Aging infrastructure, a growing industrialisation of hacking, and smaller businesses’ ability to manage their security systems are all contributing to an increasingly fraught cyber security environment, a major report has found.
Companies are less confident in their ability to deal with online security threats yet are increasingly cognisant of their importance of doing so, according to the Cisco annual security report.
Business leaders’ acceptance their investors and regulators expect companies provide greater transparency in relation to the threats they face is counterbalanced by their dwindling confidence in this area.
“The ability to recognise and respond to security threats becoming a business imperative has certainly shown itself to be an important finding,” said Cisco chief security and trust officer John N. Stewart.
“Attackers have become much bolder and more co- ordinated.
"They’re sharing information; they’re moving and innovating very rapidly and then remaining incredibly flexible and almost annoyingly resilient because we’re watching the malicious actor teams actually embracing legitimate techniques like strong infrastructure, the use of virtual hosting — almost IT teams that would be running any other business critical service if it were legitimate in order to launch their campaigns.”
This erosion of confidence is illustrated by the fact less than half of businesses surveyed for the report were confident in their ability to determine the scope of an attack and deal with it adequately.
Between 2014 and 2015, the number of organisations with up-to-date infrastructure also fell by 10%.
One particular risk to Irish firms— where more than 99% of businesses are SMEs— is the ability of smaller firms to manage their security needs.
A structural weakness at the heart of SMEs globally is identified by the report as a potential threat which could also affect bigger businesses that do business with SMEs.
Some estimates put the average annual cost of online security to Irish companies at €240,000.
Another common security weakness is the proliferation of malicious browser extensions commonly run on both personal and business devices.
Although previously seen as low-risk, the Cisco report identifies these as potential sources of major data leaks.
© Irish Examiner Ltd. All rights reserved