Security has been a leading topic throughout 2017 across all industries. Malware, more specifically ransomware, has been a dominant cyber threat with damage costs predicted to exceed $5 billion this year, according to Cybersecurity Ventures.
Cisco recently released their 2017 Annual Cybersecurity Report. This year is the 10-year anniversary of the annual report, which provides key insights and threat intelligence findings from across the entire Cisco portfolio. Along with threat intelligence Cisco also incorporates a collection of results from 2,900 surveyed customers into the report, highlighting:
- Behavior of attackers
- Behaviors and trends of defenders to mitigate attacks
- Impacts of breaches on organizations
- New industry developments
- Cisco suggestions for how the state of the industry can improve
Cisco has 5000 individuals working across the business creating their great security products, which enables them to collect telemetry and gather data. They also work across the portfolio to incorporate public and private feeds and partner with the open source community to get a comprehensive understanding of what is happening in the security community. The intelligence gathered is taken and turned into real-time protection in Cisco products and the telemetry is fed into the annual cybersecurity report.
This year businesses deal not only with the consequences of remediating a breach, but also the consequences they deal with from public disclosure of a breach, including:
- Operational obstruction
- Overall complexity of responding
- Decline in revenue
- Loss of customers
The top security challenges organizations are facing this year include:
- Necessary security budgets
- Disparate systems problem stemming from the number of emerging security vendors, a lack of integration of different security products, and upgrades needed for aging infrastructures.
- Lack of properly trained security personnel
The annual report also provides insights as to how Cisco can help improve organizations security posture. Cisco has taken an approach that integrates security and digitization of IT infrastructures with a goal to simplify organizations infrastructure and integrate the different solutions used. Cisco’s integrated security strategy is focused on effectiveness, cost effectiveness, and improved risk management. This strategy includes a resourced expert security IT team, and is designed to allow the right tools, process, and policies to work together in automated way.
A key metric focused on in recent year is time to detection (TTD), but Cisco has also shifted focus to a new metric: how quickly attackers are shifting tactics and evolving to avoid detection, or “time to evolve”. This year the company began to look at how quickly attackers are evolving to adapt their techniques and essentially maintain the effectiveness of the malware they are utilizing.
Some attackers are using as many as 10 different approaches to infect “victims”. Analysis of 6 different malware families was used to measure the times that malware has changed and duration between changes. This helps identify how fast security must adapt to protect businesses. The new time to evolve metrics highlights the need of integrated security architecture, real-time insight, and automated detection to solve this challenge.
