Cisco Blogs


Cisco Blog > Security

Users, Interfaces, and the Security of Search

A few weeks back ReadWriteWeb (RWW) published a short posting about a deal between AOL and Facebook to integrate Facebook chat with AOL Instant Messenger. RWW went on to discuss its opinion that Facebook was interested in becoming the social networking destination for users, and to prevent mass emigrations that previously struck MySpace and Friendster. In describing this, RWW used the term “one true login”, which would eventually lead to Google giving this blog post a very high position for anyone searching “Facebook login”, and in turn would lead to many confused users trying to login to RWW to get to Facebook. Exasperated Facebook users posted many comments like the following:

The new Facebook sucks> NOW LET ME IN

and

please give me back the old facebook login this is crazy……………..

Upon review, RWW noticed that traffic to this post was growing above and beyond what they were accustomed to, and that most referrers leading to this page were Google searches for “Facebook login”. In the aftermath, RWW and the security community at large have witnessed a real-world case study on the human factors of security, social engineering, and the trust placed in the familiarity of interfaces.

Read More »

End-to-End Trust: Delivering a Safer, More Secure Internet

Increased Confidence, Enabled Collaboration

We depend on the Internet for news, for staying in touch with family and friends, for banking, and for entertainment. Healthcare, electrical power systems, video communications, self-service customer experience and collaboration are some of the emerging capabilities enabled by the Internet, and it’s pretty safe to say that other new capabilities will emerge in our lifetime. What we must protect and ensure is our confidence and trust in these services.

With end-to-end trust, we can have increased confidence and conviction that the hardware, software, operating systems, and network—even the data and the people online using these systems—are as safe and secure as possible. Greater collaboration is a true benefit of a trusted Internet. It enables us to communicate, interact, work, and play—essentially, get closer to those we want to get closer to, while keeping away those we don’t want near—as we conduct business and our lives.

Read More »

Cisco at the RSA Security Conference 2010

If you’re in the information security biz, almost all your colleagues are probably converging in San Francisco today for the opening day of the RSA Security Conference. Cisco is there too. And today we had exciting news of our own, including the introduction of the Secure Borderless Network, the new Cisco AnyConnect Secure Mobility solution and the expansion of Cisco TrustSec.

The following is a video I recorded that provides an overview of today’s news. I also took a few minutes for a Q&A to explain Cisco’s security product strategy.

Read More »

Cisco Security Predictions – Reviewed

We recently released the Cisco 2009 Annual Security Report. This is the most recent edition of our security report series, which was started in December of 2007 and now includes both annual and midyear reports. These documents primarily seek to do two things: to help you understand the threats and security events that existed during the report time frame, and to provide you with appropriate guidance on how we believe threats will evolve in the coming year.

I am not one who admires the pontification often performed by security experts and I assure you that any forward-looking guidance we write is intended solely to help you understand the emerging security threats. I believe in looking into the past with a critical eye and understanding how we could have done better.

With that in mind, the release of our 2009 annual report has reminded me to take a few minutes and review our past guidance, and naturally, evaluate our results.

Read More »

Tags:

ScanSafe Report Highlights Attacker Thrift, Intellectual Property Risk

Computer-based attacks are being leveraged by miscreants to gain a global economic and informational advantage over others. This is the message presented by ScanSafe’s 2009 Annual Global Threat Report, which was released last week. Over the course of 2009, ScanSafe, which was acquired by Cisco in December, 2009, monitored customer web traffic and blocked malicious content through its cloud-based security service. The results of their analysis uncovered some interesting points, the most widely reported being that 80% of exploits in 2009 were based on malicious PDF files. But the subtexts from the report regarding targeted theft and criminal exploitation deserve a deeper look.

Read More »