Cisco Blogs


Cisco Blog > Security

Threat Detection: A Big Data Approach to Security

Cisco recently announced the availability of Managed Threat Defense (MTD), an innovative managed security solution that applies real-time, predictive analytics to detect attacks and protect against advanced malware across extended networks. MTD helps our customers address the ever-changing nature of threats that threaten their most important asset—data. MTD is delivered through a cost-effective business model that allows our customers to leverage Cisco’s investment in security technology, global threat intelligence knowledge base, talent, and global reach.

To learn more about MTD, watch the video datasheet below:

While developing this solution, the MTD development team talked to dozens of customers around the world. As a result of these discussions, two dominant themes emerged:

Read More »

Tags: ,

Protect Yourself Against the Next Security Flaw in the Cloud—Understand Shadow IT

Recently, a bug in Internet Explorer made it possible for hackers to take over a user’s computer causing government agencies to suggest using a different browser. The Heartbleed flaw opened the door for encrypted data to be intercepted. These latest challenges highlight one thing inherent to any application—whether on premise or in the cloud—it is not if but when the next flaw or bug will present exposure risks to your business. The key is to be prepared with a solid response strategy.

In two short years, 50% of Global 1000 companies will have customer data in the cloud according to Gartner. With more and more critical information moving to the cloud, IT needs to understand how cloud providers are responding to protect their data and users when these security challenges present themselves. For cloud services that IT is aware of, businesses can establish service level agreements and other safeguards to protect the integrity of their information.

Read More »

Tags: , , ,

Dimension Data Series #3: Closing the Gap Between the Secure Mobility Vision and Real-World Implementation

Mobile security is a top concern for IT and business leaders. This blog series with Dimension Data explores how organizational leaders can work together to mitigate concern and implement clearly defined policies and mobility goals. This blog will address closing the gap between secure mobility vision and real-world implementation. The first blog in this series discussing how concerns outweigh actions when it comes to mobility security is here. The second blog in this series highlighting how IT and business leaders can work together to develop secure mobility policies is here.

There is a gap between the vision for secure mobility and the real-world implementation.

How do we know a gap exists? A recent Dimension Data Secure Mobility Survey report indicates 79% of IT leaders believe mobility is a top priority and 69% of those surveyed already have a mobility roadmap in place. The vision looks good, right? However, only 29% of those implementing their roadmap have tested their core applications, and only 32% have conducted a security audit of the applications.

Today, IT is faced with the challenge of providing any user from any location on any device access to any of the corporate applications, all while keeping assets and users secure. These perimeters add up to a complex equation and it’s contributing to this gap in IT leaders’ approach to vision and action for mobility deployments. How can IT and business leaders work to address this disparity?

Listed below are a few steps that should be considered to help turn the secure mobility vision into a reality. Taking a careful assessment of what mobility can offer and applying these steps can make the difference between a successful implementation and being derailed by unforeseen problems.

Read More »

Tags: , , , , ,

Dimension Data Series #2 – Mobility Policy: The Mobile Endpoint is the New Perimeter

Mobile security is a top concern for IT and business leaders. This blog series with Dimension Data explores how organizational leaders can work together to mitigate concern and implement clearly defined policies and mobility goals.

Jason Harris co-authored this blog. Below we will address how the mobile endpoint is the new perimeter. The first blog in this series discussing how concerns outweigh actions when it comes to mobility security can be found here.

JasonHarris-150x150Co-authored by Jason Harris, Principal Consultant for Security and Enterprise Mobility for Dimension Data Americas

Jason comes from a technical and business risk and compliance background, with experience in conducting governance risk and compliance and technical security testing. He has expanded this into policy driven security architecture reviews including development of IT policy and procedures, technical system assessments, penetration testing, security and enterprise mobility architecture and information risk management. Over the last 3 years Jason has been leading the development of Dimension Data’s Enterprise Mobility Development Model (EMDM) and has delivered the EMDM to large enterprise clients.

Employees use their devices to access our systems on their own. It’s nearly impossible to stop.

If you agree with this statement, you’ll join the over 90% of IT decision makers that recently participated in Dimension Data’s Secure Mobility Global Survey. It’s no surprise that mobile security is a top concern for IT and business leaders; however as discussed in our first blog post in this series, concern often outweighs action when it comes to securing mobility.

For example, according to the Dimension Data survey, while over 90% of IT leaders agree that security is a top concern, only 27% feel that they have well-defined network policies in place for mobility.

Based on these figures, it’s clear that it isn’t enough to just talk about security policy; IT and business leaders need work together and focus on upholding and enforcing the policies set in place to close gaps. In this blog post, we’ll discuss why organizations need a policy that is clearly defined and how implementing the right policy will help fill gaps and establish a secure network.

In other words, how can a holistic and balanced approach to enterprise mobility -- including BYOD programs -- impact overall network security?

Mobility is the New Endpoint

In our recent conversations with CIOs, many are starting to understand that in today’s mobile and cloud landscape, the mobile endpoint is the new perimeter. This change in thinking is what’s going to be required of all of us as we embrace and deploy clearly defined roles and responsibilities for enterprise mobility policies. If it’s important for IT and business leaders to enable employees to work anywhere, wherever and however, they need to plan it properly to ensure the right amount of controls and mechanisms to support a mobile workforce.

A major part of this shift in thinking involves securing not only the user or the device, but the data the user or device has access to. This data-centric security model can help issue some control around the evolution in enterprise mobility that has basically extended an organization’s network into a thousand mini-networks that IT has little visibility over. This is why we need to change our thinking.  Mobile devices aren’t outside the perimeter; they are the new endpoint.

Read More »

Tags:

IE Zero Day – Managed Services Protection

As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog.

Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exploits only makes the job of IT security engineers that much harder. When a new zero-day vulnerability was announced on April 26, 2014 for Microsoft Internet Explorer, corporate security organizations sprang into action assessing the potential risk and exposure, drafting remediation plans, and launching change packages to protect corporate assets.

Some companies however, rely on Managed Security Services to protect those same IT assets. As a Cisco Managed Security services customer, the action was taken to deploy updated IPS signatures to detect and protect the companies critical IT assets. In more detail, the IPS Signature team, as a member of the Microsoft Active Protections Program (MAPP), developed and released Cisco IPS signature 4256/0 in update S791 and Snort rules 30794 & 30803 were available in the ruleset dated 4-28-2014. The Cisco Managed Security team, including Managed Threat Defense, received the update as soon as it became available April 28th. Generally, Cisco Managed Security customers have new IPS signature packs applied during regularly scheduled maintenance windows. In the event of a zero-day, the managed security team reached out to customers proactively to advise them of the exploit and immediately were able to apply signature pack updates to detect and protect customer networks.

While corporate security organizations must still assess ongoing risks and direct overall remediations to protect corporate data, Cisco can take the actions to provide security visibility into the targeted attacks, increase protection with fresh signatures, and reduce risk profile for the corporate InfoSec program.

For more detail on the vulnerability, please see Martin Lee’s blog post.

More details about this exploit and mitigation information can be found on the following links:

For additional information about Cisco Managed Security solutions please refer to the following links and contact your Cisco Services sales representative:

Tags: , , , , , , , , ,