Cisco UK & Ireland Blog

Key findings from Cisco 2016 Midyear Cybersecurity report

September 8, 2016

With Gartner’s Security Summit around the corner, Steve Frost takes us through some of the major findings from Cisco 2016 Midyear Cybersecurity report.

Get up-to-date with cybersecurity

With the Gartner Security & Risk Management Summit on the way (taking place in London, 12-13 September), I thought this would be the ideal time to offer insight into current security trends and threats — helping you get up-to-date in preparation for the event.

Distilling information from the Cisco 2016 Midyear Cybersecurity Report, I identified two main problem areas that organisations need to address now to strengthen their security . I’ve also compiled some advice on how to deal with those challenges.

So let’s jump right in.

Problem area one: ageing networks and IT infrastructure

Outdated IT puts the digital economy at risk. This statement might sound slightly sensational, but the dangers of running an ageing network are well documented. More than 23 per cent of organisations still have known vulnerabilities in their networks dating back to 2011. Around 16 per cent have yet to address vulnerabilities first uncovered in 2009. And, shockingly, 10 per cent have failed to deal with their problems for over ten years.

The Cisco 2016 Midyear Cybersecurity Report shows that even though defenders are innovating, it’s not enough. Thanks to the hodgepodge of web browsers, applications and infrastructure in place at most organisations, there are still many entryways for attackers to exploit. In these ageing infrastructures, there’s an average of 28 vulnerabilities per internet device. And those vulnerabilities run on those devices for five years, on average.

As a result, the infrastructure that should support the digital economy is fragile and reliant on inadequate security practices. Instead of facing the calculated risk of taking critical infrastructure offline temporarily for an upgrade, organisations are placing a bet on the slim-to-none chance that they won’t be targeted by attackers.

Problem area two: defenders’ capability versus attackers’ innovation and persistence

According to the Cisco 2016 Midyear Cybersecurity Report, defenders aren’t protecting their systems in a way that matches how attackers do their work; there’s an asymmetry. Defenders have evolved their strategies and tools, but not as fast as attackers have done. Attackers are increasingly professional in their techniques, which are designed to let them remain undetected as long as possible. And defenders’s slow progress is permitting far too much unconstrained time for attackers to operate.

Part of the problem is a lack of visibility, which is leaving organisations open to attacks. Instead of striving for a better view of the threat landscape, security professionals rely on point solutions and a ‘triage’ approach — trying to stop attacks here and there, instead of taking an architectural approach to their security challenges. And this is playing to attackers’ strengths.

While defenders refine and innovate their processes to close gaps through vulnerability disclosure and patching, attackers use their skills to open these gaps yet again. This action leads to numerous, complex attacks which undermine defenders’ ability to respond.

Cisco’s observation of the shadow economy also shows that attackers are focusing more on generating revenue. Ransomware has evolved to become the most profitable malware type in history — and businesses of all sizes and across all industries are being targeted.

The time for action is now

There are many ways to combat these threats. For example, by upgrading ageing infrastructures and systems while patching known vulnerabilities, businesses can undermine the ability of cybercriminals to exploit those assets to carry out their campaigns.

Many organisations have now reached a tipping point with their infrastructures. They want to simplify and update their devices and software to reduce costs; they also want to build a strong IT foundation that will help them succeed in the emerging digital economy. This need for a simpler and stronger infrastructure is a great opportunity to harden security and enable visibility throughout their networks — and to reduce the unconstrained time to operate that many adversaries currently enjoy.

Your next step

It’s clear that in secure infrastructures can’t support the risks of the emerging digital economy. To truly realise the benefits that digitisation and the Internet of Things bring, organisations need to tackle the security problems that they have now.

Following the solutions I highlighted earlier is a great way to start strengthening security and preparing for future success. But there’s always more you can do.

I’m sure there’ll be a world of insight available at Gartner’s Security Summit.

And if you want even more information on the state of cybersecurity in 2016, read the Cisco 2016 Midyear Cybersecurity Report.

Meta description:

With Gartner’s Security Summit around the corner, Steve Frost takes us through some of the major findings from the Cisco 2016 Midyear Cybersecurity Report.

Leave a comment