Cyber attacks via cloud-based applications and spam are on the rise this year, according to Cisco's 2017 Annual Cybersecurity Report, released Tuesday.
Some 27% of connected third-party cloud applications introduced by employees into enterprises in 2016 posed a high security risk, the report found.
And, after dropping to their lowest level in a decade in 2015, spam attacks are on the rise once again, Cisco stated. Today, nearly two-thirds of emails are spam, with 8-10% marked as malicious, according to the report. Spam's resurgence is due in part to the rise of large and spreading botnets, the report said.
Why the rise in attacks? In part, it's because enterprise security departments are growing in complexity: 65% of businesses surveyed use anywhere from six to more than 50 different security products, which increases the potential for security gaps, Cisco noted. In order to take advantage of these gaps, cybercriminals have increased "classic" attack vectors via adware and email spam to new levels.
Security breaches come at a high cost: More than one-third of businesses that experienced a security breach in 2016 reported customer, opportunity, and revenue loss of more than 20%.
Nearly 3,000 chief security officers (CSOs) and security operations leaders from 13 countries participated in the Cisco report.
Just 56% of security alerts are investigated, Cisco found, and less than half of legitimate alerts are remediated. Budget concerns, poor compatibility of systems, and a lack of trained talent were the largest barriers to advancing enterprise security, the CSOs reported. Indeed, 57% of businesses recently reported major issues finding and recruiting talented IT security staff.
The vast majority of organizations (90%) that experienced a cyber attack are working to improve threat defense technologies and processes, the report found. Common tactics include separating IT and security functions (38%), increasing security awareness training for employees (38%), and implementing risk mitigation techniques (37%).
To better prevent, detect, and mitigate threats, Cisco recommends the following tips:
1. Make security a business priority: Executive leadership must own and evangelize security and fund it as a priority.
2. Measure operational discipline: Review security practices, patch, and control access points to network systems, applications, functions, and data.
3. Test security effectiveness: Establish clear metrics. Use them to validate and improve security practices.
4. Adopt an integrated defense approach: Make integration and automation high on the list of assessment criteria to increase visibility, streamline interoperability, and reduce the time to detect and stop attacks. Security teams then can focus on investigating and resolving true threats.
"In 2017, cyber is business, and business is cyber—that requires a different conversation, and very different outcomes," said John N. Stewart, Cisco's senior vice president and chief security and trust officer, in a press release. "Relentless improvement is required and that should be measured via efficacy, cost, and well managed risk."
- Help wanted: Universities double down on security to help fill 1 million open jobs(TechRepublic)
- Video: What the Secret Service can teach us about cybersecurity (ZDNet)
- TiaraCon to bring more women into critical, lucrative cybersecurity jobs that are going unfilled(TechRepublic)
- IoT devices can be hacked in minutes, warn researchers (ZDNet)
- What business leaders need to know about the state of cybersecurity (TechRepublic)
Alison DeNisco Rayome has nothing to disclose. She does not hold investments in the technology companies she covers.
Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.