The Cisco 2015 Annual Security Report is divided into four areas of discussion and issues explored within them, may at first glance seem disparate, but closer examination reveals their interconnectedness:
1. Threat Intelligence
2. Security Capabilities Benchmark Study
3. Geopolitical and Industry Trends
4. Changing the View Toward Cybersecurity—From Users to the Corporate Boardroom
Below are the Key Discoveries in Cisco 2015 Annual Security Report:
Attackers have become more proficient at taking advantage of gaps in security to hide and conceal malicious activity.
- In 2014, 1 percent of high-urgency common vulnerabilities and exposure (CVE) alerts were actively exploited. This means organizations must prioritise and patch that 1 percent of all vulnerabilities quickly. But even with leading security technology, excellence in process is required to address vulnerabilities.
- Since the Blackhole exploit kit was sidelined in 2013, no other exploit kit has been able to achieve similar heights of success. However, the top spot may not be as coveted by exploit kit authors as it once was.
- Java exploits have decreased by 34 percent, as Java security improves and adversaries move to embrace new attack vectors.
- Spam volume increased 250 percent from January 2014 to November 2014.
- Snowshoe spam, which involves sending low volumes of spam from a large set of IP addresses to avoid detection, is an emerging threat.
Users and IT teams have become unwitting parts of the security problem.
- Online criminals rely on users to install malware or help exploit security gaps.
- Heartbleed, the dangerous security aw, critically exposes OpenSSL. Yet 56 percent of all OpenSSL versions are older than 50 months and are therefore still vulnerable.
- Users’ careless behaviour when using the Internet, combined with targeted campaigns by adversaries, places many industry verticals at higher risk of web malware exposure. In 2014, the pharmaceutical and chemical industry emerged as the number-one highest-risk vertical for web malware exposure, according to Cisco Security Research.
- Malware creators are using web browser add-ons as a medium for distributing malware and unwanted applications. This approach to malware distribution is proving successful for malicious actors because many users inherently trust add-ons or simply view them as benign.
The Cisco Security Capabilities Benchmark Study reveals disconnects in perceptions of security readiness.
- Fifty-nine percent of Chief Information Security Officer (CISOs) view their security processes as optimised, compared to 46 percent of security operations (SecOps) managers.
- About 75 percent of CISOs see their security tools as very or extremely active, with about one-quarter perceiving security tools as only somewhat active.
- Ninety-one percent of respondents from companies with sophisticated security strongly agree that company executives consider security a high priority.
- Less than 50 percent of respondents use standard tools such as patching and configuration to help prevent security breaches.
- Larger, midsize organizations are more likely to have highly sophisticated security postures, compared to organizations of other sizes included in the study.