8 Lessons from Cisco’s 2017 Cyber Security Report
Cisco’s 2017 Annual Cybersecurity Report marks the 10th anniversary of the yearly rundown of challenges facing those tasked with ensuring their employers’ digital wellbeing. This year’s report collects the insights of roughly 3,000 Chief Security Officers and security operations leaders from around the world. Surprisingly, amongst the talk of rapidly-evolving, high-tech threats, are a few re-emerging, “old school” headaches.
Let’s review the 2017 Annual Cybersecurity Report – and dig in to eight stubborn security questions it answers.
- What is the business impact of a data breach? When cyber security fails, the rest of the business will feel it. As such, cyber security belongs under the umbrella of organizational concerns as opposed to an IT-only issue.
By the numbers:
– 22% of those who have dealt with a cyber attack say it cost them customers
– 29% of those who have suffered a cyber attack say they lost revenue due to it
– 23% of business who have suffered an attack have lost opportunities as a result
- How seamless are other organizations’ security environments? The answer here appears to be “not very.” Many organizations have taken a patchwork approach to cyber security. For all of the benefits of having the expertise of multiple vendors, more connections means more potential gaps and integration issues, which cyber crooks will be only too happy to exploit.
By the numbers:
– 65% of organizations have security environments that contain more than five products
– 10% of organizations utilize solutions from more than 21 different vendors
– Roughly 55% of organizations have security environments built on solutions from more than five vendors
- Is spam up or is it just me? It’s not just you. Cisco’s threat researchers have observed spam levels hitting highs not seen in almost a decade. Cyber crooks have also gotten good at diversifying their tactics to better their odds of escaping filters and reaching inboxes, putting an even greater emphasis on end user awareness training.
By the numbers:
– Almost two-thirds of email sent is spam
– Between 8% and 10% of spam messages are classifiable as malicious, according to Cisco’s team
– Two popular techniques employed by cyber crooks trafficking in the spam area are:
– Hailstorms – In these attacks, attackers send out a tremendous flurry of DNS queries in a very condensed time frame in an effort to catch anti-spam systems unaware.
– Snowshoes – This style is more sustained, taking place over weeks, while the number of DNS queries are kept low enough to avoid detection.
- I want a more secure environment. How can I get it? The best answer? Best-of-breed solutions blended with executive buy-in and regular end user training. Standing between security pros and that ideal? Frequent sore spots, including talent and budget shortfalls, as well as compatibility issues.
By the numbers:
– 35% of security pros point to budget constraints as their biggest obstacle. This could hint at a need to explore more budget-friendly cloud migrations moving forward.
– 28% put the blame on compatibility issues. Of course, this is something that can be overcome by streamlining those increasingly-complex security environments we covered earlier.
– 25% blame talent shortages. To solve this challenge, businesses may want to explore options such as automation or collaborating with a Managed Services provider.
- I’m not investigating 100% of alerts. Should I be worried? Wayne Gretzky once said, “You miss 100% of the shots you don’t take.” If he was a cyber security guy, he might have said something like “You miss 100% of the threats you don’t investigate.” Either way, many organizations lack the modern tools or the manpower to investigate every red flag, possibly further necessitating an exploration of the above remedies.
By the numbers:
– Organizations are, on average, only able to investigate 56% of the security alerts they receive each day
– Of the red flags investigated, 28% are legitimate threats
– Less than half (46%) of legitimate alerts are corrected
- What function can I least afford to lose due to a breach? Cisco’s Annual Cybersecurity Report can’t answer this question. Instead, it’s up to security pros and the businesses they support to answer it. However, Cisco’s report does provide some insight into the functions most likely to feel the sting of a breach.
By the numbers:
– 36% of respondents said Operations is the function most likely to be affected by a public breach
– 30% said that honor goes to Finance
– 26% felt Brand Reputation would be most affected
- How long can I afford to be without my network? Here’s another question raised by the report but best left to security pros and the organization as a whole to answer. If pressed, we’d guess most businesses would be of the mindset that the sooner their network is running after a breach, the better. Both this question and the one above regarding functions are worth discussing as part of any security strategy.
By the numbers:
– 45% of outages last in the 1 to 8 hour range
– 20% last between 17 hours or longer
– In 39% of breaches, 31% or more of network systems are impacted
- Should I be more concerned about Adware? Malware and ransomware may grab all the headlines, but there is another “ware” IT pros should keep an eye on: Adware. Cyber crooks have found ways to hijack legitimate advertising initiatives, instead using them to spread malicious applications. Not only should IT be aware, but team members must educate end users about the risks, as well.
By the numbers:
– Adware infections plague 75% of the businesses surveyed
– More than 40% of Adware incidents involve ad injectors, making this the most popular method
– Slightly under 40% of Adware incidents involve downloaders, making this the second most popular method
Where to turn for Cyber Security help
These are just some of the questions raised and answered by Cisco’s 2017 Annual Cybersecurity Report. Want to talk more about the report? Have a question about your business’ cyber security needs? Arraya is ready to help. Our Cisco and Cyber Security teams have the skills and experience necessary to foster conversations and look into each of the above questions – and more – and find/implement the answers businesses need to stay safe.
Visit: www.arrayasolutions.com/contact-us/ to start a dialogue with our team today.
Arraya is also reachable via social media: LinkedIn, Twitter, and Facebook. Be sure to follow us to stay updated on our latest company news, industry insights, and the latest exclusive learning opportunities we have on our calendar.