<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=352585001801011&amp;ev=PageView&amp;noscript=1">
Matt Kozloski

By: Matt Kozloski on April 13th, 2017

Print/Save as PDF

Biggest Takeaways from the Cisco 2017 Annual Cybersecurity Report

Cybersecurity

The Cisco 2017 Annual Cybersecurity Report was released earlier this year.

A few of the main topics the report focuses on are:

  • How has the cybersecurity landscape changed in the past year?
  • What are the latests threats to cybersecurity?
  • How have behaviors from both attackers and defenders changed?

As you’ve no doubt heard us discuss before, improving your company’s cybersecurity posture is a huge responsibility, and the data in this report can help. 

But if you’d rather dive right into the tactics needed to shore up the cybersecurity habits at your organization, we have a free ebook to help you do just that:

 


Improving your cybersecurity isn't as hard as you think.

Free: 10 Simple Things You Can Do to Improve Your Company's Cybersecurity  Posture


 

The Cisco 2017 Annual Cybersecurity Report, viewable in its entirety here, is 110 pages long and somewhat technical. It’s definitely worth a long read for those whose primary responsibility is cybersecurity, but we felt a more digestible version with the key takeaways was more appropriate for others. Additionally, we’ve broken out what this data means for businesses, and some cybersecurity strategies to combat and deter cyber attacks.

Without further ado, here’s our Cisco Cybersecurity Report takeaways complete with a summary of data-backed analysis, graphs and figures from the 2017 report.

The Attack Surface is Only Increasing

As you’ve no doubt seen in some very public news stories, the sheer volume of cyber attacks grows year after year. While the number of attacks is an issue, the increasing area of the attack surface is what’s daunting industry professionals.

Imagine a battlefield with 100 enemy combatants in it. Now, add 10% more enemies (growing volume of cyber attacks) and double the size of the battlefield and include various caves and structures you’re not sure how to defend.

That’s a somewhat militaristic analogy of the effect of the increased use of mobile devices, cloud infrastructure, and the amount of cloud storage we now use in the workplace. With the exponential growth of wireless endpoints, and new ones popping up every day, it’s getting harder to defend the cyber ‘battlefield’ from attacks.  

Here’s what has security professionals concerned in 2017.

Screen Shot 2017-04-12 at 11.10.56 AM.png

Source: Cisco 2017 Annual Cybersecurity Report

With an estimated threefold increase in global IP traffic in the next 5 years over hundreds of different types of devices and cloud platforms, security professionals will have their hands full trying to cover all that territory.

Changes and Adaptations in Attacker Behavior

Cyber attackers are greatly in tune with the “risky behavior” of online users that 57% of security professionals are concerned with in the graphic above, and have developed sophisticated method of weaponizing the following:

Email - 65% of all email is spam (yikes!) 8-10% of which is malicious.

Adware/malware - Hacking takes the form of somewhat legitimate-looking online ads (sometimes with pop-ups with unclosable windows) that can gain entry into a system when clicked.

Cloud applications - When users install unsecured, third-party cloud applications, cyber attackers can sometimes find vulnerabilities and exploit connected systems.

None of these issues are new, but how hackers are interacting with them are.

Time to Evolve (TTE) is the time it takes attackers to change delivery methods of malware and the amount of time between each tactical change. They are experimenting with different entry points and learning what works and what doesn’t faster than ever.

On the other hand, Time to Detection (TTD) is the time between compromise and detection of a threat. Cisco found that TTD has decreased for multiple kinds of malware but the evolution and adaption of cyber threats make this a constant struggle.

See page 31 of the Cisco 2017 Annual Cybersecurity Report for specific details broken down by industry segment, malware type, and case studies.

Changes and Adaptations in Defender Behavior

Screen Shot 2017-04-12 at 12.07.55 PM.png

Source: Cisco 2017 Annual Cybersecurity Report

Companies are seeing an increased threat for middleware, which is defined as anything between the kernel and user applications. These applications serve as a bridge or connector between platforms or applications. Some examples of middleware you’re likely familiar with are Java from Oracle and Multimedia Home Platform (DVB-MHP).

Cisco reported some good news for patching trends, however. Software patches are updates sent out by middleware providers that shore up known weaknesses; you know, the ones that constantly pop up and you close without reading or understanding. Note: don’t do that.

What the report found is that when security patches are distributed at regular intervals users are more likely to actually install the updates. This decreases the time hackers have to take advantage of vulnerabilities, as well as the volume of targets.

Cisco’s Security Capabilities Benchmark Study

Screen Shot 2017-04-12 at 12.11.11 PM.pngSource: Cisco 2017 Annual Cybersecurity Report

The benchmark study is an insider’s view of the perceptions of security from actual security professionals of their own organizations. Their insights are valuable because of their expertise and candor. Here are a few of the highlights.

  • Almost 25% of organizations surveyed lost business opportunities from an attack. Many of them sustained substantial losses and a smaller amount even lost customers.
  • 50% of companies surveyed that have not yet experienced a significant cybersecurity breach said that they feel their company has misplaced confidence.
  • In order, the top constraints keeping organizations from adopting advanced security are budget, product compatibility, certification, and talent.
  • Most organizations rely on third-party vendors for at least 20% of their security.

And lastly, just to show you the scope of the threat level, 44% of security operations managers report seeing more than 5,000 security alerts per day.

Reading between the lines, you can see the importance of investing in security in order to maintain business and customers, even if you haven’t yet experienced a cyber attack.

What This Means for Business

The number of cyber attacks, and the fact that most of them are deterred, can cause a false sense of confidence in organizations, as noted earlier. Here are a couple different ways that cyber theft can disrupt a business.

Data breaches can cause a business to lose customers due to lack of trust. Operations and finance departments are the most likely to be affected by a data breach—36% and 30% respectively. How would you feel if the company storing your credit card info was hacked? In addition to the actual departments that are affected, brand reputation and customer retention also suffer by 26%, according to respondents from the benchmark study.

Network outages caused by cyber attacks were shown to often have a long-lasting impact:

  • 45% of outages lasted between 1-8 hours
  • 15% lasted 9-16 hours
  • 11% lasted 17-24 hours

Here’s the kicker: 41% of these outages affected between 11-30% percent of all systems! For more details and graphics, see page 55 of the Cisco 2017 Annual Cybersecurity Report.

The key takeaway for the effect of security breaches on business? The risks of complacency are too great to wait to shore up your cyber defense strategy—learn what you need to do today to improve your company’s cybersecurity posture.

The 2017 edition of the Cisco Annual Cybersecurity Report contains a wealth of info and trends designed for security professionals. It’s quite long, and some parts of it are fairly technical, even for folks working in IT. Many SMB’s can feel a bit overwhelmed by the information and terminology, but we at Kelser can help with educational resources and tools.  

Here’s a step-by-step plan to getting the cybersecurity up to scratch at your organization:

  1. Start by knowing what threats your business may be vulnerable to and start protecting against those
  2. Investigate the gaps and vulnerabilities in your company’s cybersecurity
  3. Develop an effective cybersecurity policy

With these complimentary resources, you’ll be well on your way to tightening down your cyber vulnerabilities.

The best part is that you can start today! Check out our recent ebook, 10 Simple Things to Improve Your Company's Cybersecurity Posture, for tips and recommendations for protecting your company by improving your cybersecurity habits.

New Call-to-action

About Matt Kozloski

Matt is an IT industry veteran and well-versed in professional services. He is the former leader of the CT VMUG. VCDX # 194, CISSP # 526947.