The evolution of malware:

a security guide

Cyber attackers and your cloud:

a security guide

Cyber attackers and your cloud:

a security guide

Malware. You may think you know the story, but the evolution of malware was one of the most significant developments in the attack landscape. From network-based ransomware worms to devastating supply-chain attacks, organizations need to adopt best practices and evaluate their AI in order to reduce exposure to these emerging threats.

Biggest obstacles to security

Budget

Personnel

Interoperability

34% of security professionals said budget constraints is their biggest obstacle, In 2017, the median number of security professionals at organizations was 40—a significant increase from 2016’s median number of 33; and yet, security professionals still report a lack of talent as a key issue, 25 percent of security professionals said they used products from 11 to 20 vendors.

Cloud risks

Open Authorization (OAuth)

Employees are introducing third-party cloud applications into your infrastructure. These apps communicate freely with cloud and software-as-a-service platforms as soon as the user grants access through open authorization, and that can mean attacks using faked third-party applications that can quickly spread.

Gmail users were affected by the recent OAuth phishing campaign¹
Gmail users were affected by the recent OAuth phishing campaign¹

The privileged cloud user

Even though it’s rarely talked about, some of the largest security breaches we’ve had up to today began with the compromise of one single privileged cloud user account.

27% of connected third-party cloud applications pose a high security risk²

The privileged cloud user

Even though it’s rarely talked about, some of the largest security breaches we’ve had up to today began with the compromise of one single privileged cloud user account.

27% of connected third-party cloud applications pose a high security risk²
27% of connected third-party cloud applications pose a high security risk²
27% of connected third-party cloud applications pose a high security risk²

The privileged cloud user

Even though it’s rarely talked about, some of the largest security breaches we’ve had up to today began with the compromise of one single privileged cloud user account.

Blind spots

Routers, network firewalls, segmented misconfigurations—these can all be parts of unmanaged network infrastructure and endpoints that can give attackers an easy in because they’re off the radar. When attackers compromise these, they not only gain a foothold, but they do so without detection.

A lack of visibility can lead to
of network and endpoint infrastructure becoming unknown or unmanaged.³

Security tips

Better visibility

Access to real-time, context-driven security intelligence will put attacker activity on the radar—quickly. The right visibility into devices and systems that connect to the network is also critical. Security teams should run inventories regularly and automatically since cloud (and endpoint and network) infrastructure constantly changes. Automation is key here because security personnel can’t monitor it all.

Network segmentation

Review segmentation policies and make sure you have tools that can test policy effectiveness. The right network segmentation can vastly limit the amount of damage an attack does.

Tracking

Tracking unusual activity will help detect attacks.

82%

of privileged cloud users log in from one
or two IP addresses per month.

That means activity outside of those normal patterns should be investigated.

Tighter controls

Many organizations need specific OAuth security controls, like group and user-level controls, in order to enable productivity while still maintaining security. Workflow around sanctioning/banning risky applications also helps keep administrators in the loop while providing end users the access they need.

How many
privileged cloud
users never log out
of active sessions?

30%

40%

50%

60%

ANSWER

60%

Not logging out makes it easier for attackers to gain undetected access.4

Discover more from the 2018 Annual Cybersecurity Report

Get the report

Learn more about Cisco
Cloud Security Solutions

Learn more about
Cisco Umbrella

Learn more about
Cisco Cloudlock

1 “A Massive Google dogs Phish Hits 1 Million Gmail Accounts—UPDATED,” Thomas Fox-Brewster, Forbes, May 2017
2 2017 Annual Cybersecurity Report, Cisco, 2017
3 2017 Cisco Midyear Cybersecurity Report, Cisco, 2017
4 Cisco Security Research, Cisco, 2017