Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cisco 2017 Security Annual Report

Published byByron Derek Kennedy Modified over 6 years ago

Similar presentations

Presentation on theme: "Cisco 2017 Security Annual Report"— Presentation transcript:

1 Cisco 2017 Security Annual Report
The Cisco 2017 Annual Cybersecurity Report presents our latest security industry advances designed to help organizations and users defend against attacks. We also look at the techniques and strategies that adversaries use to break through those defenses. The report also highlights major findings from the Cisco 2017 Security Capabilities Benchmark Study, which examines the security posture of enterprises and their perceptions of their preparedness to defend against attacks. Cisco 2017 Security Annual Report

2 Cisco 2017 Security Capabilities Benchmark Study
To gauge the perceptions of security professionals on the state of security in their organizations, Cisco asked chief security officers (CSOs) and security operations (SecOps) managers in several countries and at organizations of various sizes about their perceptions of their own security resources and procedures. The Cisco 2017 Security Capabilities Benchmark Study offers insights on the maturity level of security operations and security practices currently in use, and also compares these results with those of the 2016 and 2015 reports. The study was conducted across 13 countries with more than 2900 respondents.

3 Major Findings Three leading exploit kits—Angler, Nuclear, and Neutrino—abruptly disappeared from the landscape in 2016, leaving room for smaller players and new entrants to make their mark.

4 Exploit kit F-secure.com trendmicro.com

5 Major Findings According to the Cisco 2017 Security Capabilities Benchmark Study most companies use more than five security vendors and more than five security products in their environment. 55% of the security professionals use at least six vendors 45% use anywhere from one to five vendors And 65% use six or more products. The top constraints to adopting advanced security products and solutions, according to the benchmark study are: Budget (35%) product compatibility (28%) Certification (25%) Talent (25%).

6 Major Findings The Cisco 2017 Security Capabilities Benchmark Study found that, due to various constraints, organizations: can investigate only 56% of the security alerts they receive on a given day. Half of the investigated alerts (28%) are deemed legitimate less than half (46%) of legitimate alerts are remediated. 44% of security operations managers see more than 5000 security alerts per day.

7 Major Findings 27% of connected third-party cloud applications introduced by employees into enterprise environments in 2016 posed a high security risk. Open authentication (OAuth) connections touch the corporate infrastructure and can communicate freely with corporate cloud and software-as-a- service (SaaS) platforms after users grant access.

8 Major Findings An investigation by Cisco that included 130 organizations across verticals found that 75% of those companies are affected by adware infections. Adversaries can potentially use these infections to facilitate other malware attacks.

9 Major Findings Spam accounts for nearly two-thirds (65%) of total volume Cisco research suggests that global spam volume is growing due to large and thriving spam-sending botnets 8% to 10% of the global spam observed in could be classified as malicious the percentage of spam with malicious attachments is increasing, and adversaries appear to be experimenting with a wide range of file types to help their campaigns succeed.

10 Major Findings The Cisco 2017 Security Capabilities Benchmark Study also found that nearly a quarter of the organizations that have suffered an attack lost business opportunities Four in 10 said those losses are substantial One in five organizations lost customers due to an attack 30% lost revenue. 36% had their operations affected 26% Brand reputation and customer retantion

11 Major Findings Network outages that are caused by security breaches
45% of the outages lasted from 1 to 8 hours 15% lasted 9 to 16 hours 11% lasted 17 to 24 hours 41% of these outages affected between 11% and 30% of systems.

12 Major Findings The cadence of software updates can affect user behavior when it comes to installing patches and upgrades. According to our researchers, regular and predictable update schedules result in users upgrading their software sooner, reducing the time during which adversaries can take advantage of vulnerabilities. The 2017 Security Capabilities Benchmark Study found that most organizations rely on third-party vendors for at least 20 percent of their security, and those who rely most heavily on these resources are most likely to expand their use in the future.

13 VOLUME 22, APRIL 2017

14 Symantec Global Intelligence Network
98 million attack sensors 157 countries Through a combination of Symantec products And third parties More than 88,900 recorded vulnerabilties More than 20 years 24,560 vendors, 78,900 products

15 Summary Multi-million dollar virtual bank heists
Open attempts to disprupt the US elections One of the biggest DdoS attacks on record using a botnet of IoT devices Using very simple tools and tactics

16 Living off the land “Only pre-installed software is used by the attacker and no additional binary executables are installed onto the system” Symantec Less new files → no trace → harder detection Spear-phishing and social engineering Categories Memory-only Filess persistence (Windows registry) Dual-use tools (netsh, sc.exe) Non-PE file (Portable Executable) (power shell script)

17 Fileless malware targeting US restaurants went undetected by most AV
By FIN7 It arrives in a Word document attached to a phishing Contains attachments with names like menu.rtf, Olive Garden.rtf, etc Convince the victim to exit “Protected View” Javascript (obfuscated) copies malicious code into 2 files, stored in two distinct directories The first malicious code creates a schedule Windows task that executes the second The second starts up a powershell process ……..

18 Targeted attacks More overt activity with decline in covert activity
economic espionage, theft of intellectual property, and trade secrets 2015 agreement US/China Designed to destabilize and disprupt organizations and countries DNC attack and leak of stolen information Disk-wiping malware was used against targets Ukraine and power outages The trojan Shamoon reappeared after four years against multiple organizations in Saudi Arabia

19

20 Financial heists Cyber criminals focused mainly in customers
Now the attackers are targeting the banks Up to millions of dollars in a single attack Gangs Carnabak, against US banks Banswift, $81 US millions from Bangladesh’s central bank in fraudulent transactions Odinaff, fraudulent transactions hiding customer’s own records of SWIFT messages relating to such transactions Less sophisticated groups using BEC (Busisness Compromise) scams. More than $3 billion in the past three years

21 Emails Malicious emails were the weapon of choice
1 in 131 s sent were malicious The highest rate in 5 years Proven attack channel It does not rely on vulnerabilities Social enginnering to open attachments, follow links and disclosing credentials

22 Ransomware Continues to plague businesses and consumers
Indiscriminate campaigns with massive volumes of malicious s Attackers are demanding more From $294 in 2015 to $1,077 in 2016, in average

23 IoT and cloud Beginning to emerge as big threats Mirai
Ransomware and financial fraud still ahead Mirai Botnet composed of IoT devices (routers and cameras) Weak security The average IoT device was attacked once every two minutes

24

25

26

Download ppt "Cisco 2017 Security Annual Report"

Similar presentations

7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.

© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.

STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.

 Malicious or unsolicited mail sent to a mailbox without the option to unsubscribe  Often used as a catch-all of any undesired or questionable mail.
Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.

Global Information Security Issues According to the E&Y Global Survey, Managers Say the Right Thing… –90% of 1400 companies surveyed in 66 countries say.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.

Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.

Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.

Security Innovation & Startup. OPEN THREAT EXCHANGE (OTX): THE HISTORY AND FUTURE OF OPEN THREAT INTELLIGENCE COMMUNITY ALIENVAULT OTX.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.

1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Topic 5: Basic Security.

Topic 5: Basic Security.

Similar presentations

Ads by Google