Confidence falls as cyber-threats become more sophisticated
Less than half of all organisations worldwide feel confident in their abilities to defend themselves against cyber-attacks, according to a new report.
Cisco’s 2016 Annual Security Report, which was published this week, warns that only 45% of businesses and other organisations feel confident about their cyber-security measures amid perceptions that hackers are becoming more sophisticated and dangerous. Despite this, a majority of executives said they expected greater transparency on security issues going forwards. According to Cisco this signifies that security is increasingly becoming a boardroom issue.
One factor that had a major impact on cyber-security was aging infrastructure within organisations. Some 92% of internet-enabled devices were running with known vulnerabilities and the worst cases were operating with over 20 vulnerabilities. Almost a third (31%) of internet devices were running with no vendor support. Compatibility issues created a barrier to adopting advanced security practices and related technologies.
The report also found that smaller businesses were less equipped to deal with threats than larger ones. Small and medium enterprises used fewer tools to identify and defend against potential risks. Structural weaknesses could also present a potential risk to other organisations dealing with these SMEs.
Cyber security often represents another unwanted burden on businesses that might already be struggling but the cost of maintaining security issues is generally preferable to the cost of falling victim to serious cyber-attacks, the outcome of which can result in corporate insolvency.
SMEs were taking steps to improve their security however, in part by outsourcing their cyber-security processes. More than half of larger businesses also outsourced security consulting services with a significant proportion outsourcing other services including auditing, monitoring and incident response.
Regarding the sources of cyber-attacks, the study found that social media platforms were increasingly providing criminals with a base of operations, especially when targeting compromised servers. Malicious browser extensions were another growing risk.
The rise of HTTPS encrypted traffic is generally seen as a good thing and it does offer some protections, although the report suggests the situation may change in the future if hackers develop more advanced methods.
By Phil Smith