'Shortage of over a million cyber security experts globally'

Even as 2013 was marked by an unprecedented growth in malicious traffic, firms globally are grappling with a shortage of over a million cyber security professionals as they try to monitor and secure networks, a study by Cisco said.
According to the networking solutions major, overall vulnerability and threat levels reached their highest in 2013, ever since it began tracking in May 2000.
Its 2014 Annual Security Report (ASR) reveals that 2013 was a "particularly bad year", with cumulative annual threat alert levels increasing by 14 per cent since 2012.
Organisations in India are also witnessing a huge growth in cyber attacks and intrusions and the country faces shortage of about 4 lakh trained cyber security professionals.

"In 2013 there was an unprecedented growth of advanced attacks and malicious traffic that unfortunately reached historic levels," Cisco Leader Security Business (India and SAARC) Diwakar Dayal told PTI.
He added the ASR states that in the face of increased attack surface exposures, exponential improvements in attack sophistication, more widespread use of state of the black art monetisation techniques by attackers and involvement of rogue states, there is a worldwide shortage of nearly a million skilled security professionals.

On the shortage of trained professionals in India, Dayal said: "In India itself we are seeing a shortage of close to 4,00,000 cyber warriors as per CERT report in September last year. Over 1,000 times, the Indian government websites have been breached for past 3 years."

The report also revealed that hackers are increasing attacks on the core of the Internet -- servers of web hosting providers, nameservers and data centres -- to spread exploits. Thousands of web hosting centres now acting as launchpads for such attacks.
Android and Java are top security targets for malware and hacks, the report said adding Android also has a large install base and is therefore an attractive target for hackers.
It's an open platform with innumerable iterations and hence is easier to exploit compared to a closed operating systems. Ninety-nine per cent of all mobile malware in 2013 targeted Android devices, it added.

Cisco's report is based on its Security Intelligence Operations (SIO), which plays a critical role in evaluating threats, given the prevalence of its solutions and the breadth of its security intelligence, Dayal said.
SIO inspects about 16 billion web requests daily through the Cisco Cloud Web Security and 93 billion emails daily by Cisco's hosted email solution, he added.
Besides, SIO daily inspects 2 lakh IP addresses, 4 lakh malware samples, 33 million endpoint files and 28 million network connects, he said.
On cyber security threats this year, Dayal said: "The primary challenges are greater attack surface, proliferation and sophistication of the attack model and complexity of threats and fragmented solutions.