Saudi ministers meet UK's defense secretary to strengthen bilateral ties    Saudi-French Ministerial Committee holds second meeting to advance AlUla development    Abo Noghta Castles in Tabab joins UNESCO's Best Tourism Villages list    RSAF and Saudi Falcons captivate audiences at Bahrain airshow    Mike Tyson slaps Jake Paul during final face-off    South Africa's Mia le Roux pulls out of Miss Universe pageant    US hacker sentenced over Bitcoin heist worth billions    Ten dead in fire at Spanish retirement home    UN climate talks 'no longer fit for purpose' say key experts    Questions raised over Portugal's capacity to host Europe's largest annual tech event    Delhi shuts all primary schools as hazardous smog worsens    Riyadh lights up as Celine Dion and Jennifer Lopez dazzle at Elie Saab's 45th-anniversary celebration    Mohammed Al-Habib Real Estate Co. sets Guinness World Record with largest continuous concrete pour    Australia and Saudi Arabia settle for goalless draw in AFC Asian Qualifiers    PIF completes largest-ever accelerated bookbuild offering in MENA region    Saudi Arabia's inflation rate hits 1.9% in October, the highest in 14 months    Order vs. Morality: Lessons from New York's 1977 Blackout    South Korean actor Song Jae Lim found dead at 39    Don't sit on the toilet for more than 10 minutes, doctors warn    Saudi Champion Saeed Al-Mouri scores notable feat in Radical World Championship in Abu Dhabi with support from Bin-Shihon Group    France to deploy 4,000 police officers for UEFA Nations League match against Israel    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Cisco cuts time to detection of cybercrime to six hours
Published in The Saudi Gazette on 09 - 02 - 2017

[gallery size="medium" td_select_gallery_slide="slide" td_gallery_title_input="Cisco cuts time to detection of cybercrime to six hours" ids="118737,118738,118739,118740,118741"]
RIYADH — Over one-third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent, according to the Cisco 2017 Annual Cybersecurity Report (ACR) released Wednesday.
Ninety percent of these organizations are improving threat defense technologies and processes after attacks by separating IT and security functions (38 percent), increasing security awareness training for employees (38 percent), and implementing risk mitigation techniques (37 percent). The report surveyed nearly 3,000 chief security officers (CSOs) and security operations leaders from 13 countries in the Security Capabilities Benchmark Study, part of the Cisco ACR.
Now in its 10th year, the global report highlights challenges and opportunities for security teams to defend against the relentless evolution of cybercrime and shifting attack modes. CSOs cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 percent of organizations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.
"In 2017, cyber and business will become intertwined – and that requires a different conversation, and very different outcomes. Relentless improvement is required and that should be measured via efficacy, cost, and well managed risk. The 2017 Annual Cybersecurity Report demonstrates, and I hope justifies, answers to our struggles on personnel, innovation, architecture and budgets," said Haytham Al Ohali, Deputy General Manager – Cisco Saudi Arabia.
To exploit these gaps, ACR data shows criminals leading a resurgence of "classic" attack vectors, such as adware and email spam, the latter at levels not seen since 2010. Spam accounts for nearly two-thirds (65 percent) of email with eight to 10 percent cited as malicious. Global spam volume is rising, often spread by large and thriving botnets.
Measuring effectiveness of security practices in the face of these attacks is critical. Cisco tracks progress in reducing "time to detection" (TTD), the window of time between a compromise and the detection of a threat. Faster time to detection is critical to constrain attackers' operational space and minimize damage from intrusions. Cisco has successfully lowered the TTD from a median of 14 hours in early 2016 to as low as six hours in the last half of the year. This figure is based on opt-in telemetry gathered from Cisco security products deployed worldwide.
"One of our key metrics highlighted in the 2017 Annual Cybersecurity Report is the ‘time to detection' – the time it takes to find and mitigate against malicious activity. We have brought that number down to as low as six hours. A new metric – the ‘time to evolve' – looked at how quickly threat actors changed their attacks to mask their identity. With these and other measures gleaned from report findings, and working with organizations to automate and integrate their threat defense, we can better help them minimize financial and operational risk and grow their business," said Scott Manson, Cyber Security Leader for Middle East and Turkey, Cisco.
The 2017 ACR revealed the potential financial impact of attacks on businesses, from enterprises to SMBs. More than 50 percent of organizations faced public scrutiny after a security breach. Operations and finance systems were the most affected, followed by brand reputation and customer retention.
For organizations that experienced an attack, the effect was substantial:
Twenty-two percent of breached organizations lost customers — 40 percent of them lost more than 20 percent of their customer base.
Twenty-nine percent lost revenue, with 38 percent of that group losing more than 20 percent of revenue.
Twenty-three percent of breached organizations lost business opportunities, with 42 percent of them losing more than 20 percent.
Hacker Operations and New "Business" Models
In 2016, hacking became more "corporate." Dynamic changes in the technology landscape, led by digitization, are creating opportunities for cybercriminals. While attackers continue to leverage time-tested techniques, they also employ new approaches that mirror the "middle management" structure of their corporate targets.
New attack methods model corporate hierarchies: Certain malvertizing campaigns employed brokers (or "gates") that act as middle managers, masking malicious activity. Adversaries can then move with greater speed, maintain their operational space, and evade detection.
Cloud opportunity and risk: Twenty-seven percent of employee-introduced, third-party cloud applications, intended to open up new business opportunities and increase efficiencies, were categorized as high risk and created significant security concerns.
Old-fashioned adware ‐ software that downloads advertising without user permission – continued to prove successful, infecting 75 percent of organizations investigated.
A bright spot emerged with a drop in the use of large exploit kits such as Angler, Nuclear and Neutrino, whose owners were brought down in 2016, but smaller players rushed in to fill the gap.
The 2017 ACR reports that just 56 percent of security alerts are investigated and less than half of legitimate alerts remediated. Defenders, while confident in their tools, battle complexity and manpower challenges, leaving gaps of time and space for attackers to utilize to their advantage. Cisco advises these steps to prevent, detect, and mitigate threats and minimize risk:
Make security a business priority: Executive leadership must own and evangelize security and fund it as a priority.
Measure operational discipline: Review security practices, patch, and control access points to network systems, applications, functions, and data.
Test security effectiveness: Establish clear metrics. Use them to validate and improve security practices.
Adopt an integrated defense approach: Make integration and automation high on the list of assessment criteria to increase visibility, streamline interoperability, and reduce the time to detect and stop attacks. Security teams then can focus on investigating and resolving true threats.
Cybersecurity has changed drastically since the inaugural Cisco Annual Security Report in 2007. While technology has helped attacks become more damaging and defenses become more sophisticated, the foundation of security remains as important as ever.
In 2007, the ACR reported web and business applications were targets, often via social engineering, or user-introduced infractions. In 2017, hackers attack cloud-based applications, and spam has escalated.
Ten years ago, malware attacks were on the rise, with organized crime profiting from them. In today's shadow economy, thieves now run cybercrime as a business, offering low barrier-to-entry options to potential customers. Today perpetrators can be anyone, anywhere; they don't require a security background and can easily purchase "off-the-shelf" exploit kits.
The 2007 report tracked 4,773 Cisco IntelliShield Security Alerts, mapping closely to the level seen by the National Vulnerability Database. By the 2017 report, for the same time period, the vendor-disclosed vulnerability alert volume had increased by 33 percent to 6,380. "We believe the increase is driven by greater security awareness, an increased attack surface and an active adversary."
In 2007 Cisco advised defenders to own a holistic approach to security, integrating tools, processes and policies, and educating stakeholders to protect their environments. Businesses looked to vendors for a comprehensive answer, often in vain, who instead prescribed piecemeal point solutions. In 2017 CSOs are grappling with the complexity of their environments. Cisco is combatting this through an architectural approach to security, helping customers get more from existing security investments, increasing capability while decreasing complexity.


Clic here to read the story from its source.