NEW YORK - Cybersecurity criminals are more "sophisticated, bold and resilient" than ever, according to a new study by U.S. computer networking company Cisco, which revealed major flaws in businesses’ attempts to thwart and recover from attacks.
Among the shortcomings, Cisco found a 10 percent drop in up-to-date security infrastructure reported by organizations over the course of a year. The company analyzed 115,000 devices; 92 percent were running software with known vulnerabilities.
Cisco Principal Engineer Jason Brvenik told VOA attackers are fairly indiscriminate in determining whom to target, instead leveraging opportunities to increase efficiency and profits.
"It doesn't matter if they're attacking a person for a cyber ransom or a business. What they do is they find out what they can leverage and then they use it," Brvenik said.
He said defenders, as they move toward more continuous analytics models, are able to more quickly detect an attack and outsource instant responses.
"Numerically, we see that as an industry, it's a 100- to 200-day estimate for the detection of a breach, but more modern technologies as people deploy them are able to push that number down to a matter of hours," he said.
As of May 2015, Cisco said it reduced the median time to detect threats within its networks to roughly 17 hours.
The fight against cybercrime has opened a largely untapped job market for cybersecurity practitioners, which Forbes reports is expected to grow from $75 billion in 2015 to $170 billion by 2020.
Demand for professionals
Tara Sinclair, chief economist of Indeed, a global job site company based in the U.S., said employers’ security concerns have led to a large increase in demand for trained professionals in the field.
"They're definitely concerned about their businesses," Sinclair said. "They're concerned about having employees that are protective of their property and making sure that they're not going to be attacked."
Globally, Cisco has estimated 1 million unfilled jobs in security.
Symantec, the world’s largest security software vendor, expects this gap to grow to 1.5 million by 2019.
Brvenik said many universities are doing their part to bring qualified talent to the market. Among businesses, he said, 90 percent of those surveyed by Cisco reported having programs in place for cyber awareness and training.