Shortage of IT security pros putting networks at risk: Cisco

Networking vendor Cisco Systems is warning in its Cisco 2014 Annual Security Report that a worldwide shortage of nearly a million skilled security professionals is hampering the security efforts of organizations at a time when vulnerabilities and threats are reaching new highs.

The report found that threats are becoming more sophisticated, with simple attacks causing containable damage giving way to well-funded and organized cybercrime operations that can deal significant economic and reputational damage. Rapid mobile device adoption and cloud computing are yielding new threat vectors, and Internet infrastructure is being harnessed for more powerful attacks than can be made from individual computers or devices.

According to Cisco, overall vulnerabilities and threats have hit their highest levels since they started tracking in May of 2000. The increasing threat level comes at a time when the worldwide shortage of security professionals is expected to hit nearly one million. The vendor warns most lack the resources to continuously monitor networks, detect infiltrations and apply protections, in a timely and effective manner.

Related News

Canadian partners welcome Fortinet’s new marketing push

McAfee brand will be phased out by Intel

Unapproved apps a part of growing “shadow IT” problem: report

Among specific threats, distributed denial of service (DDoS) attacks have increased in both volume and severity, multipurpose trojans were the most frequently encountered web-delivered malware at 27 per cent of total encounters in 2013, and Java continues to be the most frequently exploited programming language. Some 99 per cent of all mobile malware targeted Android devices.

“Although the Cisco Annual Security Report paints a grim picture of the current state of cyber security, there is hope for restoring trust in people, institutions and technologies — and that starts with empowering defenders with real-world knowledge about expanding attack surfaces,” said John N. Stewart, senior vice-president and chief security officer for threat response intelligence and development at Cisco, in a statement. “To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods — before, during and after an attack.”

Author: Jeff Jedras

A veteran technology and business journalist, Jeff Jedras began his career in technology journalism in the late 1990s, covering the booming (and later busting) Ottawa technology sector for Silicon Valley North and the Ottawa Business Journal, as well as everything from municipal politics to real estate.He later covered the technology scene in Vancouver before joining IT World Canada in Toronto in 2005, covering enterprise IT for ComputerWorld Canada. He would go on to cover the channel as an assistant editor with CDN.His writing has appeared in the Vancouver Sun, the Ottawa Citizen and a wide range of industry trade publications.