The Cisco Annual Security Report provides a comprehensive overview of the combined security intelligence of the entire Cisco organization. Encompassing threat and trends information collected between January and October 2008, this document provides a snapshot of the state of security for that period. The report also provides recommendations from Cisco security experts and predictions of how identified trends will continue to unfold in 2009.
This year's report reveals that online and data security threats continue to increase in number and sophistication. They propagate faster and are more difficult to detect.
Key report findings include:
* Spam accounts for nearly 200 billion messages each day, which is approximately 90 percent of email sent worldwide
* The overall number of disclosed vulnerabilities grew by 11.5 percent over 2007
* Vulnerabilities in virtualization products tripled to 103 in 2008 from 35 in 2007, as more organizations embraced virtualization technologies to increase cost-efficiency and productivity
* Over the course of 2008, Cisco saw a 90 percent growth rate in threats originating from legitimate domains; nearly double what the company saw in 2007
* Spam due to email reputation hijacking from the top three webmail providers accounted for just under 1 percent of all spam worldwide, but constituted 7.6 percent of all these providers' mail
Fortunately, responses to these threats and trends are improving. Advances in attack response stem from the increased collaboration between vendors and security researchers to review, identify, and combat vulnerabilities.
