Cisco’s 2016 Midyear Cybersecurity Report is released this week presenting the latest research, insights and perspectives from Talos and the rest of Cisco Security. It updates security professionals on the trends covered in Cisco’s previous security report while also examining developments that may affect the security landscape later this year and beyond.
The report highlights recent developments from the dark net and within the shadow economy, that cybercriminals have become even more focused on generating revenue. Ransomware has become a particularly effective moneymaker, and evidence suggests that enterprise users appear to be the preferred target of some operators. The report dissects observed ransomware techniques and operational trends and goes some way to predict the next wave of ransomware development. Furthermore, it examines the many ways organizations can and should take action to start improving their defenses. This includes the following recommendations:
Defenders, meanwhile, struggle to gain visibility into threat activity and to reduce the time to detection (TTD) of both known and new threats. They are making clear strides but still have a long way to go to truly undermine adversaries’ ability to lay the foundation for attacks - and strike with high and profitable impact.
Read the full report here
The report highlights recent developments from the dark net and within the shadow economy, that cybercriminals have become even more focused on generating revenue. Ransomware has become a particularly effective moneymaker, and evidence suggests that enterprise users appear to be the preferred target of some operators. The report dissects observed ransomware techniques and operational trends and goes some way to predict the next wave of ransomware development. Furthermore, it examines the many ways organizations can and should take action to start improving their defenses. This includes the following recommendations:
- Instituting and testing an incident response plan that will enable a swift return to normal business operations following a ransomware attack
- Not blindly trusting HTTPS connections and SSL certificates
- Moving quickly to patch published vulnerabilities in software and systems, including routers and switches that are the components of critical Internet infrastructure
- Educating users about the threat of malicious browser infections
- Understanding what actionable threat intelligence really is
Defenders, meanwhile, struggle to gain visibility into threat activity and to reduce the time to detection (TTD) of both known and new threats. They are making clear strides but still have a long way to go to truly undermine adversaries’ ability to lay the foundation for attacks - and strike with high and profitable impact.
Read the full report here
