Cisco warns of shortage in security professionals to fight online criminals

The Cisco 2014 Annual Security Report reveals that threats designed to take advantage of users’ trust in systems, applications and personal networks have reached startling levels. The report indicates a shortage of more than a million security professionals across the globe in 2014.

The sophistication of the technology and tactics used by online criminals have outpaced the
ability of IT and security professionals to address these threats.

 Most organisations do not have the people or the systems to continuously monitor extended networks and detect infiltrations, and then apply protections, in a timely and effective manner.

The report’s findings offer a vivid picture of rapidly evolving security challenges facing businesses, IT departments and individuals. Attacker methods include socially engineered theft of passwords and credentials, hide-in-plain-sight infiltrations, and exploitation of the trust required for economic transactions, government services and social interactions.

David Meads, Vice President for Cisco in Africa said “Organisations across Africa must realise that it is no longer if they will be targeted by cyber-attacks, but rather when,” “Chief Information Security Officers face growing pressure to protect terabytes of data on an increasingly porous network, manage information safely especially on the cloud, and evaluate the risks of working with third-party vendors for specialized solutions – all in the wake of shrinking budgets and leaner IT teams,” he adds.

Sabrina Dar, General Manager for Cisco East Africa noted that although the report paints a grim picture of the current state of cyber security, there is hope for restoring trust in people, institutions and technologies – and that starts with empowering defenders with real-world knowledge about expanding attack surfaces.

“To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during and after an attack. Today’s advanced threats that can attack hosts through a combination of different vectors require a continuous security response versus point in time solutions. Web and Email gateways do a large amount of heavy lifting in the threat defense ecosystem, blocking the delivery of malicious content. With the Sourcefire acquisition Cisco is now able to provide customers in East Africa with the best advanced malware protection from the cloud to the network to the endpoint.”

Cisco 2014 Annual Security Report Highlights increased sophistication and proliferation of the threat landscape. Simple attacks that caused containable damage have given way to organized cybercrime operations that are sophisticated, well-funded, and capable of significant economic and reputational damage to public and private sector victims. It also focused on the increased complexity of threats and solutions due to rapid growth in intelligent mobile device adoption and cloud computing provide a greater attack surface than ever before. New classes of devices and new infrastructure architectures offer attackers opportunities to exploit unanticipated weaknesses and inadequately defended assets.