LEADER FORRESTER PIM WAVE

The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave

are trademarks of Forrester’s call on a market and is plotted using a detailed spreadsheet with

exposed scores, weightings, and comments. Forrester does not endorse any vendor, product, or

service depicted in the Forrester Wave. Information is based on best available resources. Opinions

reflect the judgement at the time and are subject to change.

NETWORK WORLD

CLEAR CHOICE WINNERLEADER GARTNER IDAAS MQ

Gartner “Magic Quadrant for Identity and Access Management as a Service” by Gregg

Kreizman, June 2016. Gartner does not endorse any vendor, product or service depicted in

its research publications, and does not advise technology users to select only those vendors

with the highest ratings or other designation. Gartner research publications consist of the

opinions of Gartner's research organization and should not be construed as statements of

fact. Gartner disclaims all warranties, expressed or implied, with respect to this research,

including any warranties of merchantability or fitness for a particular purpose. .

GARTNER CRITICAL CAPABILITIES

TOP VENDOR

Gartner does not endorse any vendor, product or service depicted in its research

publications, and does not advise technology users to select only those vendors

with the highest ratings or other designation. Gartner research publications consist

of the opinions of Gartner's research organization and should not be construed as

statements of fact. Gartner disclaims all warranties, expressed or implied, with

respect to this research, including any warranties of merchantability or fitness for a

particular purpose.

26

THANK YOU