The report spotlights how cyber attackers are increasingly exploiting DevOps systems and services, which are often exposed if improperly deployed or left intentionally open for convenience.
Similarly, industrial control systems and process control systems linked to other electronic infrastructure are creating highly connected ecosystems of vulnerable devices that are proving all too tempting for attackers.
Here is our roundup of the Top 3 key findings from this year’s report.
#1 Hackers launched more powerful and sophisticated attacks in 2017
Last year witnessed the introduction of game-changing network-based ransomware worms like WannaCry and Nyetya. Able to self-propagate without human intervention or interaction, these attacks appeared to target the outright destruction of systems, data and operations.
Cisco warns security teams to expect even more automated crypto-worm activity in the year ahead and recommends companies don’t ignore simple measures like patching to minimise damage.
#2 Hackers are taking advantage of encryption to conceal malicious traffic
Detecting and responding faster to threats is getting tougher as adversaries take advantage of legitimate encryption resources to conceal their command-and-control activities and make it difficult for companies to tell genuine from malware traffic.
Using Encrypted Traffic Analytics tools can help organisations gain visibility into traffic and initiate more advanced threat detection.
#3 Hackers are targeting and exploiting Cloud security gaps
With 53% of companies now managing their infrastructure in the cloud it’s little wonder that hackers are turning their attention to security gaps in cloud-based infrastructures and applications, and taking advantage of the fact that security teams are having difficulty defending their evolving and expanding cloud environments.
Cisco recommends companies use a combination of best practices, advanced security technologies like machine learning, and first-line-of-defence tools like cloud security platforms to better protect their cloud environments.
What’s working well for defenders?
Cisco’s 2018 report highlights the approaches security professionals are adopting to defend against attacks and improve their defences:
- Many are investing in machine learning, AI and automation tools to boost detect and response capabilities
- 92% of security professionals said behaviour analytics tools were proving effective in helping to locate malicious actors in networks
Don’t ignore the fundamentals. Good security hygiene begins with basic security practices such as patching, setting appropriate incident response processes and policies and network segmentation.
Remember, no single strategy, technological solution or approach will solve every cyber security challenge, but the top 2018 priorities for security professionals include:
- Perform deeper and advanced analytics
- Back up data often and test restoration procedures – this is vital in a world of fast-moving network-based ransomware worms and destructive cyber weapons
- Conduct security scanning of microservice, cloud service, and application administration systems
If you’d like help benchmarking your current cybersecurity readiness or want to explore ways to boost your defences, we’re only too happy to chat.Contact us
Share this story: