Cisco Annual Security Report Reveals Widening Gulf Between Perception and Reality of Cybersecurity Readiness 60% of Cisco Security Capabilities Benchmark Survey Respondents Are Not Patching and Only 10% of Internet Explorer Users Run Latest Version; Still 90% of Respondents Are Confident in Their Cybersecurity Capabilities
John N. Stewart, Chief Security Officer at Cisco, highlights the findings of Ciscos 2015 Annual Security Report
SAN JOSE, CA, Jan. 20, 2015 - The Cisco 2015 Annual Security Report released today, which examines both threat intelligence and cybersecurity trends, reveals that organizations must adopt an all hands on deck approach to defend against cyber attacks. Attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity. Defenders, namely, security teams, must be constantly improving their approach to protect their organization from these increasingly sophisticated cyber attack campaigns. These issues are further complicated by the geopolitical motivations of the attackers and conflicting requirements imposed by local laws with respect to data sovereignty, data localization and encryption.
Attackers
Cyber criminals are expanding their tactics and adapting their techniques to carry out cyber attack campaigns in ways that make it harder to detect and analyze. The top three trends last year that Ciscos threat intelligence has identified are:
Snowshoe Spam: Emerging as a preferred strike method, attackers are sending low volumes of spam from a large set of IP addresses to avoid detection, creating an opportunity to leverage compromised accounts in multiple ways.
Web Exploits Hiding in Plain Sight: Widely used exploit kits are getting dismantled by security companies in short order. As a result, online criminals are using other less common kits to successfully carry out their tactics - a sustainable business model as it does not attract too much attention.
Malicious Combinations: Flash and JavaScript have historically been insecure on their own, but with advances in security detection and defenses, attackers have adapted by deploying exploits which combine their respective weaknesses. Sharing exploits over two different files - one Flash and one JavaScript - can make it more difficult for security devices to identify and block the exploit and to analyze it with reverse engineering tools.
Users
Users are caught in the middle. Not only are they the targets, but end-users are unknowingly aiding cyber attacks. Throughout 2014, Cisco threat intelligence research revealed that attackers have increasingly shifted their focus from seeking to compromise servers and operating systems to seeking to exploit users at the browser and email level. Users downloading from compromised sites contributed to a 228% increase in Silverlight attacks along with a 250% increase in spam and malvertising exploits.
Defenders
Results from the Cisco Security Capabilities Benchmark Study, which surveyed Chief Information Security Officers (CISOs) and Security Operations (SecOps) executives at 1700 companies in nine countries* reveals a widening gap in defender perceptions of their likely security capabilities. Specifically, the study indicates that 75% of CISOs see their security tools as very or extremely effective. However, less than 50% of respondents use standard tools such as patching and configuration to help prevent security breaches and ensure that they are running the latest versions. Heartbleed was the landmark vulnerability last year, yet 56% of all installed OpenSSL versions are over four years old. That is a strong indicator that security teams are not patching.
While many defenders believe their security processes are optimized-and their security tools are effective-in truth, their security readiness likely needs improvement.
The report findings conclude that its time for corporate boards to take a role in setting security priorities and expectations. The Cisco Security Manifesto, a formal set of security principles as a foundation to achieving security, can help corporate boards, security teams and users in an organization better understand and respond to the cybersecurity challenges of todays world. It can serve as a baseline for organizations as they strive to become more dynamic in their approach to security and more adaptive and innovative than adversaries. The principles are:
Security must support the business.
Security must work with existing architecture - and be usable.
Security must be transparent and informative.
Security must enable visibility and appropriate action.
Security must be viewed as a people problem.
For a complete copy of the Cisco Annual Security Research report go to www.cisco.com/go/asr2015
About the Report
The Cisco 2015 Annual Security Report is one of the preeminent security reports that examines the latest threat intelligence gathered by Cisco security experts, providing industry insights, trends and key findings revealing cybersecurity trends for 2015. The report also highlights data results from Ciscos Security Capabilities Benchmark Study which examines the security posture of enterprises and their perceptions of their preparedness to defend themselves against cyber attacks. Geopolitical trends, global developments around data localization and the importance of making cybersecurity a boardroom topic are also discussed.
Supporting Quote
John N. Stewart, senior vice president, chief security and trust officer, Cisco
Security needs an all hands on deck approach, where everybody contributes, from the board room to individual users. We used to worry about DoS, now we also worry about data destruction. We once worried about IP theft, now we worry about critical services failure. Our adversaries are increasingly proficient, exploit our weaknesses and hide their attacks in
Most recent headlines
09/11/2025
Dalet today announced a transformative leap forward for media operations: Agentic Artificial Intelligence (AI) that unifies the Dalet ecosystem under one natura...
20/10/2025
Inside TAMS: How Time-Addressable Media Stores could redefine sports workflows By Paul Markham
Friday, October 17, 2025 - 08:57
Print This Story
A penalty...
20/10/2025
Transformational production: Inside TVN's remote production push for the DFL...
20/10/2025
How NBC Sports Transitioned Stamford Facility to One Format: 1080p HDRMulti-year plan harmonizes workflows, simplifies operationsBy Ken Kerschbaumer, Editorial ...
20/10/2025
NBA on NBC' Studio Production Team Is Ready for Tip-Off With Coast-to-Coast...
20/10/2025
Under pressure: TVN CEO Markus Osthaus considers the German sports broadcasting ...
20/10/2025
(L-R) Maria Dizzia, Carmen Emmi, and Russell Tovey attend the Plainclothes pre...
20/10/2025
In March, we launched Concerts Near You to help listeners find concerts from their favorite artists. Since then, more than 3 million people have used it to disc...
20/10/2025
Em diversas cidades do Brasil, um movimento tem se fortalecido para celebrar o poder, a beleza e a profundidade da criatividade negra. O Dia AMPLIFIKA, agora em...
20/10/2025
In cities across Brazil, a movement is growing that celebrates the power, beauty, and depth of Black creativity. AMPLIFIKA Day, now in its fifth edition, return...
20/10/2025
Airborne Early Warning and Control aircraft rendering...
20/10/2025
DENVER and MUNICH Imagine Communications today announced its plans to acquire Pixel Power Ltd., a wholly owned subsidiary of Rohde & Schwarz. Financial terms of...
20/10/2025
LOS ANGELES G Morgan has joined Globecast, a provider of broadcast, media and entertainment managed services, as executive vice president of sales, Globecast Am...
20/10/2025
PLYMOUTH, Wisc. Heartland Video Systems and Zixi have partnered to enable broadcast-quality live video delivery over any IP network....
20/10/2025
A. R. Rahman on Facing Fear and Finding the Divine In an interview with Berklee President Jim Lucchese, the Oscar-winning composer reflects on how courage and...
20/10/2025
Monday 20 October 2025
To view this content, please enable our use of cookies. ...
20/10/2025
Rohde & Schwarz transfers Pixel Power to Imagine Communications Companies work collaboratively to ensure continuity and ongoing support for existing customers...
20/10/2025
RT 's Prime Time is set to host the final Presidential Election Debate this Tuesday night, October 21, providing an opportunity to hear directly from Irelan...
20/10/2025
NVIDIA and Google Cloud are expanding access to accelerated computing to transform the full spectrum of enterprise workloads, from visual computing to agentic a...
19/10/2025
Back to All News
Sins of Kujo' Comes to Life in New Live-Action Series Set for Spring 2026
Entertainment
19 October 2025
GlobalJapan
Link copied to cl...
18/10/2025
New England Sports Network (NESN) has chosen Harmonic, working with Astound Business Solutions, as its enterprise technology partner to transform primary distri...
18/10/2025
NEW ORLEANS, La. In the run-up to the start of the NBA season, WVUE-TV and Gray Local Media have announced a deal with DirecTV that will greatly expand access t...
18/10/2025
Berklee Celebrates 40 Years of the Fall Together Concert Faculty composers Bob Pilkington and Greg Hopkins are among the featured artists for this year's ...
17/10/2025
NEP Group Receives New Equity Investment From 26North Partners LP, Co-InvestorsCarlyle remains the largest shareholder as the company prepares for the futureBy ...
17/10/2025
Apple Lands Five-Year Deal for F1 Distribution in the U.S.Besides airing on Apple TV, the sport will be amplified on other Apple servicesBy Ken Kerschbaumer, Ed...
17/10/2025
SVG Sit-Down: Marshall Electronics' Bernie Keach on the Future of PTZ Camera...
17/10/2025
L2 Productions' REMI Facility in Austin Can Produce Content From AnywhereMusic festivals, sports events are produced via flypacks and remote control roomsBy...
17/10/2025
By Lucy Spicer
One of the most exciting things about the Sundance Film Festival...
17/10/2025
(L-R) Christopher Meyer, Addison Timlin, Cooper Raiff, Lili Reinhart, Alyah Chan...
17/10/2025
M sica e arte se uniram em uma noite especial na semana passada na ZIV Gallery, ...
17/10/2025
Music and art came together for one special night last week at ZIV Gallery, an i...
17/10/2025
Spotify and FC Barcelona are extending our partnership through 2030, continuing a collaboration that's redefining how fans, players, and artists connect. Th...
17/10/2025
MURRIETA, Calif. The Sports Fishing Championship (SFC) has deployed DigitalGlue's creative.space storage platform to streamline video production by centrali...
17/10/2025
BELLEVUE, Wash. Football continued to cement its reputation as a bulwark of TV advertising in Q3 2025 with new data from iSpot that showed both the NFL and coll...
17/10/2025
The Sports Fishing Championship (SFC), the premier competitive saltwater fishing series, has transformed its production workflow by adopting creative.space, the...
17/10/2025
QuickLink, a leading provider of award-winning multi-camera video productions and remote contribution solutions, announces the release of StudioPro Version 4, ...
17/10/2025
Although the annual Grammy Awards celebration is best known for recognizing achievements in the recording industry, the show often proves a visual spectacle as ...
17/10/2025
OpenDrives, Inc., a leading provider of software-defined data storage and data services, has promoted Alex Dunfey to Chief Technology Officer (CTO) from his for...
17/10/2025
The University of Arizona (UofA) has significantly upgraded its broadcast communication infrastructure with the integration of Riedel Communications' advanc...
17/10/2025
Harmonic (NASDAQ: HLIT) today announced that New England Sports Network (NESN), owned by Fenway Sports Group and Delaware North, has selected Harmonic as its en...
17/10/2025
Austin PBS has recently upgraded its facility-wide communications infrastructure, deploying Clear-Com 's Eclipse HX, FreeSpeak II beltpacks, and V-Series ...
17/10/2025
ZEISS announces an open call for the closed BETA testing phase of CinCraft Virtual Lens Technology, the innovative digital tool that brings authentic lens chara...
17/10/2025
Situated in the town of Kokkola, Centria University of Applied Sciences offers higher education across five core fields: engineering, business, social and healt...
17/10/2025
Public information channel in Georgia, USA, to implement a powerful, simple, and cost-effective playout automation platform.
Pebble, the leading automation, co...
17/10/2025
HBO Max is reporting that it has launched in 15 new markets, including Bangladesh, Cambodia, Macau, Pakistan, Sri Lanka and Ukraine, boosting the streaming serv...
17/10/2025
Netflix said it will make a major push into video podcasts, inking a wide-ranging deal with Spotify through which it will offer 16 podcasts in the U.S. starting...
17/10/2025
Lexington, Ky. As part of a push to highlight its advanced advertising capabilities, Viamedia has launched a new AI-powered ad tech platform and officially rebr...
17/10/2025
NEW YORK QuickLink has announced the release of StudioPro Version 4, which the company is calling the most significant upgrade yet to its flagship video product...
17/10/2025
NEW YORK and CUPERTINO, Calif. Apple and NBCUniversal said they will sell Apple TV and Peacock streaming bundles to U.S. subscribers starting Oct. 20....
Cisco Annual Security Report Reveals Widening Gulf Between Perception and Reality of Cybersecurity Readiness 60% of Cisco Security Capabilities Benchmark Survey Respondents Are Not Patching and Only 10% of Internet Explorer Users Run Latest Version; Still 90% of Respondents Are Confident in Their Cybersecurity Capabilities 
