Radware's Global Application & Network Security Report Reveals

FOR IMMEDIATE RELEASE
Radware's Global Application & Network Security Report Reveals
Cyber Attacks Now Longer and More Continuous, Lasting One Month on Average
Annual Report also uncovers Gaming, Education and Healthcare Industries
at Higher Risk of Cyber Attacks, Identifies Top Disruptive Trends
and highlights Notable Attack Vectors
MAHWAH, N.J., December 10, 2014 -- Radware® (NASDAQ: RDWR), a leading provider of
application delivery and application security solutions for virtual and cloud data centers, today
announced the release of its 2014-2015 Global Application and Network Security Report. The
annual report indicates that cyber-attacks have reached a tipping point in terms of quantity, length,
complexity and targets. As cyber threats are growing and expanding to new targets, 52% of
respondents to Radware’s report, reveal they can effectively fight an around-the-clock campaign for
only a day or less.
Radware’s 53-page report was developed by the company’s Emergency Response Team (ERT),
which actively monitors and mitigates attacks in real-time. The ERT has extensive experience
handling attacks ‘in the wild’ as they occur. The firsthand and statistical research of Radware’s
2014-2015 report was compiled using data from 330 individual respondents within a wide variety of
organizations globally.
“It would not be a surprise to see double the number of attacks occurring in the next 12 months and
companies need to stay vigilant,” says Ron Winward, director of network engineering at
ServerCentral, a respondent of Radware’s annual security report. Winward added, “Attacks are
becoming far more sophisticated. Staying abreast of the changes in attack patterns, objectives and
execution is something that must remain ‘on’ at all times.”
Designed to benefit the entire security community, this report provides a comprehensive and
objective review of 2014 cyber-attacks from both a business and a technical perspective and gives
best practices advice for organizations to consider when planning for cyber-attacks in 2015. It also
offers a framework for understanding the “why” behind cyber-attacks—providing an orderly way to
assess seemingly chaotic threats.
Key findings from the report include:

A Watershed Year: From a cyber-attack perspective, 2014 has been a watershed year for a
number of industries, including electric and power, healthcare, financial services. Attacks
are rife with great complexity and zeal and require sophisticated solutions to solve the
complexity of the threat. Attackers have adapted to multiple mechanisms of cyber-defense
employed by organizations, fighting back with multiple techniques in a single attack.

Constant Attacks on the Rise: 19 percent of the major attacks reported are considered
“constant” by the targeted organization. In past years (2013, 2012 and 2011), organizations
have reported many weeklong and even month-long attacks—but never have more than 6
percent reported experiencing constant attacks.

New Point of Failure in DDoS Attacks: Previous years has shown DDoS attacks directed
to the server or firewall. However, due to an increase in UDP attacks, the Internet pipe has
been regarded as the number-one failure point in 2014.

Hybrid Security Solutions Gaining Ground: More than a third of respondents (36%)
indicated that they have employed hybrid solutions to help gain ground against attacks,
combining on-premise equipment with cloud solutions. Nearly half of responses (48%)
suggest that they will employ a hybrid solution by 2015.

Executive Insights – What Keeps Security Professionals up at Night: A qualitative study
and exploration of the most pressing problems and persistent challenges that can cause a loss
of sleep with executives in the C-Suite. Responses from CIOs, CISOs and VP-level
executives within billion-dollar enterprises and best security measures they have
implemented over the past 12-months.
“As both reputation loss and revenue loss from a cyber-attack is a major concern of respondents in
our report, it is no surprise that three-quarters of executives stated that security threats are now a
CEO or board-level concern,” says Carl Herberger, vice president of security solutions for Radware.
“More than half of respondents reported changes to their security process, protocols, and/or
mandates in response to security threats, with more than a third indicating the use of a hybrid
solution of on-premise and cloud solutions to protect against attacks.”
To download the 2014-2015 Global Network & Application Security Report complete with a section
that looks back at the 2014 business and attack trends and provides a set of best practices for
organizations to consider when planning for cyber-attacks in 2015, please visit:
http://www.radware.com/ert-report-2014/
Additional Resources
Blog post
http://blog.radware.com/security/2014/12/2014-global-application-network-security-report
Infographic
http://www.slideshare.net/Radware/radware-ert-networksecurityinfographic20142015
Methodology
Through firsthand and statistical research coupled with front-line experience, this research identifies
trends that can help educate the security community. The report draws its information from the
following sources:
Security Industry Survey The quantitative data source is a Security Industry Survey, which was
conducted by Radware and had 330 individual respondents.
The survey was sent to a wide variety of organizations globally and was designed to collect
objective, vendor-neutral information about issues organizations faced while planning for and
combating cyber-attacks. 39% of the companies in the sample are large organizations, each with
annual revenue of more than $500m. A total of 23 industries are represented in the survey with the
largest respondents from the following: telecommunications/Internet/cloud service provider
(20.42%), financial services (13.15%), computer-related products or services (12.11%), and
manufacturing/production/distribution (6.57%). About 40% of the organizations conduct business
worldwide.
Security Executive Survey Alongside the industry survey Radware selected 11 top security officers
from organizations across various industries and conducted in-depth interviews about their
experiences with cyber-attacks.
About the Radware Emergency Response Team (ERT)
Radware’s ERT is a group of dedicated security consultants who are available around the clock. As
literal “first responders” to cyber-attacks, Radware’s ERT members gained their extensive
experience by successfully dealing with some of the industry’s most notable hacking episodes,
providing the knowledge and expertise to mitigate the kind of attack a business’s security team may
never have handled.
About Radware
Radware (NASDAQ: RDWR), is a global leader of application delivery and application security
solutions for virtual and cloud data centers. Its award-winning solutions portfolio delivers full
resilience for business-critical applications, maximum IT efficiency, and complete business agility.
Radware’s solutions empower more than 10,000 enterprise and carrier customers worldwide to adapt
to market challenges quickly, maintain business continuity and achieve maximum productivity while
keeping costs down.
For more information, please visit www.radware.com. Radware encourages you to join our
community and follow us on: Facebook, Google+, LinkedIn, Radware Blog, SlideShare, Twitter,
YouTube, Radware Connect app for iPhone® and our security center DDoSWarriors.com that
provides a comprehensive analysis on DDoS attack tools, trends and threats.
©2014 Radware, Ltd. All rights reserved. Radware and all other Radware product and service names
are registered trademarks or trademarks of Radware in the U.S. and other countries. All other
trademarks and names are property of their respective owners.
###
This press release may contain statements concerning Radware’s future prospects that are
“forward-looking statements” under the Private Securities Litigation Reform Act of 1995.
Statements preceded by, followed by, or that otherwise include the words "believes", "expects",
"anticipates", "intends", "estimates", "plans", and similar expressions or future or conditional verbs
such as "will", "should", "would", "may" and "could" are generally forward-looking in nature and
not historical facts. These statements are based on current expectations and projections that involve
a number of risks and uncertainties.
There can be no assurance that future results will be achieved, and actual results could differ
materially from forecasts and estimates. These risks and uncertainties, as well as others, are
discussed in greater detail in Radware’s Annual Report on Form 20-F and Radware’s other filings
with the Securities and Exchange Commission. Forward-looking statements speak only as of the
date on which they are made and Radware undertakes no commitment to revise or update any
forward-looking statement in order to reflect events or circumstances after the date any such
statement is made. Radware’s public filings are available from the Securities and Exchange
Commission’s website at www.sec.gov or may be obtained on Radware’s website at
www.radware.com.
Corporate Media Relations:
Brian T. Gallagher
Phone: +1 201 785-3206
Mob: +1 201 574-3840
briang@radware.com