On 10th anniversary of report, classic attack vectors re-emerge; Cisco reduces "Time to Detection" to six hours
SAN JOSE, CA--(Marketwired - Jan 31, 2017) - According to the Cisco® (
Now in its 10th year, the global report highlights challenges and opportunities for security teams to defend against the relentless evolution of cybercrime and shifting attack modes. CSOs cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 percent of organizations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.
To exploit these gaps, ACR data shows criminals leading a resurgence of "classic" attack vectors, such as adware and email spam, the latter at levels not seen since 2010. Spam accounts for nearly two-thirds (65 percent) of email with eight to 10 percent cited as malicious. Global spam volume is rising, often spread by large and thriving botnets.
Measuring effectiveness of security practices in the face of these attacks is critical. Cisco tracks progress in reducing "time to detection" (TTD), the window of time between a compromise and the detection of a threat. Faster time to detection is critical to constrain attackers' operational space and minimize damage from intrusions. Cisco has successfully lowered the TTD from a median of 14 hours in early 2016 to as low as six hours in the last half of the year. This figure is based on opt-in telemetry gathered from Cisco security products deployed worldwide.
The Business Cost of Cyber Threats: Lost Customers, Lost Revenue
The 2017 ACR revealed the potential financial impact of attacks on businesses, from enterprises to SMBs. More than 50 percent of organizations faced public scrutiny after a security breach. Operations and finance systems were the most affected, followed by brand reputation and customer retention. For organizations that experienced an attack, the effect was substantial:
Hacker Operations and New "Business" Models
In 2016, hacking became more "corporate." Dynamic changes in the technology landscape, led by digitization, are creating opportunities for cybercriminals. While attackers continue to leverage time-tested techniques, they also employ new approaches that mirror the "middle management" structure of their corporate targets.
Secure the Business, Maintain Vigilance
The 2017 ACR reports that just 56 percent of security alerts are investigated and less than half of legitimate alerts remediated. Defenders, while confident in their tools, battle complexity and manpower challenges, leaving gaps of time and space for attackers to utilize to their advantage. Cisco advises these steps to prevent, detect, and mitigate threats and minimize risk:
Cisco Annual Cybersecurity Report - 10 Years of Data and Insights
Cybersecurity has changed drastically since the inaugural Cisco Annual Security Report in 2007. While technology has helped attacks become more damaging and defenses become more sophisticated, the foundation of security remains as important as ever.
Supporting Quotes
"In 2017, cyber is business, and business is cyber -- that requires a different conversation, and very different outcomes. Relentless improvement is required and that should be measured via efficacy, cost, and well managed risk. The 2017 Annual Cybersecurity Report demonstrates, and I hope justifies, answers to our struggles on budget, personnel, innovation and architecture."
- John N. Stewart, Senior Vice President and Chief Security and Trust Officer, Cisco
"One of our key metrics highlighted in the 2017 Annual Cybersecurity Report is the 'time to detection' -- the time it takes to find and mitigate against malicious activity. We have brought that number down to as low as six hours. A new metric -- the 'time to evolve' -- looked at how quickly threat actors changed their attacks to mask their identity. With these and other measures gleaned from report findings, and working with organizations to automate and integrate their threat defense, we can better help them minimize financial and operational risk and grow their business."
- David Ulevitch, Vice President/General Manager, Security Business, Cisco
About the Report
The Cisco Annual Cybersecurity Report, now in it's tenth year, examines the latest threat intelligence gathered by Cisco security experts, providing industry insights that reveal customer security trends. The 2017 report also highlights key findings from the third annual Cisco Security Capabilities Benchmark Study (SCBS), which examines security professionals' perceptions of the state of security in their organizations. It shares geopolitical trends, global developments around data localization, and the importance of cybersecurity as a boardroom topic.
For a complete copy of the 2017 Cisco Annual Security Research report, and to read more about Cisco's recommendations as to how businesses can mitigate against risk, click here.
Supporting Resources
Cisco Video with David Ulevitch, John N. Stewart: Cisco 2017 Annual Cybersecurity Report
Cisco 2017 Annual Cybersecurity Report
Cisco Blog: Staying Ahead of the Evolving Threat - Announcing the Cisco 2017 Annual Cybersecurity Report
Cisco 2017 Annual Cybersecurity Report Infographic
Cisco 2017 Annual Cybersecurity Report Graphics
Follow Cisco on Twitter @CiscoSecurity
Like Cisco Security on Facebook
About Cisco
Cisco (
Cisco, the Cisco logo, Cisco Systems and Cisco IOS are registered trademarks or trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. This document is Cisco Public Information.
RSS Feed for Cisco: http://newsroom.cisco.com/rss-feeds
Contact Information:
Press Relations
Ella Nevill
617-951-6622
elnevill@cisco.com
Analyst Relations
Jenna Duston
408-424 7210
jeabeyta@cisco.com
Investor Relations
Marty Palka
408-526 6635
mpalka@cisco.com