Cisco today released findings from Cisco’s 2013 Annual Security Report (ASR) in South Africa revealing that the highest concentration of online security threats come from legitimate destinations visited by mass audiences, such as major search engines, retail sites and social media outlets.
BYOD: A Growing Security Challenge for Organisations in South Africa
Today the trend towards ‘Bring Your Own Device’ (BYOD) is increasingly impacting IT departments this however bring complexity when it comes to security and IT Support. The challenge that South African organisations are facing with BYOD is introducing and managing a solid security strategy.
Security risks rise in businesses are also on the rise because many employees adopt “my way” work lifestyles in which their devices, work and online behavior mix with their personal lives virtually anywhere – in the office, at home and everywhere in between.
According to the Cisco Connected World Technology Report are based on a survey commissioned by Cisco of 1800 Information Technology professionals across 18 countries:
* 30% of South African respondents said there is no policy on the use of company-issued computers, tablets or smartphones in their organisations
* Of those in South Africa who indicated their company has a policy on personal usage of company-issued devices, only half indicate they adhere to the policy most of the time.
* Less than 20% of South African respondents adhere to their company’s IT policy all the time.
* Less than a third (21%) of South African respondents use company-issued devices for other activities even though they are supposed to be for work-only.
Android Malware: Creating an Increasing Growing Security Threat in South Africa
* Android malware encounters grew 2,577 percent over 2012.
* However, mobile malware represents only 0.5 percent of total Web malware encounters.
Android malware entered the mainstream consciousness in 2012 with explosive growth and the first documented botnet. Malware, short for malicious (or malevolent) software, is software used or programmed by attackers to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses
* Spam volume dropped 18 percent from 2012 to 2011, with spammers working “banker’s hours” for a 25 percent drop in spam over the weekend.
* In 2012, the majority of spam was sent during the workweek – Tuesday was the heaviest spam day of the year.
* The top spoofed brands involve prescription drugs and luxury watches like Rolex and Omega. (ASR)
* Spammers maximise the ROI of their efforts, targeting real-world events with specific and short-lived campaigns.
* January-March: Windows software, which coincided with the release of the Microsoft Windows 8 consumer preview.
* January-March and September-December: Professional networks like LinkedIn, correlated with the desire for a career change during the beginning and end of the year.
* September-November: Cellular providers around the release of the Apple iPhone 5.
The Internet of Everything & Security’s Future
Looking ahead, the Internet of Everything represents the largest online trend today. As more people, things and devices connect to the Internet, more data from more places will be introduced across corporate and service provider networks, which open up new vulnerabilities and a need for more sophisticated security approaches.
* Exponentially more machine-to-machine (M2M) connections are coming online each day, leading to a proliferation of endpoints that extend far beyond mobile devices, laptops and desktops to an “any-to-any” scenario in which any device can connect to any cloud to any application across any network.
* These new connections generate data in motion that needs to be protected in real time as it is evaluated for actionable insights through the network and before it’s compromised and causes irreparable damages.
* For network security professionals, the focus becomes content-neutral plumbing — shifting from the endpoint and the periphery to the network.
“Each year, the security threats and defenses change as a result of one another. The Cisco Annual Security Report is our expert research, highlighting global threat patterns and trends. Today, we live a blended work-personal life. With more and more devices, the number of end points for network security proliferates quickly. When ‘everything’ is connected, in fact before this, when the acceleration starts, IT organisations in South Africa will need to be ready for security scalability,” said Den Sullivan, Head of Architectures and Enterprise, Cisco Emerging Theatre.