This week’s cybersecurity threat report from SonicWall doesn’t hold any real surprises from every other cybsec alert that frequents my inbox — i.e. the Cisco 2018 Annual Cybersecurity Report — but it does reinforce the key themes: cybsec threats are bad, and growing worse (it was called the ‘greatest concern’ at last month’s Senate threats hearing). “We tend to view the world as a cybersecurity arms race… the good guys make advances and the bad guys make advances,” John Gordineer, Director of Product Marketing, SonicWall, tells IT Trends & Analysis.
The cybsec vendor said cyber attacks are becoming the number one risk to business, brands, operations and financials, and it identifies almost 500 new previously unknown malicious files each day, which makes this one of the hottest IT — and business — markets. MarketsandMarkets states the data protection market is expected to grow from $57.22 billion in 2017 to $119.95 billion by 2022, at a Compound Annual Growth Rate of 16%, while the total cybsec market will grow almost as quickly, from last year’s $137.85 billion to $231.94 billion by 2022, at a CAGR of 11%.
While the SonicWall survey found that the number of attacks was down, the variety of attacks is increasing, which he attributed to several factors, especially in ransomware attacks, he said. First, companies that paid their ransoms did not get their data back; more effective protection is being deployed; and data backup and recovery solutions make companies less likely to become a victim or need to pay ransoms. As a result, the bad actors are scrambling to retool their ransomware to be more profitable, since they are catching fewer victims, said Gordineer.
“We’re curious to see where that goes in 2018. One of the things we’re seeing is ransomware as a service.”
Key findings of the SonicWall survey included:
-9.32 billion total malware attacks in 2017, an 18.4% year-over-year increase;
-ransomware attacks dropped from 638 million to 184 million between 2016 and 2017;
-ransomware variants increased 101.2%;
-the company collected 56 million unique malware samples in 2017, a 6.7% decrease from 2016, but the total volume of unique malware samples in 2017 was 51.4% higher than 2014; and
-the average organization will see almost 900 file-based attacks per year hidden by SSL/TLS encryption.
Cisco’s results offered similar dire news:
-32% of breaches affected more than half of respondents’ systems, compared with 15% in 2016;
-more than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs;
-complexity is growing: in 2017, 25% of security professionals said they used products from 11 to 20 vendors, compared with 18% in 2016; and,
-time to detection has improved from the 39-hour median TTD reported in November 2015, and the 14-hour median reported in 2017 (Cisco says its TTD is now 4.6 hours).
Detection continues to improve significantly: SonicWall’s cloud sandbox is identifying around 500 new files a day for our installed base of customers, and the mean time for decision for that sandbox is less than 1 minute, said Gordineer. But the industry still has a long way to go:
-only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate; and,
-in almost all breaches (93%), it took attackers minutes or less to compromise systems, and data exfiltration occurred within minutes in 28% of the cases.
Cisco says malware sophistication is increasing as adversaries begin to weaponize cloud services and evade detection through encryption, used as a tool to conceal command-and-control activity. “Last year’s evolution of malware demonstrates that our adversaries continue to learn,” said John N. Stewart, Senior Vice President and Chief Security and Trust Officer, Cisco.
SonicWall’s survey supported a key focus for the company, automation, i.e. realtime threat and breach detection. “One of the big areas that we’re really focused on is continuing this automation incorporating more and more intelligence,” said Gordineer.
In particular, that means trying to automate this protection is by using machine learning, he said. “And customers love that. Their staffs aren’t getting any bigger.”
Cisco’s findings support SonicWall’s direction: 39% of organizations are reliant on automation, 34% are reliant on machine learning, and 32% are highly reliant on AI.
Automation, machine learning and AI address one of the biggest cybsec challenges, the growing skills shortage. According to a recent survey by Cap Gemini, there is a 25-percentage point gap between the demand for, and supply of cybersecurity skills.
In related news, the Girl Scouts have just added a cybersecurity badge. “Cybersecurity is vital to protect our financial systems, our voting systems, you know, our defense systems,” said Sylvia Acevedo, CEO of GSUSA. “So we absolutely need to have the rising generation interested and prepared in cybersecurity,”
So will that be cookies with your cybersecurity, or cybersecurity with your cookies?