The mobility trend holds great promise for improved productivity and new engagement models. These are most powerful in a learning effort—imagine learning anywhere and anytime. I just wish I had the Internet and the mobility that students have today when I went to school. Yet, mobility is an IT tsunami that will not recede. One of the most damaging aspects of this storm is the possibility of numerous personal devices that are entering organizations, accessing the network and eventually critical assets, and stealing sensitive data or mistakenly bringing malware. Many people know this policy as BYOD or bring your own device. This is not a new phrase but it is still quite prevalent. Inventory and provisioning of personal mobile devices is just the tip of this wave. Organizations want to control mobile devices to ensure acceptable usage and minimize security incidents.
When Cisco introduced the Cisco SecureX Architecture at the 2011 RSA Conference in San Francisco, it aimed to provide network security practitioners the following benefits of a security architecture:
- Contextual awareness
- Comprehensive visibility
- Scalable control
- Dynamic adaptability to new threats
- Data and application protection
What exactly does this mean? What does it do? How is it implemented? Which products are needed to achieve the benefits of a Cisco SecureX Architecture?
These are just some of the questions we hear when consulting with people tasked with the protection of an organization’s information and providing appropriate security controls around current and/or new business initiatives.
Around business initiatives, joint research conducted by IBM developerWorks and the IBM Center for Applied Insights has reported four information technologies (mobile technology, business analytics, cloud computing, and social business) that are rapidly reshaping how enterprises operate. This joint research has been published in the 2012 IBM Tech Trends report and security has been identified as a threat to innovation and a top barrier to adopting business-critical technology.
“Mobile technology, business analytics, cloud computing, and social business are rewriting strategic playbooks across industries. In these spaces, new business possibilities are emerging faster than many organizations can act on them, with significant IT skill shortages and security concerns threatening progress. Yet, some companies are equipped to innovate at the front edges of these fast-moving technology trends and drive strategic advantages for their organizations.” – 2012 IBM Tech Trends pdf
With that introduction of how security relates to business innovation, the aim of this blog post is to raise awareness that the Cisco SecureX architecture is beyond marketing and that in the background, Cisco and our partners are developing products, technology, services, and learning curricula—to help practitioners deploy cyber security architectures using models such as the Cisco Security Control Framework—so that a security architectural blueprint can be in place to allow organizations to have the confidence and agility to accelerate business transformation.
With the end of the year fast approaching and the 31st Annual Gartner Data Center Conference in Las Vegas this week, this post is dedicated to a quick reflection on emerging data center trends and their impact on security.
The global technology analyst firm Ovum expects the market to become further focused on cost-savings and efficient internal IT delivery methods with broader virtualization, cloud and the use of converged infrastructure systems in 2013. This closely mirrors the agenda for the Gartner Data Center Conference where the agenda shows focus on trends such as IT Operational Excellence, Optimal Cloud Strategies and Delivering Greater Business Value.
BayThreat 2012, the third annual information security conference in the South Bay of San Francisco, will be held December 7–8 at The Firehouse Brewery in downtown Sunnyvale, Calif. This technical conference is well attended by security professionals from the top technology companies in the South Bay. Randy Ivener and Joe Karpenko, security specialists from Cisco Systems, will present “Network Threat Defense”at 10 a.m. Saturday at the conference.
Botnets, worms, and denial of service (DoS) attacks increasingly threaten the availability of every network, yet few network engineers realize the security benefits of leveraging network infrastructure to handle these attacks. “Network Threat Defense” will address how to build a more secure infrastructure and how to leverage inherent network features, such as NetFlow, to provide a full range of attack handling mechanisms. During the presentation, Ivener and Karpenko will briefly cover the following fundamental network security topics:
- State of network security
- Threat models for IP networks
- Incident response
- Secure network design
- Device hardening
- Introduction to NetFlow
A couple of days ago, I participated in a Social Video Broadcast about cyber security survival tips for the holiday season. Some of my advice is familiar. Use stronger passwords, apply the “smell test” to too-good-to-be-true on-line offers, read the manual—especially the parts about account set up and security—when turning on a new device. Others are a little less well known. I keep a separate credit card account with a low spending limit for on-line purchases. Ask your Sys Admins if it is OK to connect a new “BYOD” device to an enterprise network when you return to work in January.
But the most important advice I offer is to slow down and think before doing anything that might subject you to cyber mayhem. Technology, and the Internet in particular, has programmed us to rush through life. But the best way to make it into to the Cyber Security Victims Hall of Regret is to lose your sense of situational awareness by clicking on anything that moves. This needn’t lead to paralyzing indecision. But taking a moment to ask: “Is this for real? Is this wise? Why does that look funny?” will spare you from a lot of harm in the holiday season.
You can watch a replay of the broadcast here: http://newsroom.cisco.com/feature-content?type=webcontent&articleId=1104963