Let’s face it, malware is everywhere now, and it’s here to stay. The statistics are staggering. According to the 2014 Cisco Annual Security Report, “100 percent of the business networks analyzed by Cisco had traffic going to websites that host malware” and 96 percent of the business networks analyzed had connections to known hijacked infrastructure or compromised sites. It’s a pretty scary reality for organizations and the security teams that are tasked with protecting these organizations from threats.
Not only is malware abundant and pervasive, but it comes in all shapes and sizes, including trojans, adware, worms, downloaders, droppers, ransomware, and polymorphic malware to name a few. Furthermore, it’s attacking us on all fronts, regardless of the device or operating system that we are using.
Read More »
Tags: AMP, cisco annual security report, malware, security
Is the combination of cloud computing and mobility a perfect storm of security threats?
Actually, yes. And you should prepare for them as if there is a storm coming.
As businesses become increasingly mobile, so does sensitive data. In fact, in a recent survey conducted by ESG,
31% of security professionals say that the biggest risk associated with cloud infrastructure services is, “privacy concerns associated with sensitive and/or regulated data stored and/or processed by a cloud infrastructure provider.”
With cloud-based services, it is key to have visibility into applications and provide consistent experience across devices accessing the web and cloud applications. More users are leaving the standard PC behind and engaging cloud applications through a mobile device, making application-layer security and user access security critical. Smartphones and tablets are able to connect to applications running anywhere, including public, private and hybrid cloud applications, opening your data to potential attacks. Security professionals need assurances that their cloud security provider will appropriately secure customer data while ensuring availability and uptime.
The conversation is no longer if you’ll be attacked, but when. And will you be prepared?
Read the full article: Data Security Through the Cloud
Tags: CIO, cisco annual security report, Cisco Security, Cisco Security Grand Challenge, CiscoCloud, cloud, cloud security, data security, ESG, Internet of Everything, IoE, ITaaS, security
Last week, following the release of the 2014 Cisco Annual Security Report, my colleague Levi Gundert and I took questions from you, our partners and customers, about the report and its most interesting findings.
This year’s report highlighted a number of new trends and found unprecedented growth of threat alerts, which reached the highest level we’ve seen in more than a decade of monitoring.
Although the report paints a grim picture of the current state of cybersecurity, we are optimistic that there is hope for restoring trust in people, institutions, and technologies. This must start with empowering defenders with real-world knowledge about expanding attack surfaces. To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during, and after an attack.
Here is a link to view the recording of the broadcast. If you have any questions that didn’t get answered, please leave them in the comments, and Levi or I will get back to you.
Tags: 2014 annual security report, asr, cisco annual security report, CSO, cybersecurity, John Stewart, Levi Gundert, Live Social Broadcast, security, skills gap
The demand for skilled IT security professionals is growing everyday in both the private and public sector, and much of today’s security training is dangerously out of step with current threats.
A recent Ponemon Cyber Attack study found that cyber crime was up 78% in 2013 vs. 2012, with resolution and recovery time more than doubling over the past year, costing organizations tens of millions of dollars annually.
Read More »
Tags: CCNP Security, cisco annual security report, cybersecurity, Jeanne Beliveau-Dunn, Learning@Cisco, security, skills gap
The Cisco 2014 Annual Security Report has been released, following months of collaboration between threat researchers and other cybersecurity experts at Cisco and Sourcefire. As promised, it provides a “warts-and-all analysis” of security news from 2013 and our perspective for the year ahead based on the hard data collected through Cisco security products and analyzed by our researchers.
Our report that the cyberthreat and risk landscape has only grown stronger and more complex over the past year is not a revelation, perhaps. But we also now assert that because the cybercrime network has become so mature, far-reaching, well-funded, and highly effective as a business operation that very little in the cyber world can—or should—be trusted without verification.
We also expect adversaries to continue designing campaigns that take advantage of users’ trust in systems, applications, and the people and businesses they know. It’s an effective strategy. How do we know? Because 100 percent of the networks analyzed by Cisco have traffic going to known malware threat sites, and there is no doubt that the vast majority of those compromises relied initially on some abuse of trust.
Read More »
Tags: 2014 annual security report, cisco annual security report, security