May 19th 2016

Report is also Posted on Cisco Connect Download Site

Director of Security Sales – Service Provider Canada

Cisco 2016

Annual Security Report

Ali Afshari

The Rise of Digitization is Upon Us

2015 2014 2013

I Love This Site

Worlds Biggest Data Breaches

http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

Shift Across Internet Governance Landscape Ushers Uncertainty

Uncertain Free

Flow of Information

Across the Border

Relying on Other

Mechanisms and

Legal Safeguards

Changing Internet

Governance

Concerns About

New Mechanism?

• MARK SULLIVAN 04.30.16 9:30 AM

On Thursday, the Supreme Court gave federal agencies far wider latitude to hack and search into computers around the world, and the decision could have a chilling effect on digital trade relations between the U.S. and Europe.

The court made changes to the Federal Rules of Criminal Procedure that will allow U.S. law enforcement to remotely hack and search computers of unknown location, computers whose location has been obscured by digital means, and even computers of cybercrime victims.

Latest Update

Security Weighs on the Minds of Executives

Of Executives Very Concerned

About Security

Agreed More Information

Will Be Expected

48%

92%

Much More Concerned

Than 3 Years Ago41%

• Attacker Tactics

• Defender Profile

• Industry Perspective

Agenda

16 billion web requests a day

500 billion emails a day

In aggregate, block almost 20 billion threats per day

• More than 1.1 million unique malware samples daily

18.5 billion AMP queries

A View Across Cisco’s Global Telemetry

Over 2400

Respondents

• CSOs 45%

SecOps 55%

• Large Enterprise 13%

Enterprise 38%

Midmarket 49%

Cisco’s 2015 Security Capabilities Benchmark Study

Conducted

over the

Summer of 2015

Study Included

12 Countries

US

Mexico

Brazil

UK

France

Germany

Italy

Russia

India

Australia

China

Japan

Threat Landscape: Resilience vs. Collaboration

• Attackers and attacks continue

to be effective

• Defender concern

spurring action

• Fragmented response inhibits

an effective defense.

Industrialization of Cybercrime

Inside the Attacks

Direct Attacks Generate Big ProfitsMore efficient and more lucrative

Attacker's Infrastructure Built to be ResilientDesigned to evade and reconstitute

Corralling an SSHPsychoGlobal collaborative attacks

Vulnerable Infrastructure is Broadly and Quickly Exploited221 percent increase in WordPress Attacks

An Appetite for Flash

Flash platform is a popular threat vector for cybercriminals

DNS: Doth Protest Too Much

91.3% of malware uses DNS

68% of organizations

don’t monitor it

A blind spot for attackers to gain command and control, exfiltrate data, and redirect traffic

Browser Infections: The Pest That Persists

More than

85% of the companies studied were affected each month

Confidence is declining, but awareness is driving action

Inside the Defenses

Attack Awareness Fades Confidence

59% confident in having the latest technology

51% have strong confidence in ability to detect a security weakness in advance

54% have strong confidence in ability to defend against attacks

45% have strong confidence in ability to scope and contain an attack

54% have strong confidence in ability to verify an attack

56% review security policies on a regular basis

-5% 0% -4%

-1% +0% +0%

Reliability Breeds Complacency

Of devices surveyed across the

Internet were running known

vulnerabilities with an average

of 26 each

Of devices surveyed across the

Internet were End of Service

Of devices surveyed across the

Internet were End of Life

92%

31%

5%

Constraints: Budget, Compatibility, and Certification

Security teams may be limited in their ability to carry out their plans

Security Awareness and Training

Formal Written Policies

Outsource Audit and Consulting

Outsource Incident Response

Outsource Threat Intelligence

Increased Awareness Drives EffortMore organizations are taking actions to become more prepared for what’s going to happen.

90%

66%

52%

42%

39%

+1%

+7%

+1%

+7%

N/A

Encrypted Traffic: A Sign of the Times

Individual Privacy Government Compliance

Organization Security

Encrypted Traffic is Increasing

It represents over 50% of bytes transferred

https://

The growing trend of web encryption creates false sense of security and blind spots for defenders

1. Richer network and security architecture needed

2. Best-in-class technology alone cannot deal with threat landscape

3. Integrated threat defense can converge on encrypted malicious activities

4. Open APIs are crucial

5. Requires less gear and software to install and manage

6. Automation and coordination aspects help to reduce TTD, containment, and remediation

Six Tenets of an Integrated Threat Defense

Actionable Collaboration is Critical

Actionable collaboration is needed

between people, processes, and

technology, and on the back-end

infrastructure that attackers are using.

Processes

People

Technology

Time to Detection: Reducing Malicious Actors’ Unconstrained Operational Space

17.535.3 VS

HOURSHOURS

June (Median) October (Median)

Cisco far outpaces the current industry estimate of 100 to 200 days

Trust, But VerifyTechnology vendors need to demonstrate trustworthiness by:

Creating a

Security-Aware

Culture

Providing Rapid

Remediation

Responding to

Breaches

Quickly

Following

Policies and

Processes

Building

Security Into

Their Solutions

2016 Annual Security Report

Attackers are tapping into

legitimate resources, becoming

adept at deploying hard-to-detect

and highly profitable campaigns

Defenders confidence is

declining, but awareness

is driving action to

deploy new strategies

Collaboration is needed to

combat today’s innovative and

persistent attacks and develop

architecture for tomorrow

2016 Annual Security Report

www.cisco.com/go/asr2016