Are your finances secure with your financial institution? Vystar Credit Union in Florida, USA speaks out on one of their recent efforts to ensure highly secure access at their institution. With the pressures of compliance and the need to protect their institution’s network and assets, Vystar deploys ISE and AnyConnect with great success. Most recently coming from Gartner IT conference in FLA I had a chance to speak with other organizations that expressed secure access concerns. Read More »
With October designated as Cyber Security Awareness Month, it got me thinking about the connections between awareness and trust. Cisco has made significant investments in what we call “Trustworthy Systems.” These products and services integrate security features, functions, and design practices from the very beginning. We do this because we know that people will be depending on Cisco products for communications critical to their personal and professional missions. Read More »
In the last week alone, two investigations I have been involved with have come to a standstill due to the lack of attribution logging data. One investigation was halted due to the lack of user activity logging within an application, the other from a lack of network-based activity logs. Convincing the asset owners of the need for logging after-the-fact was easy. But ideally, this type of data would be collected before it’s needed for an investigation. Understanding what data is critical to log, engaging with the asset owners to ensure logs contain meaningful information, and preparing log data for consumption by a security monitoring organization are ultimately responsibilities of the security monitoring organization itself. Perhaps in a utopian world, asset owners will engage an InfoSec team proactively and say, “I have a new host/app. To where should I send my log data which contains attributable information for user behavior which will be useful to you for security monitoring?” In lieu of that idealism, what follows is a primer on logs as they relate to attribution in the context of security event monitoring. Read More »
Ten years ago, I remember driving around my neighborhood with a laptop, wireless card, and an antenna looking at the Service Set Identifiers (SSID) of all the open wireless networks. Back then, a home user’s packets often flew through the air unencrypted with nary a thought to who might be listening.
As a protocol, Wireless Fidelity (WiFi), has continually improved (IEEE 802.11) and today it is the preferred communication channel for a multitude of home devices including video game consoles, cameras, streaming video devices, mobile phones, tablets, and list goes on. As October is National Cyber Security Awareness Month, we outline typical WiFi risks and share sensible precautions.
In my last three homes, the Internet Service Provider (ISP) installation technician arrived with a cable modem that included four Ethernet ports and native WiFi default enabled. In each case, the technician explained that I could manage the cable modem through the settings webpage. When I inquired about management authentication credentials all of the technicians told me that passwords were not enabled by default, which naturally caused some consternation due to the obvious security implications.
It turns out that most ISPs will provide a modem without WiFi capabilities upon request. You can also request that a WiFi enabled modem be converted to bridge mode which will allow you to attach and manage your own WiFi access point (AP) without worrying about conflicts. Read More »
Cisco Security has announced the closing of the acquisition of Sourcefire. Sourcefire founder and CTO (and creator of Snort®) Martin Roesch posted to Sourcefire’s blog this morning to share the news:
“I can tell you with certainty that this is a great match for Sourcefire, for Cisco and, ultimately, for our customers, partners and open source communities” said Roesch. “From a technology perspective, after having dedicated 15 years to Snort and then to Sourcefire, it’s personally gratifying to be part of building this strong foundation.”
Roesch, now vice president and chief architect of Cisco’s Security Business Group, is excited for the new opportunities presented. “It’s the new model of security I’ve been talking about for some time. Now working as part of the Cisco team, led by Chris Young, we can accelerate execution of this vision and make this even more impactful.”
This is just the first exciting news about the acquisition. As Roesch states in his post, “expect more great things as we continue down this path as ONE team.”