cisco 2014 annual security report
DESCRIPTION
SECURITY alerts reached their peak in October 2013 since records began, with malicious traffic now being detected on 100% of business and corporate networks. Read the full Cisco 2014 Annual Security Report here: http://cs.co/jlbSSs14.TRANSCRIPT
WHERE THE VULNERABILITIES LIE1
CYBERCRIMINALSHOW THEY WORK2
Network
End Points
Mobile Devices
VirtualEnvironments
Cybercriminals are becoming more advanced, creative and strategic.
POLICIES, PLATFORMS, CONTROLS3
High infection strategies to take control of web servers, name servers and data centres
Compromised Hosting Server
Compromised Website
Compromised Website
Compromised WebsiteCompromised
Website
JAVAis the #1 vulnerability to access a system,through the use of:
Mobile malware
Brute force logins
Multi-purpose trojans
iframes and exploits
Ransomware
Dowloader and dropper
Worms and virus
3rd party vendors
Distributed denial-of-service (DDos) attacks
Bitsquatting
91%
Survey
Write
Test
Execute
Accomplish the mission
Obtain a full picture of an environment: network, endpoint, mobile, and virtual, including the technologiesdeployed to secure the environment.
Create targeted, context-aware malware.
Ensure the malware works as intended, speci�cally so it can evade security tools in place.
Navigate through the extended network—being environmentally aware, evading detection, and moving laterally until reaching the target.
Gather data, create disruption, or cause destruction.
THIS IS ACCOMPLISHED THROUGH
INNOVATORS
RESELLERS
USERS
the people creating the software and
techniques
people setting up online stores to resell
data, technologies and software
becoming Crimeware as a Service
It is a huge, pro�table business with many cybercriminals adopting a professional business model.$
$
$
$
$
$
$
BEFORE To defend your network, organisations must be aware of what is on it:
DURING Organisations must address a broad range of attack vectors with solutions that operate everwhere
AFTER Many attacks wil be successful. You need a formal plan to bring operations back to normal as quickly as possible
Devices Operating Systems Services Applications Users
Additionally they must
Implement acccess controls Enforce security policies Block access to critical access
Network End Points Mobile Devices VirtualEnvironments
Read the full Cisco 2014 Annual Security Report herei
ANNUAL SECURITY REPORTCISCO 2014
@CiscoSecurity
SECURITY alerts reached their peak in October 2013 since records began, with malicious tra�c now being detected on 100% of business and corporate networks100%
Charting the new security frontier for 2014
Cybercriminals are launching new threats faster than security professionals can address them.
Adam Philpott, Director EMEAR Cybersecurity at Cisco, o�ers insight into you how to stay one step ahead.
Read More
Malware matters – why ignorance is not bliss
Read More
Cisco Security: Stop the breach
Watch Now