Cybersecurity is a company-wide initiative. It touches every line of business, the technology, the fabric of the organization, its culture, brand and reputation. Customers are telling us that their most important issues are security and assuring the integrity of the products and data in their networks. In light of the heightened potential for cyber threats, trust is more important than ever throughout the entire IT industry. A trustworthy product requires that security be integrated throughout the product lifecycle based on a transparent and open culture of the company, its policies, its processes, its supply chain, and its partners.
John Stewart, Senior Vice President and Chief Security and Trust Officer here at Cisco, drives trustworthy systems development, supply chain security, cloud security and customer data protection, as well as validation of Cisco’s cyber security practices. This week, John was presented with the RSA Conference Award for Excellence in Information Security during the conference keynote. We are excited for John and see the award as recognition of the work Cisco is doing around the world to raise security awareness and the importance of trust, accountability and transparency from IT vendors.
I was chatting with John after the award presentation and he told me what an honor it was to receive this level of recognition, because it affirms we’re on the right path. We recognize the enormity of the security task before us and it makes us all proud to work for a company that is totally committed to the security of our solutions and of our company.
You can read more about the award here.
Tags: cybersecurity, security
The Cisco TelePresence Hardening Guide has been updated, adding the DX70, DX80, and DX650 models. The Cisco DX Series run the Google Android operating system, which has special considerations for security.
The updates cover security areas related to:
- Access to the Google Play store and 3rd party apps
- Remote access to the device
- Simple versus Enhanced mode
- Syncing the system to external accounts
- Serial and console access
- Bluetooth considerations
The hardening guide can be found at the following URL:
Give it a read and learn how to harden your TelePresence DX system.
Tags: Cisco TelePresence, hardening guide, security
As Cisco’s products and services evolve to new models, we find ourselves coming in contact with our customer’s data more regularly. We approach this role as stewards of this data with our customers interest foremost in our mind. One area of widespread interest as it relates to this data is how we interact with Global Law Enforcement regarding this data. To that end, today Cisco is launching its first global Transparency Report on Law Enforcement Requests for Customer Data. In this report, Cisco details our principles regarding how we will treat law enforcement requests for customer data if, and when we receive such requests. We also provide specifics regarding how many requests we have received from global law enforcement agencies for our customer’s data.
Read More »
Tags: customer data, data protection, government, Government Data Requests, public sector, security, transparency, Transparency Report
This post was authored by Nick Biasini and Joel Esler
Talos has observed an explosion of malicious downloaders in 2015 which we’ve documented on several occasions on our blog. These downloaders provide a method for attackers to push different types of malware to endpoint systems easily and effectively. Upatre is an example of a malicious downloader Talos has been monitoring since late 2013. However, in the last 24-48 hours, things have shifted dramatically. We’ve monitored at least fifteen different spam campaigns that are active between one and two days. While the topic associated with the spam message has varied over time, the common attachment provided is a compressed file (.zip or .rar) that contains an executable made to look like a PDF document by changing the icon.
When Upatre is executed, a PDF document is quickly downloaded and displayed while Upatre is delivered in the background. The document displayed has been either one of two PDFs. The first PDF, which was used until March 17, contained some information about Viagra:
Figure 1: Sexual Dysfunction, what’s your function?
Read More »
Tags: malware, Talos, threat spotlight, upatre
Though 2014 has come and gone, one trend that dominated its headlines has unfortunately continued to do the same this year. So, what happens to an organization’s cybersecurity readiness plan when there aren’t enough security professionals to protect the network? What are the tested security strategies that can help organizations prepare, manage, respond to and recover from incidents in a quick and effective manner?
During our next #CiscoChat, we’ll seek to answer these questions and invite you to share your thoughts and solutions with us. #CiscoChat is a program where industry experts answer your questions and participate in an open discussion on a particular topic. Everyone is welcome to join simply by searching the hashtag #CiscoChat on Twitter and including it in your tweets to be seen by others participating. Read More »
Tags: Business Trends, ciscochat, incident response, security, Social Chat, social media