Netherlands: Security

cisco-midyear-security-report-2016

Issue link: http://hub-nl.insight.com/i/724470

Contents of this Issue

Navigation

Page 2 of 58

2 | Executive Summary and Major Findings 2016 Midyear Cybersecurity Report Executive Summary and Major Findings Defenders must reduce attackers' time to operate. It is the key to undermining their success. Attackers currently enjoy unconstrained time to operate. Their campaigns, which often take advantage of known vulnerabilities that organizations and end users could have— and should have—known about and addressed, can remain active and undetected for days, months, or even longer. Defenders, meanwhile, struggle to gain visibility into threat activity and to reduce the time to detection (TTD) of both known and new threats. They are making clear strides but still have a long way to go to truly undermine adversaries' ability to lay the foundation for attacks—and strike with high and profitable impact. The Cisco® 2016 Midyear Cybersecurity Report—which presents research, insights, and perspectives from Cisco Security Research—updates security professionals on the trends covered in our previous security report while also examining developments that may affect the security landscape later this year. Our observation of recent developments within and from the shadow economy confirms that adversaries have become only more focused on generating revenue. Ransomware has become a particularly effective moneymaker, and enterprise users appear to be the preferred target of some operators. Many of the threat and security trends discussed in this report are related to ransomware—from techniques used to launch campaigns and conceal attackers' activity to our expectations for how the next generation of this potent threat will evolve. In this report, we examine the many ways organizations can and should take action to start improving their defenses. Recommendations from Cisco researchers include: • Instituting and testing an incident response plan that will enable a swift return to normal business operations following a ransomware attack • Not blindly trusting HTTPS connections and SSL certificates • Moving quickly to patch published vulnerabilities in software and systems, including routers and switches that are the components of critical Internet infrastructure • Educating users about the threat of malicious browser infections • Understanding what actionable threat intelligence really is

Articles in this issue

Archives of this issue

view archives of Netherlands: Security - cisco-midyear-security-report-2016