Cisco UK & Ireland Blog

7 things we learnt from the Cisco Annual Security report

January 19, 2016

Today we’ve published our Cisco Annual Security Report – and as always it’s revealed some telling findings on the state of cyber security.

The report takes in the views of IT professionals across the world and shows businesses making strides in advancing security in the face of persistent attacks and increasing threats.

To help you digest the report, I’ve pulled out seven key findings from this annual temperature check:

Ageing infrastructure a challengecisco annual security report

Every company has to make IT security a priority. However, we found many organisations are relying on creaking network infrastructures that are old, and outdated, as well as running vulnerable operating systems. Between 2014 and 2015, the number of organisations that said their security infrastructure was up-to-date dropped by 10%.

The research also found 92% of devices run software with known vulnerabilities. On average, each piece of software on those devices contained 26 such weaknesses. Some industries also look particularly vulnerable – with some organisations in financial services, healthcare and retail running software that is at least six years old. Elsewhere, the government, electronic, healthcare and professional sectors are at the highest risk from malware attacks.

Hackers are attacking via WordPress

Hackers are using domains on the popular content management site WordPress for malicious purposes – we found a trend of cyber criminals shifting onto compromised servers to support their attacks. Our research shows growth of this practice by 221% between February and October last year. This means social media platforms are increasingly being used for nefarious purposes, so companies have to be vigilant. For firms using WordPress, they should strengthen their passwords and update any plugins to help protect themselves from weaknesses.

Breaches are going undetected for too long – but we’re making progress

The current industry estimate for detecting a cybercrime (TTD) is an unacceptable 100 to 200 days. Since May last year, Cisco has reduced this median time of detecting known threats in our networks to around 17 hours. Cutting the time to detection minimises cyber attack damage, lowers risk and as well as the impact to customers and infrastructures.

Decreased confidence, increased transparency

We found less than half of businesses felt confident in their ability to work out the scope of a network compromise, and how to remediate damage. However, an overwhelming majority of finance and line-of-business executives agreed that regulators and investors expect companies to provide greater transparency on future cyber security.

Browser data leakage

It’s time to check the web browser extensions you’re using. Extensions are often seen as a low level threat by security teams but malicious versions are a potential source of major data leaks. We found this affects 85% of organisations. Adware, malvertising, and even common websites or obituary columns have led to breaches for those who do not regularly update their software.

The DNS blind spot

Worryingly, 62% of security professionals report their organisation does not monitor threats with Domain Net Service (DNS). This is despite 91% of malware using DNS in its attacks. This is frequently a security ‘blind spot’ with DNS experts and security teams typically working in different IT groups. If they don’t interact frequently, this oversight can be exposed by cyber criminals.

The SMB ‘weak-link’

Only 48% of small and medium sized businesses (SMBs) we spoke to said they used web security in 2015. This is being driven by budget issues, which were flagged as the biggest barrier to adopting advanced security processes. The use of threat defenses by SMBs is also in decline – with just 42% using mobile security last year, compared to 52% in 2014.

You can download the full report Cisco Annual Security Report here. Let me know your thoughts about the findings from this year’s research in the comments below.  

Leave a comment


  1. Hi Terry –

    Not the best way to try and ‘doorstep’ you but wiredback has been in the cyber liability insurance marketplace for several years and we do have exclusivity with insurance behemoth AIG to distribute a Cyber Liability insurance product aimed at the ‘s’ in SME. It srikes me that Cisco would be a perfect distribution partner here, and beneficial to Cisco too. Your comment, The Times 14 March, ‘those that have been hacked and those that don’t yet know they have been hacked’ I found particularly striking wrt to a risk managed solution. I would welcome the opportunity to discuss further with you if interested.

    Best regards
    Garry Clark