Cisco 2018 Annual Cyber Security Report: the Increasing Importance of Automation, Machine Learning and Artificial Intelligence

23 Feb 2018
Author: HSD Foundation

Last week, Cisco released their 2018 Annual Cybersecurity Report. The report reveals that 39 percent of organisations are reliant on automation, 34 percent are reliant on machine learning and 32 percent are highly reliant on artificial intelligence to defend against threats. Important findings include:


Supply chains: Attacks can impact computers on a massive scale and can persist for months or even years. Defenders should be aware of the potential risk of using software or hardware from organizations that do not appear to have a responsible security posture.


Security is getting more complex: Defenders are implementing a complex mix of products from a cross-section of vendors to protect against breaches. This complexity and growth in breaches have many downstream effects on an organization's ability to defend against attacks, such as increased risk of losses.


Behavioral analytics tools: 92 percent of security professionals said behavior analytics tools work well in locating malicious actors in networks. Two-thirds of the healthcare sector, followed by financial services, found behavior analytics to work extremely well to identify malicious actors.


Use of cloud is growing: In this year's study, 27 percent of security professionals said they are using off-premises private clouds, compared with 20 percent in 2016. Attackers are taking advantage of this lack of advanced security 


Cisco's Recommendations for Defenders:

  • Adhere to corporate policies and practices for application, system, and appliance patching 
  • Have access to timely, accurate threat intelligence data and processes that allow for that data to be incorporated into security monitoring
  • Perform deeper and more advanced analytics.
  • Back up data often and test restoration procedures, processes that are critical in a world of fast-moving, network-based ransomware worms and destructive cyber weapons.
  • Conduct security scanning of microservice, cloud service, and application administration systems.

More information (English or Dutch) or listen to an interview with Michel Schaalje from Cisco on BNR.