The Cisco Annual Security Report provides a comprehensive overview of the combined security intelligence of the entire Cisco organization. Encompassing threat and trends information collected between January and October 2008, this document provides a snapshot of the state of security for that period.

The report also provides recommendations from Cisco security experts and predictions of how identified trends will continue to unfold in 2009.

INTRODUCTION
There was an enormous amount of activity related to data and online security during the past year. Although no single, overwhelming attack—such as the spread of Melissa, Slammer, or Storm malware in previous years—turned into the signature security event of 2008, the need for increased security protection and continued vigilance remains.

Compared to previous years, online criminals are becoming even more sophisticated and effective, employing a greater number of relatively smaller, more targeted campaigns to gain access to sensitive data. Human nature—in the forms of insider threats, susceptibility to social engineering, and carelessness that leads to inadvertent data loss—continues to be a major factor in countless security incidents.

And the increasing use at many organizations of technologies designed to increase collaboration and productivity (such as mobile devices, virtualization, cloud computing, and other Web-based tools and Web 2.0 applications) is stretching the edges of corporate networks, potentially increasing security risks.

Many different entry points or “threat vectors” are used to compromise the security of individuals and organizations. For example, threats can be aimed at mobile devices and insecure hardware; at weaknesses in operating systems, office productivity applications, and encryption tools; and at numerous other vectors. ...

Visit Cisco 2008 Annual Security Report Download Page

You can download full report in PDF format.

Top Trends to Expect in 2009

To help organizations develop their security strategies and plan their IT budgets for 2009, Cisco has identified the following key trends to watch for in the year ahead. These predictions are based on news and events from 2008, as well as related information and insight provided by Cisco’s security and business operations worldwide.

Smaller, More Frequent, Targeted Attacks
More sophisticated attacks will occur in the year ahead. They will be deployed rapidly and designed for even more specific targets—individuals, groups, businesses, organizations, and governments. The current worldwide financial crisis is still playing out, natural disasters and manmade strife will continue to provide global news hooks, and a new U.S. president is taking office in 2009. Criminals will certainly keep refining how they take advantage of (and profit from) these types of news events.

Social engineering and phishing techniques have been profitable, so offenders can be expected to keep refining the delivery method for (and improving the success of) these attacks. There will be more “specialists”—criminals who deliver one or more key components essential to creating a complex and convincing attack. As they grow their expertise and reputation, these specialists will be sought out and hired by others looking to create their own high-impact attacks.

Cross-Protocol Attacks
Online criminals looking to improve their odds of success will increasingly rely on cross-protocol or “blended” approaches that combine email, Web-based threats, and intrusions. This type of attack, successful in recent years, will keep growing during 2009. Also expect to see more botnets that are capable of “multitasking”—for instance, sending spam, hosting malware, and launching a direct attack.

To defend against more robust multi-protocol attacks, organizations will need to implement security systems that can monitor all Internet traffic types and rapidly identify and stop new threats. Security solutions that focus on only one area (such as email, IPS or Web-based threats), or those that cannot effectively correlate data between areas, will not be enough to protect organizations from blended threats.

Reputation Hijacking
Hijacking reputations has proven attractive and effective for online criminals. When people trust a brand, they are likely to visit an associated site or open an email from that source without question.

Many traditional or point security solutions depend on URL or IP filtering lists and don’t have real-time insight into traffic patterns and suspicious behavior from every element on a webpage; these solutions are not equipped to recognize that a trusted website or email sender has gone bad.

In 2009, more online criminals will be actively hijacking reputations and will work on finding additional, more sophisticated ways to do so.

Mobility, Remote Working, and New Tools as Risk Factors
The trend of remote working and related use of Web-based tools, mobile devices, virtualization, “cloud computing,” and similar technologies to enhance productivity—especially in an economic climate that demands leaner, more-cost effective and global staff—will continue in 2009.

This means that preventing loss of data—from outside attacks, insiders, or negligence around data storage devices such as laptops—will become more crucial than ever. But it will be a challenge for security personnel. The edge of the network is expanding rapidly, and the increasing number of devices and applications in use make the expanding network more porous, creating new inroads for threats.

Organizations of all types should implement thorough, sensible data loss prevention (DLP) policies and consider security solutions that automatically prevent sensitive data from leaving protected environments. Every organization should also begin to take simple steps designed specifically to protect intellectual property—an increasingly precious asset in the modern economy.

Comments (1)

Name

Email

Comment

smaller | bigger

Add Comment