Cisco releases annual security report: Key findings and industry reaction

Only 45 per cent of worldwide organisations are confident in their ability to fend off today's sophisticated cyber attacks. This is one of the key findings from Cisco's 2016 Annual Security Report, which was released today.

With the rate of digital transformation continuing to increase, business leaders are increasing measures to secure their organisations' future, with 92 per cent agreeing that regulators and investors will expect them to manage cyber security risk.

John N. Stewart, senior vice president, chief security and trust officer, Cisco said: “Security is resiliency by design, privacy in mind, and trust transparently seen. With IoT and digitisation taking hold in every business, technology capability must be built, bought, and operated with each of these elements in mind. We cannot create more technical debt. Instead, we must meet the challenge head on today."

Other key findings include:

  • Aging infrastructure: 92 per cent of internet devices are running known vulnerabilities and 31 per cent of all devices analysed in the survey are no longer supported or maintained by the vendor.
  • The SMB weak link: From 2014 to 2015, the number of SMBs using web security dropped by more than 10 per cent.
  • DNS blind spot: Nearly 92 per cent of “known bad” malware was found to use DNS as a key capability. This is frequently a security “blind spot” as security teams and DNS experts typically work in different IT groups within a company.
  • Shifting server activity: Cyber criminals are changing their approach to target compromised servers to support their attacks. WordPress is a prime example, as the number of attackers using WordPress domains grew by a whopping 221 per cent between February and October 2015.

Cisco also sounds a global call-to-arms in the study, calling for greater collaboration and investment in the processes, technologies and people to help protect against cyber criminals.

Industry reaction

Stephen Love, Security Practice Lead for EMEA, Insight:

"As cyber-attacks are becoming increasingly sophisticated, businesses are realising the ever-growing need to protect their data assets, but are unclear as to how. Couple this with a growing expectation for full transparency of cyber security risks, organisations begin to lose confidence in their abilities to detect, moderate and recuperate from an attack.

"It is time to face the inevitable situation; businesses are highly likely to face a data breach in the near future. Every organisation – no matter how large or small – must have a robust security approach to its data management. It is crucial then that businesses assess just what portion of their data is most valuable and needs closer security attention. Not all data in an organisation would be deemed ‘sensitive.’ By carrying out a thorough assessment as to what data is uniquely distinct to the organisation, then discovering in what ways this data is at risk, and putting in place security measures accordingly, every organisation can feel confident that they have the best defensive measures possible in place."

David Kennerley, Threat Research Manager, Webroot:

“For too long have smaller companies adopted the attitude that they are too small or too “low value” to be targeted, and for too long has cyber-security taken a back seat. As this research shows, the outsourced approach is increasingly a viable alternative to the “go at it alone” status quo. It opens the door to a world of experienced MSPs, the best of which offer comprehensive, lightweight security solutions that are affordable, easy-to-install and provide real-time protection against modern threats.

"These small businesses are often targeted by advanced and persistent threats because of their partnerships with bigger fish. Without addressing these security capabilities SMBs will find it increasingly difficult to work with larger enterprises. It’s encouraging, however, that SMBs are broadly conscious of their cybersecurity failings. Our research shows that overall, 81 per cent of SMBs plan on increasing their annual IT security budget for 2016, by an average of 22 per cent.”

Darren Anstee, Chief Security Technologist, Arbor Networks:

“This report serves as yet another confirmation that attackers are becoming ever more sophisticated and, as a result, it is becoming ever more difficult to identify and stop their activities before they reach their goal. Although detection technologies, threat intelligence sharing and IR processes are improving in many cases, many businesses are still not able to prevent a breach, something that can have huge legal and financial consequences - as well as a significant loss of customer trust, especially if disclosure is not handled well.

“Fundamentally, attackers are moving more quickly than the technologies that we deploy to counter them. Further improvements in intelligence sharing, and better resourcing of IR teams will help but we need to make sure we are focusing our resources on the attacks that have the highest risk - and this isn’t necessarily just those that pop up as ‘red’ in our SIEM. To do this our incident responders need to spend more of their time in the right parts of the IR process, and we can drive this by giving them the right tools.

"If we can speed up the triage and investigative aspects of IR then we can obviously respond more quickly, but we can also free resources for more proactive exploration of suspicious activities that may otherwise have gone un-investigated."

Image source: Shutterstock/Andrea Danti