Cyber-Security Reports Reveal Growing Concerns About Data Breach Risks

By -

CA Veracode Acquisition
The week of Feb. 19 was a busy one for cyber-security industry reports as at least nine different technology companies released studies that tried to provide insight into a wide array of cyber-risks.
Among the organizations that released reports this week were Akamai, Cisco, RedLock, Fortinet, Trend Micro, Raytheon, Thales, Verizon and Centrify. Some of the reports provide broad industry context for the state of cyber-security in 2018, while others focused on more specific areas like mobility and the gap between cyber-security perceptions and reality.
Overall, the reports show that cyber-security threat volume is increasing, though there are a number of positive things that organizations are doing to help counter threats.
Perhaps the largest report released was the 68-page Cisco Annual Cyber-Security Report (ACR) that came out on Feb. 21. The Cisco ACR revealed that a growing number of organizations are relying on automation to improve cyber-security outcomes. Attacks are also increasing, with Akamai's State of the Internet / Security report for 4Q17 showing a 14 percent year-over-year gain in the number of Distributed Denial of Service (DDoS) attacks. Misconfigurations by organizations is another key trend that is increasing threat levels. RedLock's Cloud Security Trends report revealed that 73 percent of organizations permit users to have root access to cloud applications while performing daily activities.

Fortinet

Fortinet's fourth quarter 2017 Threat Landscape report also revealed a growing volume of threats.
According to report, Fortinet detected an average of 274 exploits attempts per firm, which was an 82 percent increase over the third quarter. Fortinet also reported that the total volume of unique malware variants grew by 19 percent, on a quarterly basis.
"The volume, sophistication, and variety of cyber threats continue to accelerate with the digital transformation of our global economy," Phil Quade, CISO of Fortinet stated. "Cyber-criminals have become emboldened in their attack methods as they undergo a similar transformation, and their tools are now in the hands of many.” 

Trend Micro

Trend Micro released its 2017 Annual Security Report on Feb. 20, which also noted the growing volume of malware. According to Trend Micro, there was a 32 percent increase in new ransomware families from 2016 to 2017.
Business Email Compromise (BEC) attacks were also noted by Trend Micro as a growing concern over the course of 2017. In the first half of 2017, there were 3,175 BEC attempts, which more than doubled to 6,533 attempts in the second half of 2017. BEC campaigns involve attackers attempting to trick organizations into paying fraudulent invoices.
Crypto-currency mining attempts was the top event type blocked by Trend Micro's smart protection network security infrastructure in 2017, blocking 45.6 million events.

Verizon

Verizon released its inaugural mobile security index on Feb. 21 detailing the intersection of mobility and cyber-threats. According to the study, 32 percent of organizations admitted they have sacrificed mobile security to improve business performance. 
While organizations have compromised on mobile security, it's not because they don't recognize that mobility is a risk. 93 percent of organizations surveyed by Verizon stated that mobile devices present a growing threat. Furthermore, 79 percent of the organizations are concerned about  employee misuse of mobile devices.
"As mobility becomes more integral to business operations in today’s digital economy—from supply chain management to IoT-enabled sensors to customer-facing mobile apps—protecting mobile platforms is critical," Thomas Fox, senior vice president with Verizon, stated. "Securing the multitude of mobile devices that connect to public and private networks and platforms is paramount for protecting corporate assets and brand integrity."

Cyber-Security Perceptions

The 2018 Thales Data Threat Report-Federal Government Edition, reported that in 2017, 57 percent of federal respondents to its survey experienced a data breach, up from 34 percent in 2016.
Looking forward, Thales isn't seeing much optimism about reducing the threat of breaches. According to the Thales report, 68 percent of respondents believe they are ‘very’ or ‘extremely’ vulnerable to a data breach, up from 48 percent in 2017 . 
Among the other studies that looked at cyber-security perceptions was the Raytheon 2018 Study on Global Megatrends in CyberSecurity. 
Fear of a catastrophic breach was one of the key findings in the report, with 82 percent of the Raytheon study's respondents expecting that their workplace will suffer a catastrophic data breach as a result of unsecured IoT devices at some point in the next three years. Raytheon also found that over two-thirds of organizations (67 percent) are concerned that cyber-extortion, such as ransomware and data breaches will increase in frequency and payout.
Only 46 percent of Raytheon's survey respondents indicated that they thought their organization's security strategy would improve in the coming year, yet 60 percent indicated their organizations would need to spend more money to achieve regulatory compliance and respond to lawsuits and litigation. 
"Every day the cyber-threat is growing more sophisticated and aggressive, posing a real threat to global businesses across all sectors," Raytheon Chairman and CEO Thomas A. Kennedy, stated. "To reduce risks, leaders must urgently work with their IT teams to identify potential vulnerabilities, develop an action plan and make the investments needed to protect the value of their organization."

Centrify

The idea of having IT teams working together with management is echoed in a Centrify survey of 800 enterprise executives including CEOs, Technical Officers and CFOs.
The primary issue highlighted by Centrify is that there is a disconnect between executive management and technical staff. For example, 35 percent of technical officers identified malware as the primary threat to cyber-security. In contrast, 62 percent of CEOs cited malware as the primary threat to cyber-security.
"While the vast majority of CEOs view themselves as the primary owners of their cyber-security strategies, this report makes a strong argument that companies need to listen more closely to their Technical Officers," Tom Kemp, CEO of Centrify, stated. 
So what does is all mean? Certainly IT security isn't perfect and there are gaps that need to be addressed. 
Organizations seem to be aware of cyber-threats, though it's not entirely clear that they are focused on the right threats. Mobility, IoT and Business Email Compromise (BEC) are growing issues and often require different approaches to reduce risk than just malware detection.
Getting the right combination of resources to mitigate the real threats that face organizations will continue to be a challenge in 2018 and beyond.

Source: http://www.eweek.com/security/cyber-security-reports-reveal-growing-concerns-about-data-breach-risks

Comments

Post a Comment

Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

By Explorer -
Image
Massive public protests taking place in Hong Kong over the past week are aimed at a new extradition law, known as the Fugitive Offenders Ordinance , that would see accused criminals extradited to mainland China to face prosecution. Hongkongers feel the law could be used to legalise the kidnapping of people who express views, and act in ways, that are not popular with the Chinese government . The same law could also be used to extradite tourists and visitors to China who are arrested on suspicion of having committed these crimes. Protesters want the bill scrapped. For now, debate of the legislation has been postponed . Organisers say one million people turned out for the protests, while police estimate the number was around 240,000. Either way, it was a significant number of Hong Kong’s 7.5 million population. Commentators on Twitter remarked on how well organised the protesters were. So, how did they do it? Protesters across the world are using n
Read more

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive

By Explorer -
 According to a video of interrogation of "Hamas terrorists" released by Israel Security Agency Shin Bet, accessed exclusively by News18, "The Shifa hospital has been made with many considerations as Hamas knew that medical places won’t be attacked by the enemy. Equipment, explosives and other material has been kept there." Hamas is using hospitals in Gaza as covers and have turned them into ammunition depots, according to a video of interrogation of “Hamas terrorists" released by  Israel Security Agency  Shin Bet, accessed exclusively by News18. ALSO READ | Israel-Hamas War LIVE Updates  HERE The Israeli military has claimed that those featuring in the video released on Saturday are Hamas terrorists, who participated in the  October 7 attack  on Israel. “Most of the tunnels are hidden in hospitals. There are multiple underground levels. Al-Shifa Hospital is not small, it is a big place that can be used to hide things," a man is seen saying. “The Al-Shifa
Read more

Islam Has Massacred Over 669+ Million Non-Muslims Since 622AD

By Explorer -
Image
In fact, no ideology has been as genocidal as Islam… Islam has killed more than 5 times the number of people killed by communism. In the total numbers we have updated over 80 million Christians killed by Muslims in 500 years in the Balkan states, Hungary, Ukraine, Russia. Then we have India. The official estimate number of Muslim slaughters of Hindus is 80 million. However, Muslim historian Firistha (b. 1570) wrote (in either Tarikh-i Firishta or  the Gulshan-i Ibrahim) that Muslims slaughtered over 400 million Hindus up to the peak of Islamic rule of India, bringing the Hindu population down from 600 mil to 200 million at the time. With these new additions the Muslim genocide of non-Muslims since the birth of Mohammed would be  over 669 million murders. Islam: The Religion of Genocide Perspective:   Think the Spanish inquisition was bad? More people are killed by Islamists each year than in all 350 years of the Spanish Inquisition* combined. The Spanish inquisition ( Tribunal del Sant
Read more