Networking giant Cisco is sounding the alarm on security, calling for an “all-hands-on-deck” approach to defend against escalating cyberattacks. Cisco’s 2015 Annual Security Report examines both threat intelligence and cybersecurity trends and includes stark warnings for enterprises large and small.
We already know that attackers are getting better and better at tapping into security gaps without detection. Security teams, which Cisco dubs “defenders,” need to stay on par with the ever-increasing sophisticated attack methods. At the same time, geopolitical motivations are adding a layer of complexity to the threat protection equation, as are conflicting requirements that local laws impose with respect to data sovereignty, data localization and encryption.
Cybercriminals are certainly expanding their tactics and adapting their techniques to carry out cyberattack campaigns that are harder to detect and analyze. Cisco identifies the top three threat intelligence trends as: snowshoe spam, in which a spammer uses a wide array of IP addresses to spread out the spam load; Web exploits hiding in plain sight; and malicious combinations, like Flash and Java exploits.
Protecting the Full Stack
Security needs an all-hands-on-deck approach, where everybody contributes, from the boardroom to individual users, said John Stewart, senior vice president and chief security and trust officer at Cisco.
“We used to worry about DoS, now we also worry about data destruction. We once worried about IP theft, now we worry about critical services failure. Our adversaries are increasingly proficient, exploit our weaknesses and hide their attacks in plain sight,” Stewart said.
“Security must provide protection across the full attack continuum and technology must be bought that is designed and built with that in mind," he added. "Online services must be run with resiliency in mind, and all of these moves must happen now to tip the scales and protect our future. It requires leadership, cooperation, and accountability like never seen before in our industry."
Think Pervasive Security
The Cisco study reveals that 75 percent of CISOs (chief information security officers) see their security tools as very or extremely effective. However, less than 50 percent of respondents use standard tools such as patching and configuration to help prevent security breaches and ensure they are running the latest versions. Heartbleed was the landmark vulnerability last year, yet 56 percent of all installed OpenSSL versions are over four years old. That is a strong indicator that security teams are not patching, Cisco said.
We caught up with Zeus Kerravala, principal analyst at ZK Research, to get his thoughts on the study’s revelations. He told us companies are starting to realize many points in the infrastructure that were once thought to be secure are not -- and those points have become the points of cyberattacks. Kerravala pointed to the Target hack, which came in via a trusted third-party vendor, as an example.
“The notion that there are points in the network that need to be secured and other points that don’t need to be secured is the biggest misguided strategy in security,” Kerravala said. “You are only as good as your weakest link. Within many organizations, there are many links that aren’t protected at all. That requires a shift in security strategy. Companies need to think more of how you make security pervasive across the network.”