While much of the talk about cybersecurity recently has been centered around the need for organizations to invest more heavily in defense solutions, a new industry report suggests that increased cyberthreat education may be what's needed instead.
Cisco's 2015 annual security report analyzed threat information from last year and looked ahead to see what the pressing cybersecurity issues of 2015 will be. According to the report, enterprise IT decision-makers are much more confident in their defense postures than they should be, with 60 percent of organization failing to implement the necessary security patches. In fact, of the businesses surveyed that use Internet Explorer as their default browser, only 10 percent reported running the latest version, opening themselves up to a slew of zero day vulnerabilities. Despite this obvious lack of protection, 90 percent of survey participants still reported being confident in their cybersecurity capabilities.
This dramatic gap between perceived and actual security is alarming, considering how increasingly easy it is becoming for hackers to leverage a system flaw to launch a major cyberattack. According to the report, cybercriminals have begun to focus more heavily on exploiting users through their browsers and email systems instead of going through the trouble of compromising entire servers and operating systems. Cisco researchers found that users unknowingly downloading files from malicious sites contributed to the 250 percent increase in spam and malvertising exploits and the 228 percent increase in Silverlight attacks.
"Security needs an all hands on deck approach, where everybody contributes, from the board room to individual users," said John Stewart, chief security and trust officer at Cisco. "We used to worry about DoS, now we also worry about data destruction. We once worried about IP theft, now we worry about critical services failure. Our adversaries are increasingly proficient, exploit our weaknesses and hide their attacks in plain sight."
Increased detection necessary for security
As malicious actors continue to grow more sophisticated, enterprises need to focus more on preventative measures as opposed to mitigating the effects of an attack after the fact. The most reliable method of ensuring security is to continuously monitor network activity. By implementing a security information and event management solution, companies are able to keep an eye on privileged systems around the clock.
With a managed SIEM service, networks are continuously monitored in order to identify malicious activity as soon as it occurs. Security intrusions are analyzed to provide companies with actionable information for use in the creation of a more robust protection procedure. Cybercriminals are only going to become more active in 2015, but a SIEM solution allows enterprises to be prepared for the changing threat landscape.