Given the large number of high profile breaches in 2015, it seems likely that internet security will be a bigger topic in 2016 than ever before. But which direction is the industry set to take this year?
Well, if the results of the latest Annual Security Report from Cisco are anything to go by, it’s almost certain that most big organisations will seriously look to bolster their cyber defences this year.
No ad to show here.
According to the report, only 45% of organizations worldwide are confident in their security posture. While executives may be uncertain about their security strength, 92% of them agree that regulators and investors will expect companies to manage cybersecurity risk exposure.
According to Cisco, getting that improved security right won’t be easy. The IT services company says that hackers increasingly tap into legitimate resources to launch effective campaigns for profit-gain. Additionally, direct attacks by cybercriminals, leveraging ransomware alone, put US$34-million a year per campaign into their hands. These miscreants continue to operate unconstrained by regulatory barriers.
Businesses are up against security challenges that inhibit their ability to detect, mitigate and recover from common and professional cyberattacks. Aging infrastructure and outdated organizational structure and practices are putting them at risk.
Things are even worse for South African companies, especially given that South Africa has been identified as the African country with the highest rate of cybercrime occurrences.
Despite new pieces of legislation being pushed through, it’s clear that there’s still a lot of work to be done when it comes to understanding the motives and tactics of of cybercriminals.
The report outlines these and nine other issues which could impact online security in 2016.
1. Decreasing confidence, increasing transparency
Less than half of businesses surveyed were confident in their ability to determine the scope of a network compromise and to remediate damage. But, an overwhelming majority of finance and line-of-business executives agreed that regulators and investors expect companies to provide greater transparency on future cybersecurity risk. This points to security as a growing boardroom concern.
2. Aging infrastructure
Between 2014 and 2015, the number of organizations that said their security infrastructure was up-to-date dropped by 10%. The survey discovered that 92% of Internet devices are running known vulnerabilities. Thirty-one percent of all devices analyzed are no longer supported or maintained by the vendor.
3. SMBs as a potential weak link
As more enterprises look closely at their supply chain and small business partnerships, they are finding that these organizations use fewer threat defense tools and processes. For example, from 2014 to 2015 the number of SMBs that used web security dropped more than 10%. This indicates potential risk to enterprises due to structural weaknesses.
4. Outsourcing on the rise
As part of a trend to address the talent shortage, enterprises of all sizes are realizing the value of outsourcing services to balance their security portfolios. This includes consulting, security auditing and incident response. SMBs, which often lack resources for an effective security posture, are improving their security approach, in part, by outsourcing, which is up to 23% in 2015 over 14% the previous year.
5. Shifting server activity
Online criminals have shifted to compromised servers, such as those for WordPress, to support their attacks, leveraging social media platforms for nefarious purposes. For example, the number of WordPress domains used by criminals grew 221% between February and October 2015.
6. Browser-based data leakage
While often viewed by security teams as a low-level threat, malicious browser extensions have been a potential source of major data leaks, affecting more than 85% of organizations. Adware, malvertising, and even common websites or obituary columns have led to breaches for those who do not regularly update their software.
7. The DNS blind spot
Nearly 92% of “known bad” malware was found to use DNS as a key capability. This is frequently a security “blind spot” as security teams and DNS experts typically work in different IT groups within a company and don’t interact frequently.
8. Time to detection faster
The industry estimate for time to detection of a cybercrime is an unacceptable 100 to 200 days. Cisco has further reduced this figure from 46 to 17.5 hours, since the 2015 Cisco Midyear Security Report was released. Shrinking the time to detection has been shown to minimize cyberattack damage, lowering risk and impact to customers and infrastructures worldwide.
9. Trust matters
With organizations increasingly adopting digitization strategies for their operations, the combined volume of data, devices, sensors, and services are creating new needs for transparency, trustworthiness, and accountability for customers.