2018 Ixia Security Report calls for security that aligns more with cloud computing
This week Ixia released its second annual Security Report, based on the biggest security findings over the past year from the Ixia Application and Threat Intelligence (ATI) Research Center. The report highlights five key trends cybersecurity teams must address in 2018, with focus on how the dominance of cloud is affecting security risk.
The report is published with the intent to open new dialogues on key security challenges organizations face and offer information on new technologies and techniques that can be used to strengthen security. Data and survey results from a wide variety of industry sources are included to give context to the challenges.
Key findings from the 2018 Security Report include:
- Cloud security and compliance are top priorities for IT in 2018. An Ixia survey revealed that securing data and applications is a top priority for public cloud users in 2018. The dominance of cloud has impacted security teams as they strive to deliver effective security in hybrid, multi-cloud environments that dynamically adjust to user demand.
- Clouds are changing what is required for secure operations. A Threat Stack study found nearly 73 percent of public cloud instances had one or more serious security misconfigurations. The combination of cloud growth and the high number of misconfigurations suggests there will be more breaches in 2018 where cloud is a factor.
- Advanced cyberattacks require greater emphasis on visibility and detection. As attackers learn from their mistakes and become better at avoiding threat prevention techniques, enterprises need to evolve their approach and focus more on correlation analysis and multi-stage attack detection. A recent Ponemon study found that the average number of days from initial intrusion to detection is still high at 191 days.
- Cyber-crime is good business (for cyber-criminals). Where 2017 was the year of ransomware, 2018 is primed to be the year of crypto-jacking. AdGuard researchers report that over 500 million PCs are being remotely accessed and used for crypto-mining without their owners’ consent. Mining crypto-currencies can provide hackers with a high-profit return that is far stealthier than a ransomware attack.
- Encryption is making business more secure (for hackers too). In 2017, over half of all web traffic was encrypted. Hackers are exploiting this trend, hiding malicious traffic in encrypted streams, which makes detection via traditional means unlikely. The advent of TLS 1.3 using ephemeral key encryption requires changes meant to make it much harder to exploit encryption to hide attacks.
You can download the entire 2018 Ixia Security Report to read more of the details behind these findings.