Now in its 11th year, the Cisco Cybersecurity Report provides an insightful look into the most significant cyber threats facing businesses today.
This year’s report highlights some worrying trends in attacker sophistication, business inaction and new vulnerabilities that pose a significant risk. According to Cisco’s Senior Vice President and Chief Security and Trust Officer, John Stewart, the report signals the need for even greater proactivity in company-wide information security.
"No single strategy, technological solution or approach will solve all of the challenges that our adversaries throw at us. It takes a comprehensive and unified approach across people, process, technology and policy,” he says.
In this article, we unpack five key learnings from the Cisco 2018 Cybersecurity Report, which you can download here.
1. Attackers are Becoming More Sophisticated
This year's Cisco Report reveals a worrying trend among cybercriminals; attackers are embracing encryption methods to conceal their command-and-control (C2) activities.
Encrypted web traffic has grown at a substantial rate in the past year, reaching 50% of global web traffic in 2017. The combination of legitimate and malicious encryption has complicated the defence against cybercrime.
According to Cisco; “To keep pace, defenders will need to incorporate more automation and advanced tools like machine learning and artificial intelligence to complement threat prevention, detection and remediation."
2. Ransomware is Here to Stay
The evolution of ransomware was one of the most defining threat advancements in 2017. High-profile attacks like WannaCry and Nyetya brought public attention to the seriousness of ransomware attacks and their implications on company data.
In 2018 and beyond, defenders should prepare to face even more advanced, self-propagating network threats, Cisco says.
3. Security Vulnerabilities Remain
Cisco’s Report also highlights how cybercriminals are focusing their activities on technology security weak points.
They cite DevOps systems, which are often incorrectly deployed or left open for convenience, as one significant vulnerability. Industrial control systems and process control systems that are linked to other digital infrastructure also pose high risk.
4. Uninvestigated Alerts Pose Serious Business Risk
Given the seriousness of information security threats, it’s surprising that Cisco’s report revealed just how often security alerts aren’t investigated.
In fact, the report found that 44% of information security alerts aren’t investigated by businesses. Further, only 51% of investigated cases that yield legitimate threats are remediated.
According to Cisco, “This is a direct call for greater innovation, diligence and better answers to our challenges.”
5. Email Attacks Continue to Threaten Businesses
Considered by many to be a legacy threat, malicious emails continue to be effective in compromising the endpoint.
Email spam volume spiked in late 2017, with many using social engineering techniques and infected email attachments to distribute ransomware.
To discuss how The Missing Link can assist your business in defending against increasingly sophisticated cyber threats, get in touch with us today.