New Federal Regulations on Cyber Security Lead to Revenue Loss, Business Disruption and Loss of Productivity in Financial Services Sector, Radware Survey Finds

Large Number of U.S. Businesses Still Unaware of Specific Federal Guidelines for Application and Network Security

MAHWAH, N.J., Sept. 22, 2014 (GLOBE NEWSWIRE) -- Radware® (Nasdaq:RDWR), a leading provider of application delivery and application security solutions for virtual and cloud data centers, released a new survey which finds that even though 87 percent of those surveyed in the financial service industry agree that current regulatory changes are very important or critical to keeping their companies and industry secure, these new federal guidelines were having an adverse impact on their businesses.

Survey respondents revealed that revenue loss (58 percent), business disruption (57 percent) and productivity loss (54 percent) ranked highly as the biggest consequences of new federal guidelines for the financial services sector. Four in ten respondents stated that federal regulations were adversely affecting bottom line results, causing a significant impact to IT CAPEX and OPEX. The survey also uncovered that while nearly all claim to be very or somewhat familiar with new guidelines, a substantial number, both in financial services and other industries, are still unaware of the specific regulations that would impact their business such as the Federal Financial Institutions Examination Council (FFIEC) Joint Statement on DDoS Cyber Attacks and Risk Mitigation.

Radware commissioned an in-depth survey from IDG Research Services, a leader in technology and media research, to gauge how changes to federal guidelines regarding application and network security have impacted medium to large businesses in the United States. Chief among the respondents were CIO/CTOs representing the financial services industry with global annual sales of $5 billion or more.

"Radware conducted this survey to investigate what organizations are doing in response to current regulatory changes that essentially were enacted to safe-proof their networks from future, potentially even more detrimental attacks," said Carl Herberger, vice president of security solutions for Radware. "While companies are taking the right steps to adjust to the ever-changing regulatory landscape, institutions need to be better informed on the specifics of new laws in order to implement the most cost- and resource-efficient measures."

In order to manage new guidelines, respondents cited investing in new or specialized technologies as the most common approach (53 percent) to currently dealing with these issues, followed by changing security processes, protocols and mandates (49 percent) and creating new security models (47 percent). 43 percent said they assigned extra budgets, with an average increase of 14 percent to address new federal regulations.

"Companies are implementing numerous strategic changes in order to remain compliant with new regulations and guidelines," says Janet King, senior vice president, IDG Research Services. "Despite the significant cost to their businesses, most respondents agree that regulatory changes are critical in keeping data and personal information safe from the wrong hands."

Results also show that escalated expenditures and resources were not the only concern. 86 percent of financial services respondents are more concerned about the possibility of cyber-attacks than non-financial organizations, and yet a third believe their businesses are ill-prepared to safeguard against them.

A small amount of respondents stated their business does not have a strategy for protecting against distributed denial of service (DDoS) attacks (eight percent) – a common attack vector employed by hackers.

"It is imperative that companies, not just the financial services industry, do everything in their means to not only mitigate cyber threats, but also to comply with emerging industry regulations in order to optimally protect their networks, applications and data – and most importantly, their customers," added Herberger. "Although these responses quantify the growing importance of network security and indicate a clear desire for regulation, there is still more needed to be done in terms of cyber security education and implementation across all industries. By learning from other industries and working with peers, companies can implement technology and protocols that reduce the risk of a cyber attack while limiting the impact to their bottom lines."

Other key findings from Radware and IDG's latest survey include:

  • Unauthorized access (48 percent), theft of IP (47 percent), sabotage (47 percent), and worm and virus damage (46 percent) are the most harmful attacks to the business
  • Loss of revenue (39 percent) tops the list of negative outcomes resulting from a cyber attack, followed by loss of customers (38 percent)
  • 63 percent of respondents indicated a willingness to adopt application and network security best practices from another industry
  • 80 percent of respondents place a critical or very high degree of importance on the federal government imposing stricter regulations around application and network security
  • 84 percent expect network and applications security to be more tightly regulated by the government over the next 12 months
  • 35 percent expect the frequency of cyber attacks to increase over the next year, while 44 percent anticipate the number of attacks to remain the same
  • 58 percent of survey respondents have filled out a Security and Exchange Commission questionnaire for compliance in the past 12 months

To access the survey findings, including methodology and research objectives, please visit:


About Radware

Radware (Nasdaq:RDWR) is a global leader of application delivery and application security solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full resilience for business-critical applications, maximum IT efficiency, and complete business agility. Radware's solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down.  For more information, please visit

Radware encourages you to join our community and follow us on: Facebook, Google+, LinkedIn, Radware Blog, SlideShare, Twitter, YouTube, Radware Connect app for iPhone® and our security center that provides a comprehensive analysis on DDoS attack tools, trends and threats.

About IDG Research Services

IDG Research Services specializes in marketing and media-related research for technology marketers. As a division of International Data Group (IDG), the world's leading technology media, research, and event company, IDG Research Services brings the resources and experience of a large, global company to its clients in the form of a small, customer-focused business. For more information please visit our website.

©2014 Radware, Ltd. All rights reserved. Radware and all other Radware product and service names are registered trademarks or trademarks of Radware in the U.S. and other countries. All other trademarks and names are property of their respective owners.

This press release may contain statements concerning Radware's future prospects that are "forward-looking statements" under the Private Securities Litigation Reform Act of 1995. Statements preceded by, followed by, or that otherwise include the words "believes", "expects", "anticipates", "intends", "estimates", "plans", and similar expressions or future or conditional verbs such as "will", "should", "would", "may" and "could" are generally forward-looking in nature and not historical facts. These statements are based on current expectations and projections that involve a number of risks and uncertainties.  There can be no assurance that future results will be achieved, and actual results could differ materially from forecasts and estimates.  These risks and uncertainties, as well as others, are discussed in greater detail in Radware's Annual Report on Form 20-F and Radware's other filings with the Securities and Exchange Commission.  Forward-looking statements speak only as of the date on which they are made and Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made.  Radware's public filings are available from the Securities and Exchange Commission's website at or may be obtained on Radware's website at


Contact Data