Cisco 2017 Annual Cybersecurity Report: CSOs talk cost and actions
According to the Cisco 2017 Annual Cybersecurity Report (ACR), over one-third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 per cent. Ninety per cent of these organizations are improving threat defense technologies and processes after attacks by separating IT and security functions (38 per cent), increasing security awareness training for employees (38 per cent), and implementing risk mitigation techniques (37 per cent). The report surveyed nearly 3,000 chief security officers (CSOs) and security operations leaders from 13 countries in the Security Capabilities Benchmark Study, part of the Cisco ACR.
Now in its 10th year, the global report highlights challenges and opportunities for security teams to defend against the evolution of cybercrime and shifting attack modes. CSOs cite budget constraints, poor compatibility of systems and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 per cent of organizations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.
To exploit these gaps, ACR data shows criminals leading a resurgence of “classic” attack vectors, such as adware and email spam, the latter at levels not seen since 2010. Spam accounts for nearly two-thirds (65 per cent) of email with eight to 10 per cent cited as malicious. Global spam volume is rising, often spread by large and thriving botnets.
“One of our key metrics highlighted in the 2017 Annual Cybersecurity Report is the ‘time to detection’ — the time it takes to find and mitigate against malicious activity. We have brought that number down to as low as six hours,” says David Ulevitch, vice-president/general manager, Security Business, Cisco. “A new metric — the ‘time to evolve’ — looked at how quickly threat actors changed their attacks to mask their identity. With these and other measures gleaned from report findings, and working with organizations to automate and integrate their threat defense, we can better help them minimize financial and operational risk and grow their business.”
Cybersecurity has changed drastically since the inaugural Cisco Annual Security Report in 2007, Cisco notes. In 2007, the ACR reported web and business applications were targets, often via social engineering, or user-introduced infractions. In 2017, hackers attack cloud-based applications, and spam has escalated.
Ten years ago, malware attacks were on the rise, with organized crime profiting from them. In today’s shadow economy, thieves now run cybercrime as a business, offering low barrier-to-entry options to potential customers. Today perpetrators can be anyone, anywhere; they don’t require a security background and can easily purchase “off-the-shelf” exploit kits.
For a complete copy of the 2017 Cisco Annual Security Research report, and to read more about Cisco’s recommendations as to how businesses can mitigate against risk, click here.