Security Advisor

Report: Enterprise Security Confidence Declining Due to Old Hardware

Aging technology, coupled with a growing number of sophisticated attacks have organizations feeling like they're at a disadvantage when it comes to network security, according to a recent Cisco report.

More than half of organizations have a lack of confidence in their enterprise "security posture," according to a recently released survey from Cisco.

The Cisco 2016 Annual Security Report, released last week, found that only 45 percent feel that their enterprise IT is adequately prepared to protect them from outside attack. This is a decline from Cisco's 2015 report, which reported that confidence among polled organizations was at 59 percent and 64 percent in 2014.

The networking company found that the loss in confidence can be attributed to an increase in sophisticated attacks, coupled with aging infrastructure. According to the report, 92 percent of 115,000 Cisco devices that are currently connected to the Internet are running out-of-date, vulnerable software, with 31 percent of devices still being used well past their end of support.

Aging technology has also brought about a decrease in IT's confidence in stopping an active attack before real damage could be done. Only 51 percent of organizations participating in the study said they are confident that they could stop an atack once it infiltrates their network, while 45 percent indicated they're able to evaluate the entire scope of damage a specific attack has on their network.

While IT may not feel properly prepared for an attack, Cisco's survey did have a bit of good news: the average attack detection time has decreased to 17.5 hours -- a dramatic downturn from 2015's average of 46 hours to spot an incursion.  The company points out that the short incursion detection time well outpaces the overall industry, where the average detection typically falls between 100 and 200 days after the initial incursion.

As for what's trending in the attack world, Cisco found that 91.3 percent of all studied attacks use Domain Name Services (DNS) in some manner, whether that's to transfer stolen data, gain command and control or to redirect traffic to malicious sites. What makes this a real problem for IT is that 68 percent of organizations studied for the report do not monitor attacks from recursive DNS, making it a "security blind spot" for many enterprises, according to Cisco.

Commenting on this typical weakness when it comes to network security, Travis Smith, senior security research engineer at Tripwire, said too many don't take a proactive approach to safety when browsing online. "We depend on the computer's ability to translate website names into their IP address equivalent to make our lives easier," said Smith. "Our dependency on DNS means many networks blindly allow the protocol throughout their network.  Attackers know this and have successfully been exploiting this soft spot in the network."

The goal for IT is to incorporate a process where endpoint DNS configurations are monitored to limit the number of redirect attacks getting through.

Other key findings:

  • While Adobe Flash-based attacks still continue to be a popular, organizations limiting the use of Flash in network and software vendors building safeguards against said attacks are on the rise.
  • An estimated 85 percent of enterprises studied are using known malicious browser extensions.
  • The more-secure HTTPS encrypted traffic addresses will continue to grow and is expected to be the dominant form of traffic in 2016.

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

Featured

  • Microsoft Starting To Roll Out New Excel Connected Data Types

    Microsoft on Thursday announced some Excel and Power BI enhancements that add "connected data types" on top of the standard strings and numbers options.

  • Windows 10 Users Getting New Process for Finding Optional Driver Updates

    Accessing Windows 10 drivers classified as "optional updates" will be more of a manual seek-and-install type of experience, starting on Nov. 5, 2020, Microsoft explained in a Wednesday announcement.

  • Microsoft Changes Privacy Platform Name to SmartNoise

    Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement.

  • Why Restarting a Failed SCVMM Job Might Be a Bad Idea

    Occasionally, restarting a failed System Center Virtual Machine Manager job can leave your virtualization infrastructure in an unknown state. Here's how to avoid that.

comments powered by Disqus