Security Advisor
Report: Enterprise Security Confidence Declining Due to Old Hardware
Aging technology, coupled with a growing number of sophisticated attacks have organizations feeling like they're at a disadvantage when it comes to network security, according to a recent Cisco report.
More than half of organizations have a lack of confidence in their enterprise "security posture," according to a recently released survey from Cisco.
The Cisco 2016 Annual Security Report, released last week, found that only 45 percent feel that their enterprise IT is adequately prepared to protect them from outside attack. This is a decline from Cisco's 2015 report, which reported that confidence among polled organizations was at 59 percent and 64 percent in 2014.
The networking company found that the loss in confidence can be attributed to an increase in sophisticated attacks, coupled with aging infrastructure. According to the report, 92 percent of 115,000 Cisco devices that are currently connected to the Internet are running out-of-date, vulnerable software, with 31 percent of devices still being used well past their end of support.
Aging technology has also brought about a decrease in IT's confidence in stopping an active attack before real damage could be done. Only 51 percent of organizations participating in the study said they are confident that they could stop an atack once it infiltrates their network, while 45 percent indicated they're able to evaluate the entire scope of damage a specific attack has on their network.
While IT may not feel properly prepared for an attack, Cisco's survey did have a bit of good news: the average attack detection time has decreased to 17.5 hours -- a dramatic downturn from 2015's average of 46 hours to spot an incursion. The company points out that the short incursion detection time well outpaces the overall industry, where the average detection typically falls between 100 and 200 days after the initial incursion.
As for what's trending in the attack world, Cisco found that 91.3 percent of all studied attacks use Domain Name Services (DNS) in some manner, whether that's to transfer stolen data, gain command and control or to redirect traffic to malicious sites. What makes this a real problem for IT is that 68 percent of organizations studied for the report do not monitor attacks from recursive DNS, making it a "security blind spot" for many enterprises, according to Cisco.
Commenting on this typical weakness when it comes to network security, Travis Smith, senior security research engineer at Tripwire, said too many don't take a proactive approach to safety when browsing online. "We depend on the computer's ability to translate website names into their IP address equivalent to make our lives easier," said Smith. "Our dependency on DNS means many networks blindly allow the protocol throughout their network. Attackers know this and have successfully been exploiting this soft spot in the network."
The goal for IT is to incorporate a process where endpoint DNS configurations are monitored to limit the number of redirect attacks getting through.
Other key findings:
- While Adobe Flash-based attacks still continue to be a popular, organizations limiting the use of Flash in network and software vendors building safeguards against said attacks are on the rise.
- An estimated 85 percent of enterprises studied are using known malicious browser extensions.
- The more-secure HTTPS encrypted traffic addresses will continue to grow and is expected to be the dominant form of traffic in 2016.