Cisco today released findings from Cisco’s 2013 Annual Security Report (ASR) in South Africa revealing that the highest concentration of online security threats come from legitimate destinations visited by mass audiences, such as major search engines, retail sites and social media outlets.
Today the trend towards ‘Bring Your Own Device’ (BYOD) is increasingly impacting IT departments this however bring complexity when it comes to security and IT Support. The challenge that South African organisations are facing with BYOD is introducing and managing a solid security strategy.
Security risks rise in businesses are also on the rise because many employees adopt “my way” work lifestyles in which their devices, work and online behaviour mix with their personal lives virtually anywhere – in the office, at home and everywhere in between.
According to the Cisco Connected World Technology Report are based on a survey commissioned by Cisco of 1800 Information Technology professionals across 18 countries:
* 30% of South African respondents said there is no policy on the use of company-issued computers, tablets or smartphones in their organisations
• * Of those in South Africa who indicated their company has a policy on personal usage of company-issued devices, only half indicate they adhere to the policy most of the time.
• * Less than 20% of South African respondents adhere to their company’s IT policy all the time.
• * Less than a third (21%) of South African respondents use company-issued devices for other activities even though they are supposed to be for work-only.
• Android malware encounters grew 2,577% over 2012. However, mobile malware represents only 0.5% of total Web malware encounters.
Android malware entered the mainstream consciousness in 2012 with explosive growth and the first documented botnet.
Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses
Spam volume dropped 18% from 2012 to 2011, with spammers working “banker’s hours” for a 25% drop in spam over the weekend.
• In 2012, the majority of spam was sent during the workweek – Tuesday was the heaviest spam day of the year.
• The top spoofed brands involve prescription drugs and luxury watches like Rolex and Omega. (ASR).
• Spammers maximise the ROI of their efforts, targeting real-world events with specific and short-lived campaigns.
o January-March: Windows software, which coincided with the release of the Microsoft Windows 8 consumer preview.
o January-March and September-December: Professional networks like LinkedIn, correlated with the desire for a career change during the beginning and end of the year.
o September-November: Cellular providers around the release of the Apple iPhone 5.
o Looking ahead, the Internet of Everything represents the largest online trend today. As more people, things and devices connect to the Internet, more data from more places will be introduced across corporate and service provider networks, which open up new vulnerabilities and a need for more sophisticated security approaches.
• Exponentially more machine-to-machine (M2M) connections are coming online each day, leading to a proliferation of endpoints that extend far beyond mobile devices, laptops and desktops to an “any-to-any” scenario in which any device can connect to any cloud to any application across any network.
• These new connections generate data in motion that needs to be protected in real time as it is evaluated for actionable insights through the network and before it’s compromised and causes irreparable damages.
• For network security professionals, the focus becomes content-neutral plumbing — shifting from the endpoint and the periphery to the network.
• Den Sullivan, head of architectures and enterprise at Cisco Emerging Theatre, comments: “Each year, the security threats and defences change as a result of one another. The Cisco Annual Security Report is our expert research, highlighting global threat patterns and trends.
• “Today, we live a blended work-personal life. With more and more devices, the number of end points for network security proliferates quickly. When ‘everything’ is connected, in fact before this, when the acceleration starts, IT organisations in South Africa will need to be ready for security scalability.
• “There are many technologies available to secure today’s networks, and now is the time for South African CIOs to make sure their security is robust as more and more devices connect to their networks. It is important to consider security from the ground up and build it into the network’s intelligence, using the most suitable security standards and protocols.”