Just as companies tweak their business approaches to keep up with the changes taking place in the mercantile arena globally, cyber attackers have also employed new methods to breach security to get around new cyber security systems deployed by various organizations.

For that, companies must anticipate such sudden shifts in the way systems may be hacked and how they could be affected.

Cisco System has come out with its Cisco 2015 Annual Security Report, from which certain lessons can be learned, says Ravi Namboori, a Cisco evangelist.

Several crucial issues have been, in fact, been raised in the report. It details how hackers and cyber security professionals are continuously trying to outdo each other. The major victims, however, are the customers, who are totally clueless.

Enterprises across the world are expected to spend $86 billion on cyber security by the year 2016, an increase of $24 billion from the year in 2012, says Ravi Namboori, citing the IT research company Gartner Group’s estimation. It also underlies the awareness that enterprises have come to recognize about cyber threats.

Here are some conclusions of Cisco, which are highlighted in the report.

Hackers have developed more expertise and, therefore, have been able to devise more sophisticated means of detecting security loopholes with which they can avoid being exposed and lets them disguise malicious attacks. The Cisco evangelist points to the report and reveals that the January-November 2014 period saw spam increasing 250% compared with the same period in the previous year.

Malvertising, or malicious advertising, is being increasingly adopted by cyber attackers.

Here, hackers spread malware and other such applications by exploiting web browser add-ons. Cisco states that malvertising implies buying of ads by hackers to spread malware. Industries like media and publishing, manufacturing, aviation, pharmaceutical and chemical, and transportation and shipping, are most susceptible to malware threats, adds the report.

The emphasis on malvertising is behind a major transition in the way attacks are being carried out in large corporations. The strategy is to attack the network, servers, and the end-users of all computing devices. Attacking end-users lets the hackers intrude into the resources of corporate entities. They do so by employing devices, such as sending users fake requests to reset their passwords, which makes them vulnerable to information theft and more. These attacks have become more effective since the arrival of BYOD environment, cloud computing, etc.

If attackers have upped their ante, it demands that enterprises also do so. It should, however, be in a more wholesome and a well-planned manner. Responding to each attack when it takes place is not enough, says Namboori, taking cue from the report.

The Cisco Security Capabilities Benchmark Study has revealed that 91% of all enterprises have a manager, who is in charge of security. The need of the hour is, however, a transition from safeguarding only the business assets to comprehending IT security’s part in the business as a whole.

The report says that 90% of enterprises surveyed feel that they have the right security priorities in place. On the other hand, 54% have had to submit themselves to a public inquiry after a breach had occurred, concludes Ravi Namboori.

#outwit #hackers #ciscoreport #ravinambooriciscoevangelist #ravinamboori #cisco #ciscoevangelist #ciscolive #cisconetwork #ciscorouter #ciscosystems #ciscolevels #cloud #cloudcomputing #clouddvr