by Rabih Dabboussi, General Manager – UAE, Cisco
Traditionally, January is a time for resolutions, new beginnings and looking forward to the year ahead and the Cisco Annual Security Report 2016 (ASR 2016) does just that. It forecasts top security risks and trends to help CIOs set their security resolutions.
The Cisco 2016 Annual Security Report reveals that only 45 percent of organizations worldwide are confident in their security posture as today’s attackers launch more sophisticated, bold and resilient campaigns. While executives may be uncertain about their security strength, 92 percent of them agree that regulators and investors will expect companies to manage cybersecurity risk exposure. These leaders are increasing measures to secure their organizations’ future, particularly as they digitize their operations.
I am going to focus on a few of the key take homes from this exhaustive report which you can read in full here.
Top Research Findings
- Decreasing confidence, increasing transparency: Less than half of businesses surveyed were confident in their ability to determine the scope of a network compromise and to remediate damage. But, an overwhelming majority (92%) of finance and line-of-business executives agreed that regulators and investors expect companies to provide greater transparency on future cyber-security risk, pointing to security as a growing boardroom concern.
- Aging infrastructure: Between 2014 and 2015, the number of organizations that said their security infrastructure was up-to-date dropped by 10 percent. The survey discovered that 92 percent of Internet devices are running known vulnerabilities. Thirty-one percent of all devices analyzed are no longer supported or maintained by the vendor. However, this decline in confidence is accompanied by a growing interest in developing stronger policies.
- SMBs as a potential weak link: As more enterprises look closely at their supply chain and small business partnerships, they are finding that these organizations use fewer threat defense tools and processes. For example, from 2014 to 2015 the number of SMBs that used web security dropped more than 10 percent. Attackers that can breach an SMB network could also find a path into an enterprise network.
- Outsourcing on the rise: As part of a trend to address the talent shortage, enterprises of all sizes are realizing the value of outsourcing services to balance their security portfolios. This includes consulting, security auditing and incident response. SMBs, which often lack resources for an effective security posture, are improving their security approach, in part, by outsourcing, which is up to 23 percent in 2015 over 14 percent the previous year.
- Shifting server activity: Online criminals have shifted to compromised servers, such as those for WordPress, to support their attacks, leveraging social media platforms for nefarious purposes. For example, the number of WordPress domains used by criminals grew 221 percent between February and October 2015.
- Browser-based data leakage: While often viewed by security teams as a low-level threat, malicious browser extensions have been a potential source of major data leaks, affecting more than 85 percent of organizations. Adware, malvertising, and even common websites or obituary columns have led to breaches for those who do not regularly update their software.
- The DNS blind spot: Nearly 92 percent of “known bad” malware was found to use DNS as a key capability. This is frequently a security “blind spot” as security teams and DNS experts typically work in different IT groups within a company and don’t interact frequently.
- Time to detection faster: The industry estimate for time to detection of a cybercrime is an unacceptable 100 to 200 days. Cisco has further reduced this figure from 46 to 17.5 hours, since the 2015 Cisco Midyear Security Report was released. Shrinking the time to detection has been shown to minimize cyber-attack damage, lowering risk and impact to customers and infrastructures worldwide.
- Trust matters: With organizations increasingly adopting digitization strategies for their operations, the combined volume of data, devices, sensors, and services are creating new needs for transparency, trustworthiness, and accountability for customers.
The idea of the Cisco Annual Security Report is not all about the negative, but a way in which to focus the spotlight on what the future holds which in turn will hopefully help the IT departments of organizations avoid real catastrophe of a data breach or worse this year.