Cisco 2017 Midyear Cybersecurity Report Highlights Security Risks Presented by IoT and Offers Prescriptive Advice for Improving Cyber-Resiliency
Here at Lumeta, we eagerly await the releases of Cisco’s Midyear Cybersecurity Reports, as they are among the preeminent security reports that consistently provide industry insights and key findings taken from recent threat intelligence and cybersecurity trends. But this year is even more special, as the Lumeta Research Team contributed to the Cisco 2017 Midyear Cybersecurity Report (released today) by sharing critical data gleaned from Lumeta’s flagship product, Spectre, to help map out the evolving threat landscape. In addition to Lumeta and Cisco, other security technology partners that contributed to the report include Anomali, Flashpoint, Qualys (another Lumeta Spectre integration partner), Radware, Rapid7, RSA, SAINT Corporation, ThreatConnect, and TrapX.
Cisco has been an important partner for Lumeta for years and we’re proud to work closely with them on proactive orchestration of network infrastructure security anomalies. This year’s Cisco Midyear Cybersecurity Report (MCR) examines the increasing sophistication of cyberattacks with a particular focus on how the emerging Internet of Things (IoT)—and its myriad devices and systems with security weaknesses ripe for exploitation—is a new frontier for attackers and defenders to wreak havoc on organizations (coincidentally, we have a webinar on IoT security taking place today at 2pm EDT/11am PDT, tune in!).
IoT is a hot-button issue for security teams in all organizations, and as the Cisco MCR outlines, recent IoT Botnet activity suggests that some attackers may be laying the foundation for a wide-reaching, high-impact attack that could disrupt the Internet.
As the intersection of IoT, apps and users reaches new depths, and operational networks and IT networks become increasingly intertwined, it’s vital for companies to adequately segment their network, and to triage potential breaches and vulnerabilities. Both IoT devices and users require network segmentation.
What is perhaps the most alarming and eye-opening takeaway from the Cisco MCR is that Cisco researchers are forecasting potential ‘destruction of service’ (DeOS) attacks which could eliminate companies’ backups and safety nets. We bring this up because companies rely on the software and systems that are supposed to keep their networks and data safe, but this increased level of attack is forcing companies to pivot constantly to evade breaches.
The reason some tools in the security stack like network asset management, vulnerability assessment, and network modeling have not been effective is that their starting point (i.e. what the client understands about their network) is assumed to be true. In our experience, it never is. You can’t guard against security vulnerabilities in your network if you can’t see them.
Remember, there is no current, authoritative perception of network state. Using several active investigation and probing techniques, along with analysis algorithms, gives companies a complete index of the network, which leads to more identified networks, devices, compute resources on a physical infrastructure. This allows the organization to understand temporal infrastructure—whether it’s mobile, virtual, cloud-based and the incremental impacts it is causing on the network from a cyber view.
As the threat landscape becomes more sophisticated and the attack vector expands, it’s critical that organizations have complete visibility into what is on their networks. Otherwise, they cannot put the right systems in place to properly secure them.
We’re excited to be part of the Cisco 2017 Midyear Cybersecurity Report, and applaud Cisco for diving deep into the security threats facing today’s organizations and sharing prescriptive measures to safeguard critical infrastructure. To view the full Cisco 2017 Midyear Cybersecurity Report, please click here to download the report.