New cybersecurity reports just released by Cisco and Verizon Wireless say that businesses are faced with more sophisticated security threats from wireline and wireless devices running on their networks.
In its 2018 Annual Cybersecurity Report, Cisco found that malware sophistication is increasing as hackers begin to weaponize cloud services and evade detection through encryption, which is used as a tool to conceal command-and-control activity.
To battle the rising tide of malware threats, Cisco says security experts will use and spend more on tools that use artificial intelligence and machine learning.
Isolating threats with encryption technology is one option to enhance security, but Cisco noted that the expanded volume of encrypted web traffic (50% as of October 2017) — both legitimate and malicious — has created more challenges for defenders trying to identify and monitor potential threats. Cisco threat researchers observed more than a threefold increase in encrypted network communication used by inspected malware samples over a 12-month period.
In 2017, 25% of security professionals told Cisco they used products from 11 to 20 vendors, up from 18% of security professionals in 2016. What’s more, security professionals said 32% of breaches affected more than half of their systems, compared with 15% in 2016.
By using machine learning, a business could enhance network security defenses and, over time, “learn” how to automatically detect unusual patterns in encrypted web traffic, cloud, and IoT environments.
Some of the 3,600 chief information security officers (CISOs) interviewed for the Cisco 2018 Security Capabilities Benchmark Study report, said they were reliant and eager to add tools like machine learning and AI, but were frustrated by the number of false positives such systems generate. Cisco said that while machine learning and AI are still relatively nascent technologies, they will over time will mature and learn what is “normal” activity in the network environments they are monitoring.
Another key threat is coming from mobile devices as more companies enable their workforce to use mobile devices to access company data. Despite the fact that security risks are serious and growing, Verizon said in its new Mobile Security Index that the overwhelming majority of businesses could not say the measures they have in place for mobile devices were “very effective.”
Only 33% of organizations, according to the Mobile Security Index report, use mobile endpoint security and less than half (47%) said their organization uses device encryption.
Interestingly, many businesses don’t take basic precautions. Only 39% said they change all default passwords and over half (51%) didn’t have a public Wi-Fi policy. Most know they need to take more action. 93% agreed that organizations should take mobile security more seriously.
Fundamental cybersecurity practices are being ignored and large majority of respondents (62%) feel that a lack of understanding of threats and solutions are a barrier to mobile security.
Perhaps the more disturbing revelation of Verizon’s study is that it’s not hacktivists, criminals or those engaging in corporate espionage that pose the greatest threat, but a company’s own employees. However, only 50% of all organizations provide IT training when a new employee joins a company.