The well-known Quarry Worker’s Creed, called out in prefaces to books such as “The Pragmatic Programmer” and “Ship While you Sleep”, posits the notion of IT done right as more than simple engineering discipline – good software development, for example, should not “preclude individual craftsmanship”. Drawing parallels to the construction of large cathedrals built in Europe during the Middle Ages, the quarry worker’s creed points out that while generations of builders advanced the state of structural engineering from one decade to the next, the “…carpenters, stonecutters, carvers, and glass workers were all craftspeople, interpreting the engineering requirements to produce a whole that transcended the purely mechanical side of the construction”.
We who cut mere stones must always be envisioning cathedrals, says the Quarry Worker’s Creed, and as companies, cities and countries lean on their IT teams to enable the transformation to digital business, the talented men and women that work in technology are not just builders: they are increasingly artisans and craftsmen – experts in the tools of the trade and also nuanced in navigating the vicissitudes that present themselves in the quest to build and secure the technology that powers the next wave of innovation and growth.
Cybersecurity teams in particular have their hands full today. On one hand there are all the new advances that we often can’t get fast enough: crowd-funded financial services, online education, virtual booking for work spaces, driverless cars – to name just a few. All of these need security be conceptualized and built-in from the beginning (or not, to our peril). On the other hand, their adversaries, the often-elusive hackers are increasingly sophisticated actors, who design malware, tweak code and inject vulnerabilities with the same flair and passion of a renaissance architect. Read More »
Tags: 2015 midyear security report, Cisco Midyear Security Report, MSR, security, services
After several months leading the managed security services portfolio at Cisco, I sat down with the social media team to discuss my path to Cisco, the evolution of the security market, and the future of security. [Note: This is an abridged version of the full interview.]
Q: After nearly 20 years at Symantec, why did you decide to move to Cisco?
TP: Cisco has all of the pieces necessary to solve the biggest security problems facing businesses today and into the future. Cisco’s position in the network, its broad security product portfolio, its strong and continued investment in security, and its pivot toward driving business outcomes and solving customer problems place this company in a unique position to lead the charge toward the next generation of security. As a part of a company that builds the cloud, mobility, collaboration, and Internet of Everything technologies driving change in the security market, we have a unique opportunity to proactively build security services that enable the secure adoption of these innovations. Our ability to integrate with networking technologies and all types of connected devices allows us to feed huge amounts of data from across an entire customer network into our big data platform for detecting, investigating, and analyzing threats. I’m eager to take what I’ve learned throughout 19 years in security and put that knowledge and experience to work in building up Cisco’s resources into a next-level suite of solutions. Read More »
Tags: analytics, Big Data, Cisco Security Solutions, managed security, network security, security, SIEM
This post was authored by Nick Biasini with contributions from Craig Williams & Alex Chiu
Update 8/1: To see a video of this threat in action click here
Adversaries are always trying to take advantage of current events to lure users into executing their malicious payload. These campaigns are usually focussed around social events and are seen on a constant basis. Today, Talos discovered a spam campaign that was taking advantage of a different type of current event.
Microsoft released Windows 10 earlier this week (July 29) and it will be available as a free upgrade to users who are currently using Windows 7 or Windows 8. This threat actor is impersonating Microsoft in an attempt to exploit their user base for monetary gain. The fact that users have to virtually wait in line to receive this update, makes them even more likely to fall victim to this campaign.
Read More »
We are making some changes to the way Cisco Security provides and shares vulnerability and threat intelligence to make it more consumable by our customers and the security community. The Cisco Security IntelliShield Service has been successfully delivering multi-vendor security intelligence to our customers for 15 years. During this time, the security intelligence market has continued to evolve to more integrated and automated solutions. Similarly, the Cisco Security strategy has evolved to add machine-readable security content.
We have seen an ever-increasing volume of multi-vendor reporting over the years. IntelliShield started publishing security intelligence alerts in May 2000 and we published 1337 alerts that first year. By 2005 that had increased to 1555 alerts and in 2010 to 5210 alerts. In 2014, IntelliShield published 7242 alerts and the volume continues to increase. As the volume of security activity has increased, security teams are faced with the challenge of efficiently handling that increased volume. The solution for this increased volume is to automate the reporting and sharing of vulnerability and threat intelligence through machine-to-machine standardized formats. Read More »
Tags: security, threat intelligence
Cisco presents a vision of the future in the Cisco 2015 Midyear Security Report that we expect many—particularly in the security industry—might find a little controversial. We suggest that over the next five years, there will be a continued wave of industry consolidation—driven less by financially motivated M&A and more by the need for capable solutions—that brings together niche innovators and long-standing players for the greater cause of protecting organizations.
And then what? This consolidation will lead to the development of an integrated threat defense architecture that will help to reduce time to detection and remediation of both known and emerging threats. This architecture will bring unprecedented visibility into the threat landscape, and provide control, global intelligence, and context across many solutions.
While disruptive, this change is necessary. Right now, as an industry, we’re just not doing an effective job helping all end users defend themselves from the highly sophisticated and ever-changing tactics of today’s threat actors.
As noted in the Cisco 2015 Midyear Security Report, Read More »
Tags: 2015 midyear security report, Cisco Midyear Security Report, MSR, security