EVIDENCE OF CYBERSECURITY

BREACHES ABOUND IN OUR

DAILY LIVES BOTH AT WORK
AND AT HOME.
Alarming stories in the press and comprehensive reports, such
as Verizons 2013 Data Breach Investigations Report, serve as
daily reminders that we need controls in place and constant
vigilance to prevent considerable losses in data, funds and
intellectual property.
Due to widespread concern about the issue, Silicon Valley Bank
decided to poll our clients about how theyre addressing
this clear and present risk with revealing results from the
unique perspective of technology companies themselves.
Cybersecurity Risk is Real and Growing
Most survey respondents believe cybersecurity is a serious
threat to both their data and business continuity, with a full
51% rating the threat to business interruption as very serious
or serious. The threat to data or intellectual property (IP)
was viewed as more signifcant with 60% saying it was a very
serious or serious threat. Sofware companies are more likely
than those in healthcare and cleantech/hardware to consider a
cyber attack a serious threat in terms of business interruption
(58% versus 47% and 41%, respectively).
Threat Cyber Attack
Causes Serious Business
Interruption
very Serious Threal
Hinor Threal
Serious Threal
Nol al All a Threal
Hoderale Threal
Threat of Cyber Attack
to Company Data or IP
100%
90%
80%
70%
60%
50%
40%
30%
20%
10%
0%
51%
60%
25% 31%
29%
18%
20%
26%
25%
22%
Level of Concern aboul Cybersecurily Threal
If our security fails, it has the strong potential to destroy
the company. We take that risk very seriously.
CEO, Cloud Infrastructure Company
CYBERSECURITY REPORT
Cybersecurity Survey
Impact on Innovation
CYBERSECURITY REPORT 2
Only 35% are Completely or Very Confdent About
Their Own Security, and Even Less Confdent About
Business Partners
Overall, companies express confdence in the security of their
information, but only 35% are completely/very confident,
while 57% are moderately confdent. Survey respondents
were far less confdent about the security measures taken
by their critical business partners, including vendors,
distributors and customers, with only 16% completely/
very confident.
I believe it will be an ever-increasing concern and challenge.
We are particularly concerned about foreign states who attempt
to hack into our businesses.
CEO, Consumer Electronics Company
57%
27%
16%
57%
8%
35%
Confidence in Security of Information
Moderately Confident Not Confident Completely/Very Confident
Security Measures of Partners Own Company Information
Way too much resource must be spent managing and defending,
which prevents time better spent on innovation and growth.
Very sad state for the technology community.
CEO, Big Data Company
98% of Companies Are Maintaining or Increasing
Security Resources
Of those 98%, half say theyve increased resources (time or
money) devoted to the problem this year.
%
%
%
%
More resources About the same Fewer resources
Amount of Resources for Cybersecurity
We've dedicated
an Info Security
Officer to this role.
49% 49%
2%
Firewalls, hosting
facilities and business
continuity plans.
Resources Focus on When, Not if, Attack Occurs
Notably, companies are currently investing more in measures
to respond to inevitable attacks monitoring, preventive
policies, training and stafng than in preventative
infrastructure. This is consistent with executives describing
an increase in the magnitude of cyber attacks, not only in
frequency but also in the severity of highly organized attacks
from rogue nations.
Its a constant battle that wont go away and we are now
spending more to protect ourselves from when we are hacked
than to try and keep from being hacked.
CEO, Financial Technology Company
Monitoring/Assessment
Policies/Controls
Hiring
Software
Firewalls
Encryption
Authentication/Access
Cloud
Servers
Hosting
% % % % % % % % % % %
Top Cybersecurity Investments
MOST TECH AND HEALTHCARE
EXECUTIVES VIEW CYBER
ATTACKS AS A SERIOUS THREAT,
NOT JUST HYPE.
Cybersecurity is an important issue, and needs to be integrated
into every aspect of the running of the company.
CEO, Enterprise Applications Startup
CYBERSECURITY REPORT 3
Key offering
No plans to add
Component of offering
Dont currently have but plan to
%
%
%
%
%
%
Software Hardware/Cleantech/
Other
Healthcare
Role of Cybersecurity Functionality in Key Offering
15%
6%
56%
36%
6%
53% 60%
10%
30%
8%
21%
Most Companies Have Security Aspect to Product
Attention to cybersecurity now cuts to the core of what
companies do. Over half of respondents say cybersecurity
is at least one component of their product ofering. Not
surprisingly, sofware companies are most likely to ofer a
cybersecurity component to their product.
Although there is a lot of useless media hype, cybersecurity
is important and should never be ignored. For the foreseeable
future, cyber attacks will be a daily constant for any company
with an Internet presence.
CEO, Hardware/Cleantech Startup
Data security is and always will be an important part of
technology infrastructure. The cloud is not a silver bullet.
CEO, IT Services Startup
Media Coverage Makes an Impact
For nearly half of executives surveyed, increased media
attention to cyber attacks has changed the tide of opinions
on cybersecurity and has helped heighten its priority in
companies across the board. In addition to risks to their
intellectual property and business interruption, they may be
keenly aware of the mounting customer concern that comes
from rising media exposure which in turn creates even
more incentive to beef up cybersecurity resources.
Media
Had Impact
48%
32%
14%
4%
3%
No Cybersecurity remains an
important priority
No This is just media hype
Other
Yes My company is making
cybersecurity a bigger priority
Yes - I am more aware
of the cybersecurity threat
Impact of Media on Cybersecurity Perceptions
Not Everyone is Embracing the Clouds Public Nature
Most respondents say they still store company information
either privately or only partially on the cloud, showing a
lower appetite for using the public cloud even with security
measures in place to cost-effectively store important
company information. While 52% are storing information
privately, nearly half are using the public cloud for at
least some of their data. Sofware companies are the most
aggressive users, with 59% using the public cloud for at
least some of their data likely one reason why they are the
sector most concerned about IP and business risk, and most
infuenced by media coverage. Early-stage companies are also
more likely to embrace the cloud, presumably to lower their
costs and achieve efciencies even at a small scale.
%
%
%
Public cloud only Both Private cloud only Neither
19%
29%
34%
18%
How Company Information is Stored
Study Methodology
Results for Silicon Valley Banks cybersecurity study were
collected through an online survey conducted from July
16-29, 2013. The survey was completed by 216 C-level tech
and healthcare clients, 65% of whom are President/CEO.
Industry distribution of respondents is 43% software,
20% healthcare, 14% consumer Internet and digital media,
8% hardware and 7% clean technology. Seventy-fve percent
of respondent companies are startups and 20% in growth
stage. Over 60% are based on the west coast. All fgures in
this report are based on the unweighted responses to closed-
ended questions, except the statistics in the Top Security
Investments graph, which are based on the classifcation of
free-form open-ended comments typed by survey participants.
About Silicon Valley Bank
Silicon Valley Bank is the premier bank for technology, life
science, cleantech, venture capital, private equity and premium
wine businesses. SVB provides industry knowledge and
connections, fnancing, treasury management, corporate
investment and international banking services to its clients
worldwide through 28 U.S. ofces and six international
operations. (Nasdaq: SIVB) www.svb.com.
Silicon Valley Bank
3003 Tasman Drive
Santa Clara, ca 95054
t 408 654 7400
svb.com
2013 SVB Financial Group. All rights reserved. Silicon Valley Bank is a member of FDIC and Federal Reserve System.
SVB>, SVB>Find a way, SVB Financial Group, and Silicon Valley Bank are registered trademarks. B-13-12992. Rev 09-16-13.