Tuesday, February 18, 2014

Cisco 2014 Annual Security Report - An Erosion of Trust

Get the report here: http://www.cisco.com/web/offers/lp/2014-annual-security-report/index.html 
Selected highlights:
  • 100 percent of companies have systems calling malicious malware hosts. Investigations of multinational companies show evidence of internal compromise. Suspicious traffic is emanating from their networks and attempting to connect to questionable sites.
  • Threats grow: 14 percent year over year – new alerts
  • Market verticals: The rate of malware goes up or down as the value of a particular vertical’s goods and services rises or declines.
  • 37 billion “intelligent things” connected to the Internet by 2020.
  • Old blogs and idle domains: Millions of abandoned blogs and purchased domains sitting idle, and many of them are probably now owned by cybercriminals. Cisco security experts predict the problem will only worsen as more and more people in emerging Internet markets around the globe establish a blog or a website, only to let it languish later.
  • Making noise: DDoS attacks are increasingly being used to conceal other nefarious activity, such as wire fraud before, during, or after a campaign
  • Talent shortage: It’s estimated that by 2014, the industry will still be short more than a million security professionals across the globe.
  • Cloud computing: For smaller organizations or those with budget constraints, a well-protected and well-managed cloud service can offer more security safeguards than a business’s own servers and firewalls.
  • Security Objectives for 2014: Verifying Trustworthiness and Improving Visibility
Special note for Java:
  • 76 percent of enterprises using Cisco solutions are also using the Java 6 Runtime Environment, in addition to Java 7. Java 6 is a previous version that has reached its end of life and is no longer supported.
  • Java comprises 91 percent of web exploits.
  • 97 percent of enterprise desktops run Java
Impressive statistics – Cisco evaluates:
  • 16 billion web requests are inspected daily through Cisco Cloud Web Security
  • 93 billion emails are inspected daily by Cisco’s hosted email solution
  • 200,000 IP addresses are evaluated daily
  • 400,000 malware samples are evaluated daily