If you paid attention in history class you remember learning the U.S. economy has gone from one based on farming to industrial manufacturing to a services-oriented economy.
Mirroring that transformation, companies developed new business strategies in order to succeed and so as to contend with shifts as they presented themselves. However, just as companies have responded to those changes. so too have hackers and attackers responded to shifts in the cyber security world.
In order to profit from greater and needed spending, investors must understand the shifting dynamic underway in cyber attacks and how that impacts both the way victims, both corporate and individual, need to respond. In short, it means understanding several key points unearthed in Cisco System’s (NASDAQ:CSCO) Cisco 2015 Annual Security Report that was released earlier on Tuesday. The report, which presents the research, insights, and perspectives provided by Cisco® Security Research and other security experts within Cisco, explores the ongoing race between attackers and defenders, and how users are becoming ever-weaker links in the security chain.
The business community looks to spend $86 billion on information security globally by 2016, up from $62 billion in 2012, according to market research firm Gartner Group. That shows an important realization among businesses. And for investors, that’s far greater growth potential from one sector than we’re seeing in the larger global economy given the combined forecast cuts from both the World Bank and the International Monetary Fund (IMF).
Recently the World Bank raised its 2015 growth forecast for the U.S. to +3.2% from +3.0%, but at the same time indicated the Eurozone will grow at only 1.1% and Japan at 1.2% this year. According to the IMF, the world economy will now grow by 3.5% in 2015 and 3.7% in 2016, down from the institution’s October forecast that put growth at of 3.8% and 4.0%, respectively. Much like the World Bank, the IMF revised its estimate for U.S. economic growth to 3.6% this year, up 0.5%. Some quick sandbox math infers the IMF cut its outlook for the three other economic horsemen that are China, the Eurozone and Japan.
Some of the key findings from the Cisco report include:
Attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity. This means attackers are being savvy in the how, where and when they are launching attacks. Through the first eleven months of 2014, spam volume increased 250% year over year according to Cisco’s data. Another strategy that is increasingly being used is malvertising (malicious advertising) that works through web browser add-ons to distribute malware and unwanted applications. Cisco notes that the use of malvertising also means that attackers are buying advertising to deliver malware -- a very different strategy than what has been done before. According to Cisco Security Research, the most vulnerable companies to web malware attacks like these are pharmaceutical and chemical, media and publishing, manufacturing, transportation and shipping, and aviation.
The malvertising-focused strategy is part of a larger shift in the nature of attacks from the corporate entity -- networks, servers and the like -- to the user of a computer, tablet or smartphone. Why attack the user? Because he or she is the entry point into a company or other institutions assets through tactics like sending him or her a fake request for a password reset that leaves one open to identity theft and other subsequent attacks. This is particularly true given the adoption of Bring Your Own Device, the Cloud, and desktop virtualization clients.
Just as attackers have upped their game, companies need to respond, but in a more holistic and strategic way rather than simply addressing each attack as it happens. According to the Cisco Security Capabilities Benchmark Study, 91% of organizations have an executive with direct responsibility for security, but what’s really needed is a shift in thinking about security at the business unit and Board level that includes understanding cyber security’s role in the business and as a differentiator when it comes to competitors, customers and partners. These needs are underscored by findings from the Cisco Security Capabilities Benchmark report - while 90% of companies are confident about their security policies and procedures, 54% have had to manage public scrutiny following a security breach. Discussion on what controls are in place, what the reporting process is, what detection and remediation policies are and more at the Board level are likely to help change a company's security strategy from simply deploying for the latest threat to one that is more transparent, far less visible and much more informative to the Board, the company’s business units and its chief information security officer.
If I had to boil the report down into one key thought it would be that society in one form or another has always had crime. Over time criminals have gotten smarter, their methods more sophisticated, and that has forced companies, citizens and other institutions to get smarter in order to fend them off. The same is true with cyber security.