Major Findings

Zobraziť pojem v strome Domain: 14

Description

  • Three leading exploit kits—Angler, Nuclear, and Neutrino—abruptly disappeared from the landscape in 2016, leaving room for smaller players and new entrants to make their mark.

  • According to the Cisco 2017 Security Capabilities Benchmark Study, most companies use more than five security vendors and more than five security products in their environment. Fifty-five percent of the security professionals use at least six vendors; 45 percent use anywhere from one to five vendors; and 65 percent use six or more products.

  • The top constraints to adopting advanced security products and solutions, according to the benchmark study, are budget (cited by 35 percent of the respondents), product compatibility (28 percent), certification (25 percent), and talent (25 percent).


  • The Cisco 2017 Security Capabilities Benchmark Study found that, due to various constraints, organizations can investigate only 56 percent of the security alerts they receive on a given day. Half of the investigated alerts (28 percent) are deemed legitimate; less than half (46 percent) of legitimate alerts are remediated. In addition, 44 percent of security operations managers see more than 5000 security alerts per day.

  • Twenty-seven percent of connected third-party cloud applications introduced by employees into enterprise environments in 2016 posed a high security risk. Open authentication (OAuth) connections touch thecorporate infrastructure and can communicate freely with corporate cloud and software-as-a-service (SaaS) platforms after users grant access.

  • An investigation by Cisco that included 130 organizations across verticals found that 75 percent of those companies are affected by adware infections. Adversaries can potentially use these infections to facilitate other malware attacks.

  • Increasingly, the operators behind malvertising campaigns are using brokers (also referred to as “gates”). Brokers enable them to move with greater speed, maintain their operational space, and evade detection. These intermediary links allow adversaries to switch quickly from one malicious server to another without changing the initial redirection.

  • Spam accounts for nearly two-thirds (65 percent) of total email volume, and our research suggests that global spam volume is growing due to large and thriving spam-sending botnets. According to Cisco threat researchers, about 8 percent to 10 percent of the global spam observed in 2016 could be classified as malicious. In addition, the percentage of spam with malicious email attachments is increasing, and adversaries appear to be experimenting with a wide range of file types to help their campaigns succeed.

  • According to the Security Capabilities Benchmark Study, organizations that have not yet suffered a security breach may believe their networks are safe. This confidence is probably misplaced, considering that 49 percent of the security professionals surveyed said their organizations have had to manage public scrutiny following a security breach.

  • The Cisco 2017 Security Capabilities Benchmark Study also found that nearly a quarter of the organizations that have suffered an attack lost business opportunities. Four in 10 said those losses are substantial. One in five organizations lost customers due to an attack, and nearly 30 percent lost revenue.


  • When breaches occur, operations and finance were the functions most likely to be affected (36 percent and 30 percent, respectively), followed by brand reputation and customer retention (both at 26 percent), according to respondents to the benchmark study.

  • Network outages that are caused by security breaches can often have a long-lasting impact. According to the benchmark study, 45 percent of the outages lasted from 1 to 8 hours; 15 percent lasted 9 to 16 hours, and 11 percent lasted 17 to 24 hours. Fortyone percent (see page 55) of these outages affected between 11 percent and 30 percent of systems.

  • Vulnerabilities in middleware—software that serves as a bridge or connector between platforms or applications—are becoming more apparent, raising concerns that middleware is becoming a popular threat vector. Many enterprises rely on middleware, so the threat could affect every industry. During the course of a Cisco® project, our threat researchers discovered that a majority of new vulnerabilities examined were attributable to the use of middleware.

  • The cadence of software updates can affect user behavior when it comes to installing patches and upgrades. According to our researchers, regular and predictable update schedules result in users upgrading their software sooner, reducing the time during which adversaries can take advantage of vulnerabilities.

  • The 2017 Security Capabilities Benchmark Study found that most organizations rely on third-party vendors for at least 20 percent of their security, and those who rely most heavily on these resources are most likely to expand their use in the future.

Importance

High

Links

http://b2me.cisco.com/en-us-annual-cybersecurity-report-2017 
p. 5 - 6

Súvisiace pojmy:

Nadradený pojem:
Podradené pojmy:
Susedné pojmy:

© Knowww 2017