Cisco Blogs


Cisco Blog > Security

Summary: Governing the World of Many Clouds with Cisco Cloud Consumption Optimization Service

CIOs face a scary reality. They only know about 5-10% of the cloud applications that are being used within their organization. This shadow IT is ripping holes in their security strategies. In fact, a recent Forrester study cited that 43% of respondents said they believed shadow IT practices were major threats to their respective organizations. And, as the fallout from recent high-profile attacks have shown, both IT and business leaders will face the consequences if a security breach occurs.

To help leaders uncover shadow IT, we launched Cloud Consumption Assessment Service in January. But discovering shadow IT is only the first step that organizations need to take to manage cost and risks.

[Read the full post by Robert Dimicco on the Cisco Data Center blog...]

Tags: , ,

The Art of Escape

Craig Williams and Jaeson Schultz have contributed to this post.

We blogged in September of 2013 about variants of Havex. A month ago on June 2, 2014, I had the chance to give a presentation at AREA41.  In my presentation “The Art of Escape,” I talked about targeted attacks involving watering holes.

If we look at the timeline of the attacks we see two clear impacting factors:

  • CVE release time
  • Timeframe of new PluginDetect

This explains why we saw an increase in watering hole attacks peaking in August

timeline_havex

Read More »

Tags: , , , , ,

A New Model to Protect the Endpoint, Part 2: Attack Chain Weaving

In my last post, I talked about the need for a paradigm shift from point-in-time detection technologies to a new model that combines a continuous approach with a big data architecture. This new model lets Cisco deliver a range of other innovations that enhance the entire advanced malware protection process across the full attack continuum—before, during, and after an attack.

One of these innovations, unique to Cisco AMP for Endpoints, is Attack Chain Weaving which introduces a new level of intelligence not possible with point-in-time detection technologies.

We all know that attackers are making it their job to understand traditional point-in-time detection technologies and innovate around their limitations to penetrate endpoints and networks. However, as these attacks unfold, they leave in their wake massive volumes of data. Attack Chain Weaving allows defenders to use this data to their advantage. A big data architecture handles the ever-expanding volume of data that is essential to effective malware detection and analytics, and a continuous approach uses that data to provide context and, most importantly, prioritization of events when and where you need it.

Read More »

Tags: , , ,

Before, During and After: How to Think About Complex Threats

I’m often asked how to deal with the security threat landscape within the context of running a business. The security threat landscape can seem like a highly complex challenge, yet as I’ve looked at it through my work with Cisco and the broader industry, it can actually be boiled down into three simple phases: before, during and after attack.

It sounds simple in theory, but in practice the conversation often focuses predominantly on the “before” phase; that is, minimizing a hacker’s chances of success. While this is clearly the most important phase, it’s also crucial to have a clear threat containment strategy for “during” an attack, and a visibility and forensics plan for “after” it as well. It seems complex, but it can be surprisingly simple. Take a look at a recent video blog I did on the topic.

Tags: , , , ,

Is Your Team Prepared for a Cyber Attack? Get Ready with CyberRange Training

The fire alarm went off in my building again, but fortunately, it was only a drill. By now, we are all used to the periodic fire drills for emergency preparedness in our workplaces. But have you ever wondered if there is a similar exercise possible for a cyber attack? The same logic applies. Your team will be better prepared to handle a disaster if they are trained for it.

Seeing is believing: Today I am excited to share this video from our Cisco Korea team that showcases Cisco CyberRange.

Read More »

Tags: , , , ,