March 19, 2018 By Douglas Bonderud 2 min read

Cybersecurity always moves at breakneck speed. A new report recently examined the pain points of 3,600 security experts worldwide and revealed some good news and some bad news about how companies are managing risks and responding to threats as the cybercrime landscape shifts.

Among the positive findings of Cisco’s “2018 Annual Cybersecurity Report” is that 53 percent of security professionals now use the cloud for improved protection, and 34 percent rely on machine learning to both simplify and speed security response. But there’s another side to the story: Burst attacks and malware cryptoworms are on the rise, while mobile owns the top spot as the most difficult area to defend.

What Are the Top Security Concerns?

The report revealed that 42 percent of organizations experienced short-burst distributed denial-of-service (DDoS) attacks in 2017. In addition, malicious actors are finding new ways to spread malware by developing cryptoworms capable of self-propagating across networks. Unlike traditional attacks, which require human actors to click on links or download malicious attachments, cryptoworms can infect networks via any active, unpatched workstation.

Another issue is encryption. The first line of defense in securing data in transit and at rest, encryption also provides the framework necessary for cybercriminals to hide malicious code. The study noted a threefold increase in encrypted network communication used by malware.

The report also addressed familiar attack vectors such as insider threats. Despite the fact that less than 1 percent of insiders were flagged for suspicious downloads, these actors each accounted for an average of 5,200 document downloads.

Insecure mobile devices, meanwhile, are increasingly difficult for security professionals to defend. That’s because they’re typically owned by users, leverage a wide variety of operating systems and lack the systematic regulation characteristic of traditional workstations.

The result is a cybersecurity landscape in which 53 percent of attacks result in damages over $500,000, to say nothing of the time needed for remediation, potential impact to brand reputation and downstream consequences if cybercriminals leave behind persistent infections.

Addressing Emerging Cybersecurity Risks

With the complexity of cloud deployments making it easier for attackers to breach network defenses and new Internet of Things (IoT) threats on the horizon — in addition to bursts, worms and evolving mobile threats — how can companies push back and reduce the chance of compromise?

The report noted that organizations must address the cybersecurity skills gap by promoting better collaboration between security and network teams. Advancements in security technology can also provide some relief. These include:

  • Automation. IT security perimeters are complex, variable and continuously expanding. As a result, security professionals can’t do all the heavy lifting. CSO Online pointed out that routine tasks such as traffic scanning and threat reporting are best handled by automated solutions with throughput to prioritize critical security alerts and only notify IT teams when necessary.
  • Machine learning. As noted by Business Review, machine learning offers the potential to improve security system functionality over time by giving network defenses the ability to both recognize common attack vectors and discover new threats as they emerge.
  • Artificial intelligence (AI). More encryption means less visibility. According to the Cisco report, enterprises are now leveraging artificial intelligence to detect anomalous patterns in large volumes of encrypted traffic. AI tools can also help organizations automate patch management.

While some of Cisco’s findings are encouraging, the report emphasized that attackers aren’t resting on their laurels. Instead, they’re designing better burst attacks, evolving malware worms and leveraging malicious code to infect mobile devices. Organizations must continue to push the envelope and invest in modern security technologies if they expect to keep pace.

More from

Taking the complexity out of identity solutions for hybrid environments

4 min read - For the past two decades, businesses have been making significant investments to consolidate their identity and access management (IAM) platforms and directories to manage user identities in one place. However, the hybrid nature of the cloud has led many to realize that this ultimate goal is a fantasy. Instead, businesses must learn how to consistently and effectively manage user identities across multiple IAM platforms and directories. As cloud migration and digital transformation accelerate at a dizzying pace, enterprises are left…

IBM identifies zero-day vulnerability in Zyxel NAS devices

12 min read - While investigating CVE-2023-27992, a vulnerability affecting Zyxel network-attached storage (NAS) devices, the IBM X-Force uncovered two new flaws, which when used together, allow for pre-authenticated remote code execution. Zyxel NAS devices are typically used by consumers as cloud storage devices for homes or small to medium-sized businesses. When used together, the flaws X-Force discovered allow a remote attacker to execute arbitrary code on the device with superuser permissions and without requiring any credentials. This results in complete control over the…

What cybersecurity pros can learn from first responders

4 min read - Though they may initially seem very different, there are some compelling similarities between cybersecurity professionals and traditional first responders like police and EMTs. After all, in a world where a cyberattack on critical infrastructure could cause untold damage and harm, cyber responders must be ready for anything. But are they actually prepared? Compared to the readiness of traditional first responders, how do cybersecurity professionals in incident response stand up? Let’s dig deeper into whether the same sense of urgency exists…

Unified endpoint management for purpose-based devices

4 min read - As purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment and which often run on a different operating system than typical office devices. Examples include ruggedized tablets and smartphones, handheld scanners and kiosks. Many different industries are utilizing purpose-built devices, including travel and transportation, retail, warehouse and distribution, manufacturing (including automotive)…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today