Cisco: Almost half of organisations lack security posture confidence

In its latest security report, Cisco found that almost half of organisations worldwide lack confidence in their security posture thanks to increasing malware attacks.
Written by Asha Barbaschow, Contributor

Only 45 percent of organisations are confident in their security posture, according to Cisco's 2016 Annual Security Report.

According to Anthony Stitt, Cisco's security expert for Australia and New Zealand, this lack of confidence is due to today's attacks being more sophisticated and bold, with criminals launching more resilient campaigns.

"I think the declining levels of confidence that we're seeing is in response to the fact that the number of software vulnerabilities that are appearing every year seems to be growing and that an organisation's ability to even do fairly as basic patching seems to be declining over time," he said.

"Compromises happen, breaches happen, but what's the organisation's level of preparedness to be able to deal with that quickly and easily? Because certainly the number of vulnerabilities are not going away -- an organisation's ability to patch and keep criminals out doesn't seem to be working."

In its report, Cisco reaffirm that malware and ransomware are not going away; direct attacks by cybercriminals, leveraging ransomware alone, put $34 million a year per campaign into their hands, Cisco said.

"Australia has been targeted for malware and ransomware in particular," Stitt said.

"The way that ransomware operates unlike a lot of malware is that it declares itself very quickly."

Stitt said that as soon as a hard drive is encrypted the malware presents a pop up asking for money. He said he has seen a lot of organisations get hit with ransomware.

"It is my suspicion that the decline in confidence levels [in security posture] is because of ransomware and because organisations are seeing that it's quite trivially easy for criminals to get into their environment and put malware on machines in the form of ransomware and then demand money from people," he said.

Cisco's report says that attackers are building resiliency into their operations, and that if they are detected, attackers quickly reconfigure and can reconstitute on new systems with new IPs within minutes.

Stitt said that despite Australia previously being presented as evading malware and ransomware attacks compared with the rest of the world, he believes that individuals and organisations in the country have been attacked -- it just has not been reported.

"We have been targeted and ransomware is one of those areas where Australia almost leads the world in attacks and it's because our economy is advanced and digitally reliant," he said.

"I think as we don't have in this country mandatory disclosure laws on breaches like other countries do and I think in the past there's been a bit of a gap between what happens behind closed doors and what's been publicised.

"One of the interesting things and one of the probably refreshing things is that there have been numerous breaches of Australian organisations reported in the press over the last 12 months, much more so than ever before and that has been an encouraging trend because it takes away the stigma of a cybersecurity incident and moves the discussion to how we should be protecting ourselves and how we can deal with the problem in a better way."

Australian department store David Jones revealed in October that customer details were stolen as a result of its website being hacked on September 25, 2015.

The retail giant said no customer credit card information, financial information, or passwords were stolen, as it does not store any credit card information or financial information on its website, but said the customer details that were stolen consisted of names, email addresses, order details, and mailing addresses.

The breach came a day after Australian discount homewares chain Kmart revealed it had also experienced a breach. The Wesfarmers-owned company said no customer credit card or other payment details had been compromised; however, customers' names, email addresses, home addresses, telephone numbers, and product purchase details had been accessed in the "external privacy breach" that occurred in early September.

In November, TAFE Queensland also experienced a breach that saw the personal details of thousands of the state's TAFE students exposed.

Editorial standards