Cisco has released the tenth edition of its Annual
Cybersecurity Report , highlighting the increase in classic attack vectors and
the need to reduce detection time. The document is divided into several
sections: attacker behavior , Behavior of the defender, Cisco 2017 Security
Capabilities Benchmark Study, industry and conclusions.
Remarkable
data
Among the main barriers cited by CSOs to improve their
security processes are limited budgets, poor systems compatibility and the
shortage of professionals. These officials also say that their security
departments are increasingly complex environments. Sixty-five per cent of
organizations surveyed use six to more than 50 security solutions, potentially
reducing their effectiveness and increasing potential security problems.
It is curious to see the increase in spam as an attack
model, with levels not seen since 2010. Spam accounts for about two thirds (65%)
of all emails, being malicious between 8 and 10% of them. The volume of spam is
increasing on a global scale, often propagated by large and growing botnets.
It also highlights the risk posed by third-party cloud
applications introduced by employees, up to 27% were considered to be high risk
and generated significant security concerns. The classic adware (software that
downloads advertising without the permission of the user) has maintained its
effectiveness, infecting 75 percent of the organizations investigated.
Concern about the investigated and remedied alerts is
worrying, as it is revealed that only 56% of the received security alerts are
investigated. Half of them (28 percent) are considered legitimate; But less
than half (46 percent) of legitimate alerts are remedied. One fact that reveals
the job security managers have is that 44 percent can get to see more than
5,000 security alerts daily.
The
cost of an attack
An interesting section reveals the impact of attacks on
businesses, from SMEs to large companies. For more than half of the
organizations that suffered an attack the incident became public. The processes
of operations (shutdown of critical productivity systems) and finance were the
most affected, followed by brand reputation and customer retention.
For the organizations that suffered an attack, the
consequences were substantial:
22% of the organizations attacked lost customers (40% lost
more than 20% of their customer base).
29% lost income, and 38% of them had losses in excess of 20%
of income.
23% of the organizations attacked lost business
opportunities (42% lost more than 20%).
After the attacks, 90% of organizations improve their
defense technologies and processes against threats by separating security and
IT functions (38%), improving employee awareness through training (38%) and
implementing mitigation techniques Of the risk (37%).
Staying Ahead of the Evolving Threat - Announcing the Cisco
2017 Annual Cybersecurity Report
No comments:
Post a Comment