First publishedon www.ITSInternational.com
To defend against cyber attacks, 39% of organisations are reliant on automation, 34% on machine learning and 32% on artificial intelligence (AI), according to the Cisco 2018 annual report conducted on 3,600 chief information security officers. It found that over half of all attacks resulted in financial damages of more than $500,000 (£697,000), including, but not limited to, lost revenue, clients, opportunities, and out-of-pocket costs.
The study revealed that adversaries are using Malware sophistication to weaponize cloud services, and evade detection through encryption, used as a tool to conceal command-and-control activity. Cisco’s threat researchers observed more than a threefold increase in encrypted network communication used by inspected malware samples over a 12-month period.
Additionally, it showed that supply chain attacks can impact computers for months or years. It recommends that defenders should be aware of the potential risk of using software or hardware from companies that do not appear to have a responsible security posture.
Cisco also found that defenders are implementing a complex mix of products from cross-section vendors for protection, which when combined with the growth breaches, has downstream effects on an organisation’s ability to defend against attacks, such as increased risk of losses. In 2017, security professionals said that 32% of breaches affected more than half of their systems.
The inquiry showed that while use of the cloud is growing, attackers are taking advantage of security teams that are having difficulty defending evolving and expanding cloud environments. 27% of security professionals are using off-premise private clouds; 57% of which said that they host networks there for better data security.
Additional recommendations are available here.
Centrify has also conducted a study of 800 UK senior level executives which found that 63% believe that investigation, remediation and legal costs are the most important consequence of a breach, followed by disruption to service (47%) and loss of intellectual property (32%). A full copy of the report can be found on the website.