Episode 45 – Crime Still Pays – Show Notes
This show airs on Thursday, May 21 @ 10 AM PST.Register Now!Check out the preview:
One of the first things you may notice about this show is that we did it 100% at the RSA conference…that is new for us and I was initially concerned about our ability to deliver the detail we would normally. It was certainly different, I could not always hear, Jimmy Ray and I juggle a bit physically with guests on the stage – but I really liked that JR could work with the plasma and physically walk us through what he was speaking to. It really makes me want to push harder on how we can improve our whiteboarding technology on the show. I think Valerie St. John did an outstanding job with her usual ‘classing up.’
So what all did we/will we cover?
Jimmy Ray did a nice job writing summaries of his adventures each day we were at RSA –
The pace of innovation and the sheer ‘professionalism’ of the modern criminal enterprise is as fascinating as it is shocking. The ‘no news is good news’ mantra of years past should now be deemed a dangerous proposition. The profit potential enabled by the Internet has fueled a dangerous marriage of geek smarts and business savvy that has entrepreneurial criminals building massive shadowy empires.
Join us as we:
• Welcome fellow geek Pat Peterson, Cisco Fellow, IronPort Technology Director and Security Researcher
• Expose the clues that help unravel the ‘system’ in place as we hunt down the command and control architecture.
• Disassemble the technical genius behind the ‘Spy vs. Spy’ nature of the highly effective Conficker Bot and what it tells us about the future.
• Demonstrate the latest techniques being used by criminal bot herders to maximize profit and evade detection.
• Illustrate the latest architectural approaches to your network security with a new version of the popular SAFE methodology.
• Welcome a special guest from Cisco’s Security Intelligence group as we dive into the ‘Wisdom of Crowds’ for dealing effectively with today’s polymorphic attacks.
• Reveal the latest integration of IronPorts ‘reputation’ filters for expanding the power of traditional security tools.
• Pay some bills and dive into the latest marriage of traditional URL filtering, reputation filtering and malware filtering all in a simple appliance form factor as we get hands on with the IronPort S-Series.
• Show you how hackers are using your own XML code against you.
• Determine if hackers are heckling your firewall.
Original Episode Description
The always-evolving security landscape represents a continuous challenge to organizations. The fast proliferation of botnets, the increasing sophistication of network attacks, the alarming growth of Internet based organized crime and espionage, identity and data theft, more innovated insider attacks, emerging new forms of threats on mobile systems, are examples of the diversity and complexity of the real threats that shape today’s security landscape.
As a key enabler of the business activity, networks need to be designed and implemented with security in mind to ensure the confidentiality, integrity and availability of data and system resources supporting the key business functions. Cisco’s new security architecture provides the design and implementation guidelines for building secure and reliable network infrastructures that prove to be resilient to both well-known and new forms of attacks.
Nowadays, achieving the appropriate levels of security is not longer a matter of deploying point products confined to the network perimeters. Today, the complexity and sophistication of threats mandate system-wide intelligence and collaboration. To that end, Cisco’s new architecture takes a defense-in-depth approach, where multiple layers of protection are strategically located throughout the network, but under an unified strategy. Event and posture information is shared across safeguards for greater visibility, and response actions are coordinated under a common control strategy.
The architecture uses modular designs that accelerate deployment and that facilitate the implementation of new solutions and technologies as business needs evolve. This modularity extends the useful life of existing equipment, protecting previous capital investments. At the same time, the designs incorporate a set of tools to facilitate day-to-day operations, reducing overall operational expenditures.
Cisco’s architecture leverages the Cisco Security Framework, a common framework that drives the selection of products and capabilities that maximize the principals of security, visibility and control. Also used by Cisco’s lifecycle services, the framework facilitates the integration of Cisco’s rich portfolio of security services designed to support the entire solution lifecycle.