Saturday, July 4, 2015

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Verizon - 2014 Data Breach Investigations Report - October 2014

Verizon - 2014 Data Breach Investigations Report - October 2014

“We have more incidents, more sources, and more variation than ever before—and trying to approach tens of thousands of incidents using the same techniques simply won’t cut it. Not only would the dominant incident characteristics drown out the subtleties of the less frequent varieties, but we cannot continue to study those characteristics as though they occur in isolation. In order to expose latent patterns in the data, we applied a statistical clustering technique. We identified nine patterns that together describe 92% of the confirmed data breaches we collected in 2013. We find it simply astounding that nine out of ten of all breaches observed by 50 global organizations over a full year can be described by nine distinct patterns.”
Published in: Business

Verizon - 2014 Data Breach Investigations Report - October 2014 from Gde Merklin



  • 5. 2013 YEAR IN REVIEW The year 2013 may be tagged as the “year of the retailer breach,” but a more comprehensive assessment of the InfoSec risk environment shows it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems. 2013 may be remembered as the “year of the retailer breach,” but a comprehensive assessment suggests it was a year of transition from geopolitical attacks to large-scale attacks on payment card systems. JANUARY January saw a series of reports of targeted attacks by what were probably state-sponsored actors. The Red October cyber-espionage campaign was exposed and responsible for targeting government agencies and research institutions globally, but in Russian-speaking countries in particular. Intelligence on a different series of attacks beginning with a “watering hole” attack on the Council on Foreign Relations web site (cfr.org) that began on Boxing Day 2012 was linked to actors using the Elderwood Framework. Meanwhile, the Izz ad-Din al-Qassam Cyber Fighters (QCF) were almost a month into Phase I of Operation Ababil Distributed Denial of Service (DDoS) attacks on U.S. financial services companies. FEBRUARY The segue into February was provided by The New York Times and the Wall Street Journal, with new reports of targeted cyber-espionage. And Sophos reported a new Citadel-based Trojan crafted to attack Point-of-Sale (POS) systems using a Canadian payment card processor. We would soon learn that www. iphonedevsdk.com became a watering hole, using a surprise attack on Java late in the month. Most InfoSec professionals well remember February as the month Mandiant (now FireEye) released its superb APT1 report. February was also the start of reports of data breaches from large enterprises, courtesy of the aforementioned iPhoneDevSDK: Facebook, Twitter, Apple, and Microsoft were all victims. Noteworthy retailer POS data breaches were reported by Bashas’ and Sprouts, two discrete grocery chains in the U.S. Southwest. Bit9 reported a data breach that began in July 2012, attacking its code-signing infrastructure. MARCH Fifty million Evernote users remember that March was the month they were forced to change their passwords. On March 20, the Republic of Korea suffered a large-scale cyber-attack that included disk corruption. We remain skeptical that the Cyberbunker-CloudFlare-Spamhaus DoS attack almost broke the Internet at the end of March. Group-IB reported “Dump Memory Grabber” (a.k.a. BlackPOS), a new POS Trojan that would go on to make headlines when news broke of Target Stores’ breach in December. This section is a compilation of the weekly INTSUM lead paragraphs posted to our blog and is 100% based on open source intelligence (OSINT). We maintain a very strong policy against identifying Investigative Response clients, and mentions of organizations in this section in no way imply that we conducted an investigation involving them or that they are among the victims in our dataset. VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 3
  • 6. APRIL In April, another U.S. grocery retailer, Schnucks, reported a POS data breach. The Syrian Electronic Army (SEA) did some damage when it hijacked the Associated Press’ Twitter account, sending a tweet reporting an explosion at the White House and causing a spasm on Wall Street. Operation Ababil continued, but OSINT cannot support attributing DoS attacks on several European banks to the QCF. MAY Cyber-espionage continued in May, with reports from QinetiQ and the U.S. Army Corps of Engineers. The SEA hijacked the Twitter accounts of both The Guardian and The Financial Times. A watering hole attack targeted nuclear weapons researchers in the U.S. for cyber-espionage, probably from China. More cyber-espionage campaigns reported in May included Operation Hangover, targeting Pakistan; Safe, targeting Mongolia; and operations by the Sunshop actors against Tibetan activists. The U.S. Department of Justice shut down Liberty Reserve, the go-to bank for cyber-criminals. JUNE Early in June, Raley’s, yet another U.S. grocer with stores in California and Nevada, reported its payment card systems were breached. NetTraveller, a global cyber-espionage campaign targeting diplomats in countries with interests not aligned with China occurred. A day later, The Guardian published the first intelligence leaked by Edward Snowden… and then InfoSec intelligence became the “All-Snowden-All-the- Time” channel. JULY July’s largest retailer data breach was reported by Harbor Freight, a U.S. tool vendor with 445 stores – nearly 200 million customers and we still don’t know how many records were compromised. The QCF initiated Phase IV of Operation Ababil. The SEA breached Viber, Tango, and the Daily Dot. The U.S. Department of Justice indicted four Russians and one Ukrainian for high-profile data breaches, including Heartland and Global Payments. AUGUST In August, the SEA hijacked the Twitter accounts of CNN, The Washington Post, Time Magazine, SocialFlow, and both The New York Times and New York Post. Attendees of the G8 Summit in St. Petersburg, Russia, were targeted for cyber-espionage by the Calc Team actors. SEPTEMBER In September, Vodafone notified two million customers their personal and financial information had been breached. Espionage reported in September involved the EvilGrab Trojan and separately, the Hidden Lynx actors who seem to engage in both espionage and cybercrime. New intelligence linked the Bit9 attack from February with Operation Deputy Dog, Hidden Lynx, and watering hole attacks on Japanese financial institutions. At the end of the month Brian Krebs began his reports on intelligence extracted from ssndob[dot]ms. The site was home to data stolen from some of America’s largest data brokers: Lexis-Nexis, Kroll, and Dun & Bradstreet. Cryptolocker made its first appearance in September, extorting money from victims that were willing to pay to decrypt their essential files. OCTOBER On October 3, Adobe announced its systems had been breached; eventually 38 million accounts were identified as affected. Intelligence connected this to the ssndob[dot]ms actors. Nordstrom, the luxury U.S. department store, discovered skimmers on some of its cash registers. Two of 2013’s big wins also occurred in October: Dmitry “Paunch” Fedotov, the actor responsible for the Blackhole exploit kit, was arrested in Russia, and Silk Road, an online fraud bazaar, was taken down. NOVEMBER The proverbial calm before the storm, November was fairly quiet. Banking malware evolved with reports of Neverquest and another version of IceIX. BIPS, a major European bitcoin payment processor, was the victim of one of the largest bitcoin heists recorded up to that point in time. DECEMBER The last significant entry under cyber-espionage for 2013 was the targeting of foreign ministries in European countries by Operation Ke3chang. The Washington Post reported its second breach of the year. And then InfoSec intelligence became the “All-Target-All-the-Time” channel. Although the breach of this major U.S. retailer was a little more than half the size of Heartland and three-fourths the size of TJX, it’s vying to become the event for which 2013 will always be remembered. Questions? Comments? Brilliant ideas? We want to hear them. Drop us a line at dbir@verizon.com, find us on LinkedIn, or tweet @VZdbir with the hashtag #dbir. 4 VERIZON ENTERPRISE SOLUTIONS
  • 7. VICTIM DEMOGRAPHICS Readers of the DBIR frequently approach us with two important questions. How generally representative are the findings of this report? Are these findings relevant to my organization? To help get you oriented with this year’s report, let’s see what the data has to show us. The 2013 DBIR featured breaches affecting organizations in 27 countries. This year’s report ups that tally by 350%, to 95 distinct countries (Figure 1). All major world regions are represented, and we have more national Computer Security Incident Response Teams (CSIRTs) than ever before. Our ability to compare global trends has never been higher. But it’s not quite that simple. The charter, focus, methods, and data differ so much between CSIRTs that it’s difficult to attribute differences to true variations in the threat environment.2 However, regional blind spots are getting smaller thanks to our growing list of contributors (see Appendix C), and we’re very happy with that. Figure 1. Countries represented in combined caseload Countries represented in combined caseload (in alphabetical order): Afghanistan, Albania, Algeria, Argentina, Armenia, Australia, Austria, Azerbaijan, Bahrain, Belarus, Belgium, Bosnia and Herzegovina, Botswana, Brazil, Brunei Darussalam, Bulgaria, Cambodia, Canada, Chile, China, Colombia, Congo, Croatia, Cyprus, Czech Republic, Denmark, Egypt, Ethiopia, Finland, France, Georgia, Germany, Greece, Hong Kong, Hungary, India, Indonesia, Iran, Islamic Republic of, Iraq, Ireland, Israel, Italy, Japan, Jordan, Kazakhstan, Kenya, Korea, Republic of, Kuwait, Kyrgyzstan, Latvia, Lebanon, Lithuania, Luxembourg, Macedonia, the former Yugoslav Republic of, Malaysia, Mali, Mauritania, Mexico, Moldova, Republic of, Montenegro, Morocco, Mozambique, Nepal, Netherlands, New Zealand, Oman, Pakistan, Palestinian Territory, Occupied, Peru, Philippines, Poland, Portugal, Qatar, Romania, Russian Federation, Saudi Arabia, Singapore, Slovakia, Slovenia, South Africa, Spain, Switzerland, Taiwan, Province of China, Tanzania, United Republic of, Thailand, Turkey, Turkmenistan, Uganda, Ukraine, United Arab Emirates, United Kingdom, United States, Uzbekistan, Vietnam, Virgin Islands. VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 5
  • 8. Industry Total Small Large Unknown Accommodation [72] 212 115 34 63 Administrative [56] 16 8 7 1 Agriculture [11] 4 0 3 1 Construction [23] 4 2 0 2 Education [61] 33 2 10 21 Entertainment [71] 20 8 1 11 Finance [52] 856 43 189 624 Healthcare [62] 26 6 1 19 Information [51] 1,132 16 27 1,089 Management [55] 10 1 3 6 Manufacturing [31,32,33] 251 7 33 211 Mining [21] 11 0 8 3 Professional [54] 360 26 10 324 Public [92] 47,479 26 47,074 379 Real Estate [53] 8 4 0 4 Retail [44,45] 467 36 11 420 Trade [42] 4 3 0 1 Transportation [48,49] 27 3 7 17 Utilities [22] 166 2 3 161 Other [81] 27 13 0 14 Unknown 12,324 5,498 4 6,822 Total 63,437 5,819 47,425 10,193 Next, let’s review the different industries and sizes of victim organizations in this year’s dataset (Figure 2). The Public sector’s astronomical count is primarily a result of U.S. agency reporting requirements, which supply a few of our contributors with a vast amount of minor incidents (more on that later), rather than a sign of higher targeting or weak defenses. Figure 3 filters out the minutiae by narrowing the dataset to only those incidents involving confirmed data compromise. Moving beyond the Public sector outlier, both Figure 2 and Figure 3 show demographics relatively similar to prior years. Industry Total Small Large Unknown Accommodation [72] 137 113 21 3 Administrative [56] 7 3 3 1 Construction [23] 2 1 0 1 Education [61] 15 1 9 5 Entertainment [71] 4 3 1 0 Finance [52] 465 24 36 405 Healthcare [62] 7 4 0 3 Information [51] 31 7 6 18 Management [55] 1 1 0 0 Manufacturing [31,32,33] 59 6 12 41 Mining [21] 10 0 7 3 Professional [54] 75 13 5 57 Public [92] 175 16 26 133 Real Estate [53] 4 2 0 2 Retail [44,45] 148 35 11 102 Trade [42] 3 2 0 1 Transportation [48,49] 10 2 4 4 Utilities [22] 80 2 0 78 Other [81] 8 6 0 2 Unknown 126 2 3 121 Total 1,367 243 144 980 We saw some increases where we added new industry-specific contributors, so pieces of the puzzle are filling in. Certain sectors will always skew higher in the victim count given their attractiveness to financially motivated actors — i.e., those that store payment card or other financial data. But even discounting that, we don’t see any industries flying completely under the radar. And that’s the real takeaway here — everyone is vulnerable to some type of event. Even if you think your organization is at low risk for external attacks, there remains the possibility of insider misuse and errors that harm systems and expose data. So, we can’t claim to have unbiased coverage of every type and size of organization on the planet (fingers crossed for next year, though!). But we dare say that the majority of readers will be able to see themselves or something that looks enough like them in this sample. For more information on the NAICS codes [shown above] visit: https://www.census.gov/cgi-bin/sssd/naics/naicsrch?chart=2012 Small = organizations with less than 1,000 employees, Large = organization with 1,000+ employees Figure 2. Number of security incidents by victim industry and organization size, 2013 dataset Figure 3. Number of security incidents with confirmed data loss by victim industry and organization size, 2013 dataset 6 VERIZON ENTERPRISE SOLUTIONS
  • 9. A DECADE OF DBIR DATA Long-time readers of this report will know that we’re not very good at maintaining the status quo. The sources of data grow and diversify every year. The focus of our analysis shifts. The way we visualize data and organize results evolves over time. And with the 2014 DBIR, we’re really gonna shake things up. This section attempts to create an “as-comparable-as-possible” set of findings to previous DBIRs. It “only” includes breaches from 2004-2012, plus the 1,367 incidents for which data compromise was confirmed in 2013. While this does make it hard to meaningfully compare trends across time, it has the positive effect of shining light into new and shadowy areas each year. The truth of the matter is that we’re more interested in exploring and learning than churning out the same ‘ol stuff each time just to measure deltas. That said, measuring deltas has value and we know readers appreciate some level of continuity between reports. Thus, this section attempts to create an “as-comparable-as-possible” set of findings to previous DBIRs. It “only” includes breaches from 2004-2012, plus the 1,367 incidents for which data compromise was confirmed in 2013. It’s worth noting that this represents the high mark in ten years of data breaches, and is the first time we’ve crossed 1,000. (Give a round of applause to all those contributors who keep adding fuel to the bonfire.) We began writing a lot of commentary for this section, but then changed our minds. Instead, we’ll churn out some eye candy for you to chew on as long as you like with only a few general observations from us. We began writing a lot of commentary for this section, but changed our minds. Instead, we’ll churn out some eye candy for you to chew on as long as you like, with only a few general observations from us. A BRIEF PRIMER ON VERIS AND VCDB The Vocabulary for Event Recording and Incident Sharing (VERIS) is designed to provide a common language for describing security incidents in a structured and repeatable manner. It takes the narrative of “who did what to what (or whom) with what result,” and translates it into the kind of data you see in this report. Because we hope to facilitate the tracking and sharing of security incidents, we released VERIS for free public use. Get additional information on the VERIS community site ; the full schema is available on GitHub. Both are good companion references to this report for understanding terminology and context. www.veriscommunity.com | github.com/vz-risk/veris Launched in 2013, the VERIS Community Database (VCDB) project enlists the cooperation of volunteers in the security community in an attempt to record all publicly disclosed security incidents in a free and open dataset. We leverage VCDB for a few sections in this report, which are clearly marked. Learn more about VCDB by visiting the website below. vcdb.org VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 7

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Anatomy Of A Breach: The Good, The Bad & The Ugly

Anatomy Of A Breach: The Good, The Bad & The Ugly

Today's security and privacy professionals know that breaches are a fact of life. Yet their organizations are often not prepared to respond when the time comes. They're "overweight" on prevention and detection, but "underweight" on response.

Based on a decade-plus caseload of actual breach investigations across of range of different organizations, this webinar will examine an amalgamated, anonymized breach situation and review a play-by-play of how the response went: the good, the bad, and the ugly. Attendees will gain hard-earned, battle-tested insight on what to do, and what to avoid when it's their turn to respond to an incident.

Our featured speakers for this timely webinar will be:

- Don Ulsch, CEO, ZeroPoint Risk. Distinguished Fellow at the Ponemon Institute.

- Joseph DeSalvo, Managing Director, ZeroPoint Risk. Former CSO at Mylan and Iron Mountain.

- Ted Julian, Chief Marketing Officer, Co3 Systems. Serial security and compliance entrepreneur. 
Published in: BusinessTechnology

 Transcript

  • 1. Anatomy of a Data Breach The Good, The Bad, & The Ugly
  • 2. Page 2 Agenda • Introductions • Today’s Breach Reality • Common Breach Scenario Themes • What Happens: The Good, The Bad, and The Ugly • Conclusions • Q&A
  • 3. Page 3 Introductions: Today’s Speakers • Ted Julian, Chief Marketing Officer, Co3 Systems • Serial security and compliance entrepreneur • Don Ulsch, CEO, ZeroPoint Risk • Distinguished Fellow at the Ponemon Institute • Joseph DeSalvo, Managing Director, ZeroPoint Risk • Former CSO at Mylan and Iron Mountain
  • 4. Page 4 SSAE16TYPEIICERTIFIED HOSTINGFACILITY DASHBOARDS&REPORTING Co3’s Incident Response Management Platform Automated Escalation Accelerate response by easily creating incidents from the systems you already have Email Web Form Trouble Ticketing Entry Wizard SIM Streamlined Creation + Collaboration Create IR plans instantly based on regulations, best practices, and standard operating procedure. Collaborate on plan execution across multiple functions IR Plan Marketing Legal/Compli anceIT HR Industry Best Practices Organizational Best Practices Privacy Breach Requirements Industry Standard Frameworks Regulatory Requirements Intelligent Correlation Determine related incidents automatically to identify broader, concerted attacks Integrated Intelligence Gain valuable threat intelligence instantly from multiple intelligence feeds Accelerated Mitigation Speed results by easily outputting outcomes to your management platforms SIMTrouble Ticketing GRC
  • 5. Page 5 ZeroPoint Risk Research LLC • ZeroPoint Risk Research LLC is a research and consulting company concentrating on both pre-breach prevention and post-breach investigation and recovery services for clients possessing regulated and unregulated data. • Its CyberBreach Situation Report, written by Don Ulsch, is received monthly by nearly half a million professionals.
  • 6. Page 6 Today’s Breach Reality Data breaches are on the rise and organizations are unprepared to detect them or resolve them - • data breaches have increased in both severity (54 percent) and frequency (52 percent) in the past 24 months • …organizations are facing a growing flood of increasingly malicious data breaches, and they don’t have the tools, staff or resources to discover and resolve them 1 “The Post Breach Boom” – The Ponemon Institute, February 2013 THE PONEMON INSTITUTE 1
  • 7. Page 7 Today’s Breach Reality “If you are going to invest in one thing, it should be incident response” GARTNER 2 “You can’t afford ineffective incident response” FORRESTER RESEARCH 3 “Only 20% of respondents rate their IR program as being ‘very effective’” 1 “Top spending priorities are training and automation tools” 2013 INCIDENT RESPONSE SURVEY – iSMG 1 “The Need For Speed: 2013 IR Survey”- Information Security Media Group - August 2013 2 Gartner Security Summit, Keynote Address - June 2013 3 “Seven Habits of Highly Effective Incident Response Teams” - April 2013
  • 8. Page 8 Breach Scenario – Common Findings • Source • 3rd-party data provider or technology service provider • Cause • Ineffective management of 3rd-party business associate relationships • Increased reputation risk • Greater likelihood of information compromise • Other Traits • Discovered long after it occurred • Inadequate testing for toxic IP addresses
  • 9. Page 9 Breach Scenario (continued) • Big gap between understanding security and its relationship to managing risk • This separates the Board and executive management from operations • GC of the breached company fills this void • Risk awareness with executives remains low, but is rising • Many still have an archaic view of technology • Enablement and cost-savings, not a Trojan Horse into the enterprise • Breaches always cost more than you think
  • 10. Page 10 What Happened? Top reasons why compromises occur • End users and endpoints • Click on anything • Disable endpoint security settings • Use vulnerable, legacy software and hardware • Fail to install security patches • Fail to install anti-virus • Fail to report lost or stolen device • Connect to a private network from a public network (ex. coffee shop) • Use a second access point (mobile broadband from smart phone); creating a bypass • Use weak or default passwords, reuse passwords • Reveal passwords over the phone
  • 11. Page 11 What Happened? Top reasons why compromises occur • Infrastructure • Connect systems and virtual images to the Internet before hardening them • Connect test systems to the Internet with default accounts or passwords • Fail to update or patch systems/applications on a timely basis • Fail to implement or update virus detection software • Use legacy or end-of-life software and hardware • Run unnecessary services • Use insecure back-end management software • Fail to remove old/unused user accounts • Implement firewalls with rules that don’t stop malicious or dangerous incoming or outgoing traffic • Fail to segment network and/or adequately monitor/block malicious traffic with IDS/IPS
  • 12. POLL
  • 13. Page 13 Breach: The Good, The Bad and The Ugly The Good: • Like a personal illness, a breach tends to focus the organization, often resulting in improved awareness, response, and sustainability of better preparedness, technology and risk management processes The Bad: • Employees lose jobs, executives are sometimes discharged, trust between company and customer is diminished, and recovery is expensive The Ugly: • Stock plummets, employees get indicted, firm is put out of business
  • 14. Page 14 Conducting a Breach Investigation • Attorney-client privilege • Establish a breach investigation management team • Establish chain of custody requirements • Begin process to confirm that a breach has occurred and profile its scope and dimension • Determine range of affected information • Establish detailed breach history • If there is no breach history, look for similar breaches of regulated data at other companies
  • 15. Page 15 Conducting a Breach Investigation (continued) • Examine intellectual property and trade secret breaches to see if attacks are similar in nature to the current breach • Change passwords throughout the organization, using complex characters • Determine if breach is ongoing • Review insurance coverage • Determine if data was encrypted • Image hard drives and begin forensic examination • Begin web and behavioral web analytics – IP addresses, web sites, email addresses – to assess potential damage • Determine possible origination with Threat Database
  • 16. Page 16 Conducting a Breach Investigation (continued) • Determine source of the breach • Determine point(s) of breach • Determine method of breach • Did breach or attempted breach involve proximity? • Determine type of data potentially affected • Determine if law enforcement notification is in order • Interim reporting • Develop tactical plan for point of breach containment • Determine contract obligations and reporting requirements (may be separate from regulatory reporting requirements)
  • 17. Page 17 Conducting a Breach Investigation (continued) • Examine enterprise risk management framework • Examine policies and procedures for information security and privacy and compliance • Establish regulatory reporting requirements in case such notification becomes a requirement • Determine requirement for Temporary Restraining Orders/Abuse Reports and execute • Depending on circumstances, contain breach information to the breach management team • Reporting
  • 18. POLL
  • 19. Page 19 • What Should Companies be Doing to Protect Information, Intellectual Property and Trade Secrets? • Data Classification and Role Based Access • Inventory regulated and critical data (where does it reside?) • Establish need to know access and ensure extra screening • Eliminate access when the need expires • Institute continual monitoring • Annual certification by supervisors (for continuing access) • Role changes – does the person still require access? • Department changes – does the person still require access? Conclusion
  • 20. Page 20 Conclusion (continued) • Institute Robust Risk Assessment and Controls to Avoid Low Awareness and False Sense of Security • Offshore Relationships and Vendor Management • Must partners maintain the same security as your co. (physical, logical, administrative)? • Background screening of candidates • Verifying employment, addresses, and education isn’t enough • Competitors, organized crime, and foreign nations infiltrate companies with people that can pass cursory checks
  • 21. QUESTIONS
  • 22. One Alewife Center, Suite 450 Cambridge, MA 02140 PHONE 617.206.3900 WWW.CO3SYS.COM “Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” PC MAGAZINE, EDITOR’S CHOICE “Co3…defines what software packages for privacy look like.” GARTNER “Platform is comprehensive, user friendly, and very well designed.” PONEMON INSTITUTE Don Ulsch don.ulsch@zeropointrisk.com 978-808-6526 Joe DeSalvo joseph.desalvo@zeropointrisk.com 704-907-4557 “One of the hottest products at RSA…” NETWORK WORLD – FEBRUARY 2013

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls

The Realities of HR Technology in EMEA - Elearnity

The Realities of HR Technology in EMEA - Elearnity



Transcript

  • 1. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved European HR Realities 2014 HR Tech Europe: Initial Elearnity Survey Results David Wilson, Managing Director davidw@elearnity.com @dwil23 in association with
  • 2. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved Accelerate & De-Risk 9-Grid™ Vendor Perspectives Research & Best Practices Accelerated Process & Independent Advice
  • 3. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved Research Goal •To understand the realities of key HR Trends, Drivers and Challenges within the European Market •Survey of HR & related Professionals across Europe •Targeted at Corporate Organisations •Over 200 organisations completed
  • 4. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved THE RESPONDENTS A PREDOMINATELY EUROPEAN ENTERPRISE PERSPECTIVE 62% Respondents from Organisations > 5000 Employees 95% of respondents European Over 200 survey respondents overall
  • 5. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved 39% primary focus HR Systems 39% responsible for at least one aspect of the Talent Cycle 15% respondents primarily Talent Acquisition 13% primary focus HR Operations 6% respondents have a role focused on IT 12% primary focus Employee & Exec Development 93% HR FOCUSED ROLE - A DELIBERATELY HR BIASED PERSPECTIVE
  • 6. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved have a role with Global Responsibility 60% EUROPEAN - BUT ALSO GLOBAL INFLUENCE
  • 7. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved What did they tell us about HR in Europe? HR Tech Europe Amsterdam 2014 Initial Elearnity Survey Results HR
  • 8. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved EUROPEAN HR – KEY CHALLENGES Increasing Organisation Performance & Profitability 95% Reducing Costs 88% 86% Improving Customer Satisfaction & Service Quality Currently, what are your organisation's most significant business challenges? For 66% this is a Major Challenge For 56% this is a Major Challenge For 41% this is a Major Challenge € €
  • 9. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved A CENTRALISED HR APPROACH – IS NOT THE DOMINANT OPERATING MODEL 67% are using either a Decentralised or Federated HR Operating Model 33% 55% 12% This has massive implications for HR Tech choices, approaches to change management and the effort / impact / opportunities / success of standardisation
  • 10. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved European HR’s Top Priority as an HR Organisation is to be a Strategic Business Partner 56% •56% Strategic Business Partner •42% Better leadership & management •41% Enhancing the talent pipeline •40% Increasing the consistency of HR processes •37% Improving HR service quality & provision HR’S TOP PRIORITIES ARE TO ADD STRATEGIC AND TRANSACTIONAL VALUE
  • 11. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved EUROPEAN HR HAS SOME MAJOR CHALLENGES… cite workers councils & unions, data privacy, legislation, culture, language, localisation & travel budgets – as challenges for operating HR in Europe 70%
  • 12. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved IN HR TECH WE TRUST… but.. Outsourcing HR Processes is only seen as Critically or Very Important for <20% of respondents TOP 5 LEVERS for Future Success of European HR Operations 87% Critically or Very Important 78% Critically or Very Important 89% Critically or Very Important 88% Critically or Very Important 74% Critically or Very Important
  • 13. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved FUTURE SUCCESS = CHANGING HR ? 50% believe Future HR Success is dependent on Re-organisation to create better business alignment 63% believe Future HR Success is dependent on New or Enhanced Processes 65% believe Future HR Success is dependent on Upskilling HR Teams
  • 14. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved A STRONG INTERNAL TALENT PIPELINE IS THE LEADING MEASURE OF SUCCESS FOR HR STRATEGY Top Measures of Success for HR Strategy 1.Strong Talent Pipeline 2.Employee Engagement 3.Employer of Choice 4.Company Profitability 5.Cost of HR Operation Building a strong internal talent pipeline is seen as 5x more important as a measure of success than having a HR presence at Board level
  • 15. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved HR Systems & Technology in association with
  • 16. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved 67% have Partially Standardised HR Systems, less than 20% have Very Standardised HR Systems across their organisation There is a significant overall market opportunity to consolidate HR Systems Suites. FRAGMENTED HR SYSTEMS APPROACH?
  • 17. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved Only 1 in 10 are Extremely Satisfied with their HR Systems HR TECH FAILS TO IMPRESS… Overall, what is your level of satisfaction with your organisation's HR technologies?
  • 18. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved 1/3rd Not Satisfied with either Recruitment, Learning and Development, Workforce Planning, Analytics, Succession Planning or Onboarding solutions The highest levels of dissatisfaction: - Workforce Planning & Organisational Design - Succession Planning 43% 40% HR TECH FAILS TO IMPRESS…
  • 19. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved SIGNIFICANT OPPORTUNITY AND RISKS FOR VENDORS OVER THE NEXT 3 YEARS… Nearly 60% envisage changing their Talent Acquisition or Analytics platform within the next 2 years Close to 50% envisage changing their Succession Planning, Performance Management, Reward & Recognition, Onboarding, Learning & Development or Core HR solutions within the next 3 years
  • 20. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved THE SUPPLIER WAKE UP CALL! 1.Solutions Business Agility and Flexibility 2.Quality of End User Experience 3.Lack of Analytics 4.Reducing Total Cost of Ownership 5.Deficiencies in Functionality Over a 1/3rd identified User Experience or Lack of Business Agility & Flexibility as a CRITICAL DRIVER behind changing HR systems! THE TOP 5 DRIVERS TO CHANGE HR SYSTEMS 1 2 3 4 5
  • 21. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved CLOUD ADOPTION & CHALLENGES
  • 22. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved HR Outsourcing? in association with
  • 23. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved KEY AREAS OF HR ALREADY OUTSOURCED 54% Payroll 42% IT Systems Support 41% Leadership Development & Coaching 35% Training, Strategic Consultancy, Systems Implementation, Assessment, Recruitment or Industry Benchmarking
  • 24. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved TOP 3 AREAS WHERE ORGANISATIONS ARE PLANNING TO USE OUTSOURCING 1.Training & Learning 2.Assessment 3.Administration & Transaction Management 1 2 3
  • 25. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved THE DRIVERS FOR HR OUTSOURCING 78% € 77% Reduce Operating Costs Gain Access to Expertise Increasing Governance was the least Critical driver <5% 75% Increase Flexibility to Fluctuating Demands
  • 26. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved QUALITY OF SERVICE, COST & CONTRACTING SEEN AS THE BIGGEST BARRIERS TO OUTSOURCING See cost as a challenge to HR outsourcing 70% See complexity of contracting as a challenge to HR outsourcing 66% For 1 in 3 this as a major challenge 75% See Quality of Service as a challenge to HR outsourcing For 1 in 4 this as a major challenge For nearly 1 in 3 this as a major challenge
  • 27. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved … and Overall? in association with
  • 28. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved OVERALL VIEW OF HR EFFECTIVENESS Overall, how satisfied do you believe your business executive / board are with your HR services? 0% were Extremely Satisfied with Talent Succession or Talent Acquisition No HR Services were able to score an Extremely Satisfied rating >10%
  • 29. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved HR EFFECTIVENESS – SPECIFIC AREAS Overall, how satisfied do you believe your business executive / board are with your HR services? Just over 40% were Satisfied with Employee Engagement, Compensation & Benefits or Leadership Development Analytics is a key weakness in perceived HR Effectiveness < 1 in 5 Extremely Satisfied or Very Satisfied Only 2% are Extremely Satisfied
  • 30. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved INFOGRAPHIC & VIEWPOINT
  • 31. Deep insights, pragmatic advice Deep insights, pragmatic advice © Copyright Elearnity Limited All Rights Reserved Thank You Any Questions? Elearnity 9-Grid™ www.elearnity.com/9-grid.html Elearnity Perspectives www.elearnity.com/perspectives.html davidw@elearnity.com @dwil23

Beautiful Girls

Beautiful Girls

Beautiful Girls

Beautiful Girls