Cisco Blogs


Cisco Blog > Security

Controlling the Flow of Information in the 21st Century

As we mentioned in last week’s Cyber Risk Report, “The issue at hand is no longer whether or even to what extent the revolution is being tweeted, the question henceforth is how are information networks to be managed.” The capabilities of freely flowing information to influence the command and control of coordinated forces has long been understood by military commanders. Greek historian Herodotus tells in his Histories of a deposed king passing obscured messages to organize revolution, and another king sending warning of impending attack; during World War I, soldiers would shoot at carrier pigeons bearing messages from front-line troops.

Today, when governments face political unrest, a very militarily inspired response is to limit, control, or deprive the free flow of information to the opposition. Organizations do likewise, though often for different reasons, and are quickly understanding how resourceful their users can be as they dodge workforce Internet filters by accessing content on their mobile phones. Over and over again, information that authorities wish to keep secret, or deny access to, is being exposed and shared widely by those under their control. How will confidentiality fare in the coming years?

Read More »

Tags: ,

IPv6 – What’s New

IPv6 is becoming more widely deployed as the availability of IPv4 addresses continue to decline. In June, Cisco will be participating in World IPv6 Day, a 24-hour global “test drive” of IPv6 that is organized by the Internet Society.

Hopefully this introductory post will give you a basic idea of how IPv6 works and some initial security concerns. In upcoming posts, I will explain in more detail the security impact on your network of various aspects of IPv6. I am willing to address other topics as well if there is interest, just let me know. Currently the upcoming topics will be:

Read More »

Tags: , ,

Jobsonian Security

I’m sure by now you’ve seen the “I-don’t-care bear” video about the iPhone4. It’s funny, but it’s also true. The phone doesn’t work the way I expect it to—for one thing, my calls are dropped all the time. If my firewalls dropped packets the way my iPhone does, I’d have my hair on fire.

Yet iPhone is on a selling tear: Last October, when Apple announced its fiscal Q3 results, it reported that year-over-year sales of the iPhone for that quarter were up 91 percent. And despite any negative videos about the iPhone being circulated on YouTube, sales of the device show no sign of slowing down anytime soon.

Read More »

Tags:

Cisco Security Specialist Certifications Align with Evolving Technologies and Job Roles

Cisco is dedicated to developing certification and training programs that help customers and partners stay ahead of ever-increasing information security threats and vulnerabilities. The combination of new threats, compliance mandates, and the need to protect customer and organizational data has driven the demand for more efficient use of network security technologies and architectures.

Read More »

Tags:

Security Concerns in Vehicle Networks Mirror Those in Computer Networks

Traffic fatalities in the United States were 143 per one million people in 2006, compared to 93 per million in Europe. While fatalities have since fallen in both the United States and Europe, government and private industry continue to look into ways to improve traffic safety. An emerging standard, IEEE 802.11p, is one communication method to be used in networks between mobile vehicles, including aircraft and automobiles. Vehicle networks, often referred to as an intelligent transportation system (ITS), promise to improve vehicle safety as well as lower costs in terms of reduced travel time and fuel consumption by allowing vehicles and their operators to exchange traffic, speed, and weather information to allow better awareness and assist operators in decision making.

Some security researchers presenting at Black Hat DC 2011 have leveled concerns against the implementation of ITS as a potential attack vector against physical systems. Insecure deployment of an ITS could allow attackers to gain access to information within the system or deliberately sabotage system functionality. However, because there are no real-world deployments, the threat remains potential rather than real.

Read More »