Cisco: Unending Threats Up the Remediation Ante

Lynn HaberOrganizations have a lot to worry about when it comes to cybersecurity – keeping the good stuff in and the bad guys out – and attacking the complexity of cyber threats and intrusions, which, according to  Cisco’s 2017 Annual Cybersecurity Report, is increasingly overwhelming for IT experts.

The vendor’s 10th annual report, divided into sections – attack behavior, defender behavior, Cisco 2017 security capabilities benchmark study, industry and conclusion – points to a revolving door of new attacks, the use of an increasing number of security products by IT departments, and restrained budgets and insufficient security expertise, often resulting in lost customers and business revenue.{ad}

So what keeps security professionals up at night? Their biggest concerns related to cyber attacks are: mobile devices – 58 percent ; data in the public cloud – 57 percent; cloud infrastructure – 57 percent; and user behavior – 57 percent.

The upside to the report are recommendations to meet the cybersecurity challenge, namely the need to operationalize people, processes and technology in an integrated manner, with automation being essential to the effort.

The hefty report points to more than a dozen key findings:

  1. As malicious tool kits, such as the well known Angler, Nuclear and Neutrino fade away, new ones take their place, which means there’s no time for security experts to let down their guard.
  2. Sixty-five percent of IT teams use six or more security vendors and security products, while 45 percent use between one and five, according to the Cisco 2017 Security Capabilities Benchmark Study (SCBS).
  3. There are a number of constraints encountered by companies that limit the adoption of advanced security products and solutions: 35% percent budget, 28 percent product compatibility, 25 percent certification, and 25 percent talent.
  4. These constraints not only limit the adoption of higher-level security solutions but also limit how many security alerts received on a given day are responded to — 56 percent. About one-quarter of the investigated alerts, or 28 percent, are deemed legitimate; and, 46 percent of legitimate alerts are remediated. The report also notes that 44 percent of security-operations managers see more than 5,000 security alerts per day.
  5. Twenty-seven percent of connected third-party cloud applications brought into the enterprise by employees in 2016 posed a high security risk.
  6. Adware infections that could potentially facilitate other malware attacks were reported by 75 percent of 130 organizations across verticals.
  7. Brokers, aka gates, are being increasingly used in malvertising campaigns. These brokers increase the speed at which they move, maintain their operational space and evade detection. According to the report, these intermediary links …


… allow adversaries to switch quickly from one malicious server to another without changing the initial direction.

    8. The amount of spam now accounts for about 65 percent of all email volume thanks to large and thriving spam-sending botnets, and the efforts of adversaries continues. Cisco threat researchers found that almost 10 percent of global spam in 2016 could be classified as malicious, and the amount of spam with malicious email attachments is increasing.

    9. There’s no time for companies to be complacent when it comes to encountering security breaches — especially for those who haven’t yet. Almost half, or 49 percent, of security professions surveyed in the SCBS reported having to manage public scrutiny following a security breach.

    10. Additional info from the SCBS reports that 25 percent of companies that experienced a security attack lost business opportunities as a result, 30 percent lost revenue and one in five organizations said that it lost customers as well.

    11. Security breaches impact organizations as follows: 36 percent operations, 30 percent finance, 26 percent for brand reputation and 26 percent for customer retention.

    12. Organizations experience a long-lasting impact from network outages caused by security breaches: Forty-five percent of outages lasted from one to eight hours; 15 percent lasted nine to 16 hours; and 11 percent lasted 17-24 hours. Furthermore, 41 percent of these outages affected between 11 and 30 percent of systems.

    13. Middleware is becoming a popular threat vector. In the course of a Cisco project, threat researchers found that a majority of new vulnerabilities were attributable to the use of middleware.

    14. Predictable and regular software updates reduce the time that adversaries have to take advantage of vulnerabilities.

    15. Most organizations rely on third-party vendors for at least 20 percent of their security and those who rely on these resources the most have plans to expand their use in the future, according to the 2017 SCBS.

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 52564