Five key trends to plan for: 2019 Threat Report
I joined Cisco 14 years ago and it's been a diverse and interesting journey. I'm excited to be onboard as the new Cybersecurity Lead for Middle East and Africa (MEA). Over the past three quarters, I've been meeting partners and customers discussing the top cyber security issues that we're facing.
Cyber security landscape in MEA:
* Twenty-five percent of organisations in the Middle East and Africa lack cyber security personnel, which is one of the biggest obstacles to cyber security.
* Twenty-three percent of companies in the Middle East and Africa manage more than 21 vendors.
* Only 58% of cyber security alerts in the Middle East and Africa are investigated. Of those, 39% are legitimate, but only 53% of legitimate alerts are remediated.
(Reference: Cisco 2018 Security Capabilities Benchmark Study)
New: Cisco cyber security report series:
For more than a decade, Cisco's cyber security reports have been a definitive source of intelligence for cyber security professionals interested in the state of the global industry. These comprehensive reports provide detailed accounts of the threat landscape and organisational implications.
In February, we published the Cisco 2019 Threat Report. Our cyber security experts analysed prominent threats of 2018 for clues to new attack strategies and targets. It's as close as we can get to anticipating future trends without a crystal ball.
Five key trends to plan for in 2019 Threat Report:
Cisco has picked out five key stories from the last year or so, not just because they were big events, but because the company thinks these threats, or something similar, could very well appear again in the near future. They include:
* Emotet, a Trojan involved in malware distribution;
* VPNFilter, a modular IOT threat;
* Unauthorised mobile device management;
* Cryptomining; and
* Olympic Destroyer, as an example of destructive cyber attack campaigns.
* Olympic Destroyer was created with the pure intention to watch the world burn. We saw a number of threats like this in the last year, but none grabbed the headlines like an attack whose sole purpose appears to have been to disrupt the Winter Olympics
* VPNFilter was an IOT-specific attack, hitting a vast number of routers and devices riddled with known vulnerabilities.
* E-mail remains a key delivery method for attackers and users continue to be our weakest link; education is therefore paramount.
* Revenue generation is the key motivation for attackers: malware follows the money. Crypto-mining threats are laser-focused on this goal. They have grown to become the most common threat in this category, due to the repeat revenue they offer and the low risk if caught spreading it.
As we prepare for major events across the region and as businesses continue to digitally transform, adopt the cloud and Internet of things (IOT), we're prioritising cyber security above everything.
Above are some of the trends we expect to see in the near future. It's impossible to predict everything that will occur, but the safest bets are usually the ones you most often come up against. Addressing those early can free up time to deal with the unexpected and zero-day attacks.
Since coming onboard, Cisco has become a leader in the Gartner Magic Quadrant for Enterprise Firewall. Gartner specifically recognised the strength of our threat intelligence team Talos, the largest threat research team in the world. In addition, we continue to enhance our integrated portfolio via acquisition.
Please download the full 20-page 2019 Threat Report to learn more about the trends www.cisco.com/go/securityreports