UPDATE 2: On Monday, December 30th, Der Spiegel magazine published additional information about the techniques allegedly used by NSA TAO to infiltrate the technologies of numerous IT companies. As a result of this new information coming to light, the Cisco Product Security Incident Response Team (PSIRT) has opened an investigation. Customers can stay informed of the progress of this investigation via the previously posted Cisco Security Response.
December 29th -- An article was published in Der Spiegel today about the alleged capabilities of the United States National Security Agency (NSA) Tailored Access Operations (TAO) organization. The article says that TAO “exploits the technical weaknesses” of Information Technology products from numerous companies, and mentions Cisco.
We are deeply concerned with anything that may impact the integrity of our products or our customers’ networks and continue to seek additional information.
We are committed to avoiding security issues in our products, and handling issues professionally when they arise. Our Trustworthy Systems initiatives, Cisco Secure Development Lifecycle, Cisco Common Crypto models, and Product Security Incident Response Team (PSIRT) and Vulnerability Disclosure policies are all industry-leading examples of our commitment to our customers. This is central to how we earn and maintain trust.
At this time, we do not know of any new product vulnerabilities, and will continue to pursue all avenues to determine if we need to address any new issues. If we learn of a security weakness in any of our products, we will immediately address it.
As we have stated prior, and communicated to Der Spiegel, we do not work with any government to weaken our products for exploitation, nor to implement any so-called security ‘back doors’ in our products.
UPDATE 1: Customers seeking additional information may refer to the Cisco Security Response.
Cisco Trustworthy Systems: http://www.cisco.com/web/solutions/trends/trustworthy_systems/index.html
Cisco Secure Development Lifecycle: http://www.cisco.com/web/about/security/cspo/csdl/index.html
Cisco Security Advisories, Responses and Notices:http://www.cisco.com/en/US/products/products_security_advisories_listing.html
Cisco Security Vulnerability Policy:http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html
Cisco Blogs on Security and Cryptography http://blogs.cisco.com/tag/crypto/
Tags: Cisco, NSA, Spiegel, TAO
For the sixth time in as many years, the Ethisphere Institute honored Cisco by naming us to its list of the “World’s Most Ethical Companies” and we continue to be proud of our long-standing commitment to ethics and integrity. At Cisco, we hold ourselves to a very high standard of business and professional conduct. Our company was founded on a platform of open communication, empowerment, integrity and respect. These values remain at the forefront of the way we do business each day. As a result, our customers, partners, and stakeholders around the world continue to trust our products and services. Read More »
Tags: cobc, ethics, ethisphere
Throughout 2013, I’ve had the opportunity to meet with services provider leaders from around the globe. Whether they are large or small, focused on consumer services or business, or engaged in video or mobility, their ambitions are very much in line with our strategy: To help them monetize and optimize their networks, while accelerating their ability to deliver their services.
- Monetize: From innovative new managed security services, to video, cloud and new machine driven (M2M) services to enable the Internet of Everything (IoE), there are a number of new incremental revenue opportunities for service providers which sit at the very center of these trends estimated at over $2.9 Trillion over the next 10 years.
- Optimize: Delivery of these new services has to be less than the cost to deploy and operate them. At the end of the day, the SP is a business, and, as all businesses, they need to be profitable. New ways to deliver these services as economically as possible are key to their success.
- Accelerate: In this dynamic marketplace, service providers need to move quickly to seize these new opportunities. Gone are the days when service rollouts can take months or quarters Instead, they need to operate at “web speed” shortening the time to provision new services from months to minutes and do it in a cost-effective way. Read More »
Tags: Internet of Everything, IoE, network function virtualization, NFV, Pankaj Patel, SDN, software defined networking, virtualization
It’s only been six weeks since the breakthrough Internet of Things (IoT) World Forum in Barcelona, but the momentum to build web-enabled Smart Cities appears to be crescendoing toward a tipping point.
Just this past week, I participated in two highly energized Smart City forums in “old” cities that attracted executive-level leaders from government, vertical industries and technology providers. At both – one in Hamburg and the other in Amsterdam – I experienced first-hand the growing use of digital devices connected to networks that enhance the experience of citizens and businesses and also improve sustainability and performance.
Read More »
Tags: IoE, IoT, Smart Cities, Wim Elfrink
How fascinating is it that in today’s world, a parent can connect to an office network and still remain linked to a child via mobile device?
I recently came across a New York Times article that discussed how mobility is transforming our daily lives and the safety of our loved ones. According to the article, new innovations such as Filip Technologies’ watch and Trax, can help monitor the whereabouts of young children and pets.
As the growth of mobility enables more wearable devices and applications that include GPS and Wi-Fi features, it is becoming increasingly easier for us to remotely monitor our children’s safety while managing daily tasks. Any parent would consider this a win-win.
In light of the capabilities of this type of technology, Gartner predicts that wearable electronics will be a $10 billion dollar industry. There is significant value at stake for organizations that can successfully respond to our rapidly changing mobile landscape by bridging enterprise and service provider networks through an architectural approach to mobility.
Read More »
Tags: Cisco, mobile, mobility, value at stake, Wearables, wi-fi, wifi, wireless