This month, we officially unveiled the Cisco 2015 Annual Security Report, which captures an industry snapshot of our security landscape from an IT network trend perspective. The most glaring point about the report is the seeming “perception versus reality” disconnect among survey respondents: while 60 per cent aren’t patching, 90 per cent of those polled remain “confident” in their cybersecurity capabilities.
This is interesting, to say the least: implicit in this finding is the notion there is a disconnect between intent and actions. A large chunk of today’s security practitioners aren’t taking advantage of the critical tools available to thwart attacks. It goes without saying that Canadian organizations should be paying attention to the latest threat intelligence and cybersecurity trends. It also feels like a no-brainer to say that organizations should be making security a key priority, but there is a renewed sense of urgency in 2015, largely driven by the fact that attackers have become extremely savvy in taking advantage of gaps in security to evade detection and conceal malicious activity.
The report bears that out: Cisco threat intelligence research revealed that attackers have increasingly shifted their focus from seeking to compromise servers and operating systems, to seeking to exploit users at the browser and email level. Other findings include web exploits hiding in plain sight and spam emerging as a preferred strike method – creating a situation where attackers are sending low volumes of spam from a large set of IP addresses to avoid detection.
Indeed, this past year has seen radical changes to the nature and frequency of attacks, which has required a massive change in thought: it’s no longer a matter of if you’ll be attacked, or even when. You need to assume you already have been compromised. Now, more than ever, organizations need to focus on and invest in post-attack strategies and solutions.
Organizations therefore need to step up their security game; best practices dictate that organizations must be constantly improving their network approach to protect their business. Simply put, an attack occurs in three stages: before, during and after. Historically, the majority of attention has been given to the “before” stage, in order to prevent an attack from happening. Unfortunately, focusing on prevention no longer guarantees security.
One of the Cisco’s key security components is its Advanced Malware Protection (AMP) from Sourcefire. When Cisco acquired Sourcefire , a key objective was to provide one of the industry’s most comprehensive advanced threat protection portfolios. We were well aware that the threat landscape was evolving, especially with the huge spike in trends such as mobility and cloud computing. We wanted to make sure we had the right products – and the right people – in place to handle all attack vectors.
So take a look at the Cisco 2015 Annual Security Report. Let us know what you think. Is there a security “perception versus reality” disconnect within your business? The security landscape has changed tremendously in the last five years, and there’s every reason to believe the next five years will see yet another shift in the dynamic. The exact nature of that shift remains to be seen, but as long as we continue to plan accordingly we’ll be prepared to deal with those challenges when they arrive.