Cisco Blogs


Cisco Blog > Security

Before, During and After: How to Think About Complex Threats

I’m often asked how to deal with the security threat landscape within the context of running a business. The security threat landscape can seem like a highly complex challenge, yet as I’ve looked at it through my work with Cisco and the broader industry, it can actually be boiled down into three simple phases: before, during and after attack.

It sounds simple in theory, but in practice the conversation often focuses predominantly on the “before” phase; that is, minimizing a hacker’s chances of success. While this is clearly the most important phase, it’s also crucial to have a clear threat containment strategy for “during” an attack, and a visibility and forensics plan for “after” it as well. It seems complex, but it can be surprisingly simple. Take a look at a recent video blog I did on the topic.

Tags: , , , ,

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments.


  1. Do you have any advice for someone who is in a contract position that now want to hire full time with a co. who still insist on using Windows Server 2003 R2? Even though support ends for in July 2015, and yet they refuse to at bare minimum upgrade to 2008. The co. largely deals with financial institutions such as banks, yet their security is a joke! Even that is being generous. I deal with graphics and digital media, so I am not very knowledgeable in the IT or security field. Yet I constantly hear the pain and frustration in my fiance’s voice every day! A few of these concerns being… None of the engineers know even the basic information they should know, such as certs- how to use them, what they are for, Scripting, constantly asking him how to or if they can write a program for simplistic actions that should already have been done such as monitoring the backup servers, they did not even know what the servers were for! etc. He is so embarrassed to even associate himself with the co. Their security is at risk, he has tried showing them how and why. Basically all their and their consumers-Banks passwords are floating out there on an ?open source page? I don’t know any more there is so much he is frustrated with. He has mentioned ways to improve but got told by the office in San Antonio they don’t need improvements,they are fine. when he mentioned that the GA office did not have the same measure of security and needed it as well as some upgrades he was immediately dismissed before getting to finish talking. Unfortunately My Fiance has a perfectionism issue, and finds all faults, or area’s where a co. needs to improve, or is using the wrong or outdated software and usually gets fired because they want someone to shut up and do as they say not find and suggest or correct issues. He sadly believes that most companies want this direction and to run things write but quickly finds out they don’t they just want to squeak by for as long as they can while raping their customers. One co. let him go for refusing to lie about the hours he put in to solve a problem, they said he worked to fast and they were not making money that way!? I thank my lucky stars I have my Fiance’ help me with my issues he even has his own outrageous network system at home. Which I think is cute but can be draining on family time anyways sorry back to my question… How can I help him tell the people with decision making power that they are about to come to a devastating demise if they do not spend the bit of cash to improve and upgrade with out them feeling threatened by his knowledge? I seriously wish he could work for a co. like Cisco I know he wants to always has Cisco or Google lol. He is constantly improving his skills and knowledge. He has a library of books that he constantly reads, and is always eager to run off to get more certifications yet he always seems to put himself down. Many employers have told him he sells himself short and should really own up to his success’s so he can quit getting overlooked with the companies he really wants to work for. Thanks for any advice or help it is greatly appreciated. Sincerely, Shawnna Sterling

       1 like