Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Cisco Report Reveals Business Impact of Data Security

    By
    Sean Michael Kerner
    -
    January 31, 2017
    Share
    Facebook
    Twitter
    Linkedin
      Cisco Security Report

      Cisco released its 2017 Annual Cybersecurity Report (ACR) on Jan. 31 providing insights into the latest trends from security statistics gathered over the course of 2016. Among the key findings in the 110-page report is that data breaches are having a financial impact on the bottom line of victimized organizations.

      “There is no shortage of opportunities for hackers to go after enterprises and services providers,” John Stewart, Senior Vice President and Chief Security and Trust Officer at Cisco, told eWEEK.

      Stewart explained that the 2017 ACR is based on Cisco’s own threat data as well as 3,000 interviews with IT executives. Among the high level findings in the report is an understanding of how impactful data breaches are on business activities.

      “Almost a quarter (23 percent) of businesses said they lost business opportunities because of a hack or a breach,” Stewart commented. “Almost a third (29 percent) said that they lost revenue as the result of a security incident.”

      Additionally, the survey found that 22 percent of respondents indicated that their organizations lost customers after a data security incident. Other security reports have also noted a correlation between data breach incidents and financial loses. The 2016 IBM and Ponemon Cost of a Data Breach report estimated the average cost of a data breach to be $4 million.

      Looking at specific forms of attacks, the Cisco report found that email spam volumes grew significantly in 2016, with 65 percent of all email being reported as spam. Only 8 percent of all spam however was considered to be malicious by Cisco.

      Attackers are also increasingly taking aim at server-based vulnerabilities rather than client end points. Cisco reported a 34 percent year-over-year increase in server related vulnerabilities while client-side vulnerabilities actually declined by 8 percent.

      “With the proliferation of the cloud and cloud applications, we see a big focus on servers, not just Software-as-a-Service, but the operating systems that power the cloud too,” Franc Artes, Security Business Group Architect at Cisco, told eWEEK.

      The open-source MongoDB database, which was recently attacked with a ransomware campaign, is one such server side application that has been a target of hackers in recent months. Middleware application servers are also increasingly being found vulnerable. Oracle for example patched 270 vulnerabilities in its January Critical Patch Update. Stewart emphasized that Cisco is not calling out any one specific vendor as being a leading cause of server related vulnerabilities.

      Among the key metrics that Cisco tracks is the Time To Detection (TTD) across its’ own products. TTD is an attempt to quantify how long it takes to discover a new security issue that could impact a product or service. In October 2016, Artes said that Cisco’s TTD was 6.05 hours. More interestingly, though, Cisco’s 2017 report introduces a new metric called Time To Evolve (TTE), which is an attempt to measure how quickly attackers evolve tactics and malware to evade defender detection. The report found that different forms of malware had various TTE numbers ranging from 20 hours for the Krytpik Remote Access Trojan to several days for other forms of malware.

      One of the surprising findings in the report is that among the surveyed organizations, 54 percent of security alerts were not remediated. Artes noted that there are a number of obstacles preventing organizations from advancing their security with 35 percent of respondents identifying budget as a key concern and 25 percent noting that a lack of trained personnel is a problem.

      While breaches tend to be thought of only in a negative context, 38 percent of Cisco’s survey respondents indicated that a breach was the driver for implementing improvements in security policies and technologies.

      Overall, Stewart found several reasons in the report to be optimistic about the future of IT security. For one, he’s encouraged that there is now an understanding of the business impact of security incidents, which in turn helps to drive improvements in an organization.

      Looking forward, Stewart is also hopeful that in 2017 the state of security for organizations could improve.

      “The thing that I think we will see change is that more customers will talk about security in business terms and will be measuring efficacy rather than just how much they spend,” Stewart said. “Candidly, asking how much money is spent on IT security is the wrong question.”

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×