In its annual security report , which analyzes the scenario and safety trends on the Internet, Cisco pointed out that companies need to adopt a more collaborative strategy to combat cyber ttoers and attacks. Expanding and extending security actions for users, as well as servers and systems.
Just as safety techniques advances, hackers become more efficient. Therefore, it is increasingly necessary for companies to seek constant improvement and evolution of their protection and safety techniques.
Changes in attack techniques
Criminals have expanded their tactics and adapted to the techniques and tools used, with the aim of hindering the analysis and detection of viruses and committed systems.
Among the most used techniques, the sending of spam stands out, where low span amounts of spans from a large set of different locations are sent. Another widely used method is the malicious combination of codes, exploring small flash and javascript vulnerabilities, such as outdated versions and low navigation safety level.
Users become the target
Cisco research revealed that the invaders have failed to focus on attacks on servers and operating systems and began to direct attacks on users, who with the lack of knowledge and misuse of the internet, end up accessing and downloading malicious files from committed websites. For example, attacks through spam and malicious messages increased 250% in 2014.
Security in companies
A prominent point of the research shows a greater distance between intention and defensive practical actions. The study indicates that 75% of those responsible for security in companies consider their techniques and tools effective. However, only 50% of these use recommended and considered standard tools, preventing security violations and warranty in the execution of updated versions of applications.
A positive point of the research shows that in Brazil 34% of organizations have an advanced level of security. However, still behind countries like United States with 44% and India with 54%.
How to increase security?
The most relevant point to be considered in research is the changes that the security market has been undergoing, mainly by the expansion of the techniques used by the criminals of the internet. Given this, it is clear the need for adaptation by security managers, so a change in the security principles still widely used is required.
Cisco, in its “security manifesto”, lists some basic principles that should be followed in strategy and security actions, both by managers and by the internet user:
- Security must support the business.
- Security should work with existing architecture - and be usable.
- Security must be transparent and informative.
- Safety should allow appropriate visibility and action.
- Security should be seen as a “problem related to people.”
And in your company, what has been done to maintain updated and efficient invaders protection? Share your experiences in the comments!
