Prior preparation key to minimize cyber attack damages
Cyber threats are increasing with each passing day. Besides robbing organizations of millions of dollars, they are also diminishing their corporate reputation, leading to the loss of potential clients and trust in the long run.
In many cases, organizations realized the existence of cyber threats after suffering a substantial damage and eventually there was no way to go back and rectify matters.
Importantly, cyber experts claim that 2017 will see an enhanced threat to organizations globally from cyber criminals.
However, the corporate sector has also started to spruce up its cyber operations and is investing huge amounts to thwart any kind of potential threat.
According to the Cisco® (NASDAQ: CSCO) 2017 Annual Cybersecurity Report (ACR), more than one third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss – often more than 20 percent.
Almost all (90 percent) of these organizations are improving threat defense technologies and processes after attacks by separating IT and security functions (38 percent), increasing security awareness training for employees (38 percent), and implementing risk mitigation techniques (37 percent).
The report surveyed nearly 3,000 chief security officers (CSOs) and security operations leaders from 13 countries in the Security Capabilities Benchmark Study, part of the Cisco ACR.
“In 2017, cyber is business, and business is cyber – that requires a different conversation, and very different outcomes. Relentless improvement is required and that should be measured via efficacy, cost, and well-managed risk. The 2017 Annual Cybersecurity Report demonstrates, and I hope justifies, answers to our struggles on budget, personnel, innovation and architecture,” said Shukri Eid, managing director – East Region, Cisco Middle East.
Challenges and opportunities
The global report highlights challenges and opportunities for security teams to defend against the relentless evolution of cybercrime and shifting attack modes.
CSOs cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 percent of organizations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.
To exploit these gaps, ACR data shows criminals leading a resurgence of ‘classic’ attack vectors, such as adware and email spam, the latter at levels not seen since 2010. Spam accounts for nearly two-thirds (65 percent) of email with eight to ten percent cited as malicious. Global spam volume is rising, often spread by large and thriving botnets.
Mastering the art of TTD
Measuring effectiveness of security practices in the face of these attacks is critical. Cisco tracks progress in reducing time to detection (TTD), the window of time between a compromise and the detection of a threat. Faster time to detection is critical to constrain attackers’ operational space and minimize damage from intrusions.
Cisco has successfully lowered the TTD from a median of 14 hours in early 2016 to as low as six hours in the last half of the year. This figure is based on opt-in telemetry gathered from Cisco security products deployed worldwide.
“One of our key metrics highlighted in the 2017 Annual Cybersecurity Report is the ‘time to detection’ – the time it takes to find and mitigate against malicious activity. We have brought that number down to as low as six hours,” said Scott Manson, Cyber Security Leader for Middle East and Turkey, Cisco.
“A new metric – the ‘time to evolve’ – looked at how quickly threat actors changed their attacks to mask their identity. With these and other measures gleaned from report findings, and working with organizations to automate and integrate their threat defense, we can better help them minimize financial and operational risk and grow their business,” pointed out Manson.