6 Key Takeaways from Cisco’s 2016 Annual Security Report
Security pros face an uphill battle in today’s threat landscape according to Cisco’s 2016 Annual Security Report (ASR). However, uphill doesn’t mean impossible. These 6 takeaways from Cisco’s ASR can help guide and improve security efforts in 2016 and in the years to follow.
Takeaway #1: Attackers are getting more sophisticated.
Attackers have started to go legitimate. That may sound like great news, but unfortunately they haven’t turned over a new leaf. Instead, what they’ve done is draw inspiration and resources from legitimate sources and use them to carry out their illegitimate endeavors.
Cisco’s ASR highlighted how attack methods have evolved and grown in sophistication:
- Attackers have gotten bolder and more coordinated. They will work closely together, sharing information and resources to precisely execute campaigns
- Cyber crooks have borrowed a page or two from the playbooks of the IT teams they target. They’ve begun leveraging elements such as strong infrastructure and virtualized hosting to increase the efficiency and power of their attacks
- Attackers have begun commandeering resources right from under the noses of IT. For example, they can siphon off server capacity and use that to launch their campaigns
As attackers have grown more sophisticated in their methodology, it’s increased pressure on IT to respond in kind. Technology which gives IT the ability to recognize and respond to threats in as close to real time as possible has become nothing short of a business need.
Takeaway #2: Confidence in security is down.
Hackers had a successful year in 2015. According to one study, hackers were able to successfully compromise a target 60% of the time. Their effectiveness, mixed with the seemingly never-ending string of headlines hackers earned, dinged the confidence of many on the security side. Some were left unsure of their – and their organizations’ – ability to go toe-to-toe with cyber crooks.
The findings in Cisco’s ASR aren’t overwhelming, however they do represent a subtle change in course and in confidence levels from where things stood in 2014:
- 59% of those surveyed see their security infrastructure as being “very up-to-date” and leveraging the best technologies on the market, down 5% from last year’s study
- 37% say their security technologies are replaced or upgraded regularly, but wouldn’t go so far as to call them the latest or greatest. This marks a 4% drop from the numbers recorded last year
- 5% replace or upgrade security technologies only when they absolutely have to, up 2% from last year
Confidence is essential but overconfidence can be risky. This is where regular security audits can help. They can give organizations a confidence-boost by showing them the strengths of their current environment. It can also help them weed out weaknesses, preventing overconfidence.
Takeaway #3: IT infrastructures are getting older.
Today’s businesses depend on technology. As a result of this dependence, IT security must be a top priority for all companies, in all verticals. However, as Cisco’s ASR discovered, many organizations are relying heavily on long-in-the-tooth network infrastructure. This report looked at a cross-section of the Cisco devices online and in customer environments and found a large number of vulnerabilities that had been left unaddressed.
- 92% of devices covered in the study were running versions of software with known vulnerabilities. On average the software these devices ran contained 26 known vulnerabilities
- Some customers were using software versions that were more than six years old
- 8% of the devices studied had reached their end-of-life stage, while another 31% were due to go end-of-life within the next four years
Whether it’s in respect to patches or updates or even larger scale projects like phasing out outdated technology, organizations must remain vigilant. Plans must be made to ensure routine updates are made quickly and long-term plans to phase-out aging tech must be devised well in advance. The longer these decisions or tasks are put off, the higher the chance that they could be exploited.
Takeaway #4: Budgets are holding security back.
Take a guess on what security pros say is the biggest obstacle keeping them from gaining access to advanced tools and processes. Chances are that guess was something to do with budgets and that is absolutely correct. According to Cisco’s ASR, budget constraints (39%) topped the list of barriers to advancing security processes and technology. However, it wasn’t quite the runaway win one might expect:
- 32% of those surveyed said compatibility issues
- 25% blamed certification requirements
- 24% said competing priorities
- 24% named heavy workloads
The cost of data center and network outages continues to rise. Organizations must adopt a more forward-thinking approach to upgrades. For example, should an upgrade provide more reliability and fewer outages, it could cover that initial investment in little to no time.
Takeaway #5: Changes are coming to who controls security budgets.
One trend worth keeping an eye on is how organizations structure their IT and Security budgets. This can provide insight into the value organizational leaders are placing on security practices and technology. Cisco’s ASR looked into how many organizations were separating their security budgets from their IT budgets and this is what it uncovered:
- 58% of organizations have their entire security budget contained within the IT budget, down from 61% last year
- 33% of organizations have their security budget partially within IT’s, equal to what was recorded in last year’s study
- 9% of businesses have their security budget totally separate from IT’s, up 3% from last year’s numbers
As organizations continue to place greater emphasis on securing their technological investments, this trend of splitting out security budgets could very well continue – or even begin to pick up steam, reducing IT’s role in the process.
Takeaway #6: Malware continues to be a major threat.
Organizations face a number of high-risk threats to their IT infrastructure from external sources. The most persistent of these threats, according to Cisco’s ASR, is malware. Nearly 7-in-10 of those surveyed (68%) listed this as an external threat. Here’s the rest of the list:
- 54% identified phishing as a threat
- 43% faced advanced persistent threats
- 38% said denial of service attacks
- 35% named brute-force attacks
- 35% said zero day attacks
Cyber crooks’ methodology is diverse which means those on the security side must be ready for anything. Today’s security solutions must be strong enough to repel an attack, but they must also be flexible enough to adjust as attack vectors change.
Building security solutions for any challenge
It’s been said before, but it bears repeating: Time is of the essence when it comes to threat detection. The current industry average is 100-200 days. Cisco has run out well ahead of that pace, dropping to a mere 17 hours. This assures companies that a threat’s chance to do any real damage will be greatly minimized.
If you’d like to learn more about Cisco’s ASR and its industry-leading security solutions, reach out to our team today. Arraya Solutions is a Cisco Premier Partner and our team has a wealth of experience deploying and supporting Cisco security technology. Our innovative efforts in devising cost-effective custom-built Cisco solutions for our customers resulted in us winning the Cisco-Charged Innovation Award. We can also help find and manage the tools an organization needs to keep its IT infrastructure safe in today’s business world.
Begin the conversation here: http://www.arrayasolutions.com/contact-us/.
Also, follow us on Twitter, @ArrayaSolutions, to stay in the loop with all of our latest blogs, special events and offers.