Abridged version
Cisco: Buy our stuff.
Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration …
100% of IT Depts they tested were probably Cisco customers using Cisco VOIP phones that seemingly require a server to be connected to the network, but not managed, patched, firewalled or otherwise managed by IT
Each business chooses who will manage their VOIP systems, and IT has always managed VOIP in every place of business that I have worked for. So your complaint is invalid.
Also, Cisco has a very good VOIP system that is easy to patch, manage, and is rock solid.
Anyone who thinks that IT security is a priority should take a look at the job adverts dotted around the content you're reading right now.
If you've got the Technojobs ad, it'll reflect the current contents of the page - IT security - and it'll have three or four 'Information Security Analyst' vacancies at £35-45k, and one or two security consultant or senior manager roles at £65-75k.
That's OK for IT, but not exactly stellar. It's *way* less than the banks are paying programmers who write the security vulnerabilities, and it doen't sound like the pay rate for doing something particularly difficult, or critical to the company's success.
And Cisco? It's nice that they've woken up to the commercial case for security. But I doubt that the firmware and embedded systems in their hardware is anywhere near secure, and I am certain that every single router on sale today, from every company, everywhere, has a backdoor waiting to be discovered.