Cisco has released its end of year security report, and warned IT managers of seven growing risk management categories.

The seven categories defined by the firm are : vulnerability, physical, legal, trust, identity, human and geopolitical, which involves “Anti-malware protection, data-leakage protection, enterprise risk management, disaster planning, and more.”

For enterprises interested in security trends, the Cisco report shows big decreases in arbitrary code execution flaws, backdoor trojans, directory traversal attacks and exploited misconfigurations.

The big increases in vulnerabilities are due to buffer overflow attacks and software flaws. Cisco advised that “Businesses should focus the bulk of their defence efforts on high-severity vulnerabilities that are being actively targeted for exploitation."