List: Key insights from new reports into the cyber security industry from the start of 2016.
Given the ever changing nature of the cyber security industry, and the threats posed by attackers, researchers are constantly producing in depth reports that look into the evolving threat landscape.
Here CBR rounds up some of the key findings of 2016.
1. PWC – Gloal State of Information Security 2016
The big four accountant surveyed 10,000 CEOs, CFOs, CIOs, CISOs, CSOs, VPs and directors of IT and security in 127 countries for this extensive report.
It found 59% had purchased cyber security insurance, and that boards were increasingly getting involved in cyber security. 46% of respondents said that boards got involved in security budgeting, with 45% participating in overall strategy.
54% of those surveyed had a CISO in charge of cyber security strategy.
The survey found that 38% more security incidents were detected in 2015 than the year before, and that theft of “hard” intellectual property had soared by 56%.
Current employees remained the biggest source of compromise, at 34%, compared to 22% for current service providers, consultants or contractors.
2. Rapid 7 – 2015 Incident Detection & Response Survey
Rapid7 spoke to 271 people working in the global cyber security industry, and its findingshighlighted the information overload suffered by many in the security industry, as they battle to deal with numerous alerts on a day-to-day basis. If found that 29% of respondents are receiving over 75 alerts a day, but over three quarters them, 76%, are not comfortable dealing with more than 25 a day.
It also found that resources are strained, with 19% of firms of up to 1000 employees not having a dedicated cyber security team, compared to 2.94% for firms with over 5000 employees.
43.65% reported that they were spending more on incident response in 2015 than in 2014, with 65.06% using IPS technology, and 62.65% using endpoint solutions for incident detection and response.
3. Allot and Kaspersky – Mobile Trends Report
Allott and Kaspersky have joined forces for a report into the ever growing mobile threat vector, which is released today, 3rd February 2016.
It found that business users are more at risk to mobile malware than children and millennials, with 79% of businessmen and 67 per cent of businesswomen using risky apps on at least one occasion in 24 hours, compared to 65% of millennials and children.
Non-businesswomen who are not in the so called Gen X or Baby Boomer groups are the safest, with under a quarter, 25%, accessing risky apps in 24 hours.
The biggest risks in mobile security come from collaboration and financial transactions made over URL. The research found that over 90% of apps which enable P2P file sharing, web conferencing, file storage and sharing and remote administration are risky. It also found that 77% of gambling transaction, 27% of e-commerce, and 7.3% of finance transactions are risky.
Ultimately the report concludes that all mobile users are at some risk, with approximately 1 in every 30 mobile URL interactions and 1 in every 7 mobile app interactions being risky.
4. Arbor Networks – 2016 Worldwide Infrastructure Security Report
Arbor Networks asked 354 respondents 172 questions, 52% of respondents were from service providers.
DDoS attacks remain the most common threat, it found, with the largest DDoS attack report by a survey respondent reaching 550 Gbps.
44% said they had seen more than 21 DDoS attacks during a month, a jump up from the 38% that report this last year.
33% saw attack against cloud based services grow, compared to 29% the year before. 93% saw attacks against the application layer, up 3% from the year before.
Despite growing concern in the industry, the level Advanced Persistent Threats (APT) was found to be around the same as the year before, at 10%.
82% now have incident handling response plans in place.
5. Cisco – Annual Security Report
Cisco’s Annual Security Report reiterated that the Angler Exploit Kit Remains “one of the largest and most effective exploit kits on the market.” It attributes the exploit kit to the growth in ransomware, saying that ransomware campaigns using it could bring in as much as $34m in gross yearly income.
The report concluded that Angler was also linked to the spike in Cryptowall attacks, as was patching gaps in Adobe Flash. It also found that the threat from the Gamure botnet remains, and was the most common command and control threat.
Cisco highlighted that DNS is a security blind spot, with 68% of firms failing to monitor recursive DNS, despite the fact that 91.3% of “known bad” malware uses it for command and control, exfiltrating data, or redirecting traffic.