Slow reactions to threats could derail the digital economy, according to Cisco’s Midyear Security Report 2015, which claims it typically takes between 100 and 200 days for a threat to be neutralized.
The ‘time to detection’ (TTD) identified by Cisco refers to the period from when malware first enters an organization to when the file is first observed. These lengths of time are unacceptable given the increasing pervasiveness of threats and the speed of malware developments, according to Cisco security chiefs.
Time to up our game says Cisco report
The security part of the technology industry must up its game and create simple, meaningful alerts and fast effective responses, said Cisco’s chief security and trust officer John N. Stewart. “We are regularly told that business strategy and security strategy are the top two issues for customers.
Trust is tightly linked to security and transparency is key, so industry-leading technology is only half the battle,” said Stewart.
Hackers will always have the upper hand in agility, innovation and brazenness, admitted Jason Brvenik, principal engineer at Cisco’s security business group. “A purely preventive approach has proven ineffective, and we are simply too far down the road to accept a time to detection measured in hundreds of days,” said Brvenik. Vendors must cut this time to minutes, he said.
However, the malware writers are moving ahead quicker than the industry, according to Cisco. New developments, such as the Angler Exploit Kit, raise more challenges for organizations as the digital economy and the Internet of Everything (IoE) create new angles of attack and new criminal enterprises.
Angler exploit kits use Flash, Java, Internet Explorer and Silverlight vulnerabilities to attack targets.
The report identifies new risks, such as those associated with Flash, the evolution of ransomware and the Dridex mutating malware campaign.