GEC NEWS WIREAccording to the Cisco 2017 Annual Cybersecurity Report (ACR), over one-third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent. Ninety percent of these organizations are improving threat defense technologies and processes after attacks by separating IT and security functions (38 percent), increasing security awareness training for employees (38 percent), and implementing risk mitigation techniques (37 percent).
“In 2017, cyber is business, and business is cyber –that requires a different conversation, and very different outcomes. Relentless improvement is required and that should be measured via efficacy, cost, and well managed risk. The 2017 Annual Cybersecurity Report demonstrates, and I hope justifies, answers to our struggles on budget, personnel, innovation and architecture,” said Shukri Eid, Managing Director – East Region, Cisco Middle East.
Measuring effectiveness of security practices in the face of these attacks is critical. Cisco tracks progress in reducing “time to detection” (TTD), the window of time between a compromise and the detection of a threat. Faster time to detection is critical to constrain attackers’ operational space and minimize damage from intrusions. Cisco has successfully lowered the TTD from a median of 14 hours in early 2016 to as low as six hours in the last half of the year. This figure is based on opt-in telemetry gathered from Cisco security products deployed worldwide.
“A new metric – the ‘time to evolve’ – looked at how quickly threat actors changed their attacks to mask their identity. With these and other measures gleaned from report findings, and working with organizations to automate and integrate their threat defense, we can better help them minimize financial and operational risk and grow their business,” said Scott Manson, Cyber Security Leader for Middle East and Turkey, Cisco.
