Many Cisco customers with an interest in product security are aware of our security advisories and other publications issued by our Product Security Incident Response Team (PSIRT). That awareness is probably more acute than usual following the recent Cisco IOS Software Security Advisory Bundled Publication on September 25. But many may not be aware of the reasoning behind why, when, and how Cisco airs its “dirty laundry.”
Our primary reason for disclosing vulnerabilities is to ensure customers are able to accurately assess, mitigate, and remediate the risk our vulnerabilities may pose to the security of their networks.
In order to deliver on that promise, Cisco has has made some fundamental and formative decisions that we’ve carried forward since our first security advisory in June 1995.
Read More »
Tags: advisories, Cisco Security, incident response, IOS, ncsam-2013, psirt, vulnerability
April first falls on a Tuesday next year. The following Tuesday is Microsoft’s monthly security update. It will be the last monthly security update for the Windows XP operating system. About one third of the computers with Windows operating systems on the Internet today are still running Windows XP, an operating system almost 15 years old. After the April 2014 update, issues with Windows XP will no longer be patched; Windows XP users should have already migrated to a more current Windows version. So with that we present, David Netterman’s Top Ten Security Related Reasons Why You Should Upgrade Your Computer’s Old Operating System:
Read More »
Tags: EoL, MAPP, ncsam-2013, security, update, Windows XP
Risk. It’s not just a strategic board game; in business it’s the analysis that determines the potential for loss.
In today’s organization, the consumerization of IT has led to groundbreaking developments in the mobility space. The broad deployment of BYOD, coupled with the availability of corporate data and applications, have challenged how we define security. And with recent news reports citing the rise of mobile hacking and network threats, the security of mobile technology and the data it carries seems to be at risk.
Fortunately, all is not lost.
Mobility gives employees and providers options for the workplace and creating a mobile experience that is efficient and innovative. It is also helping businesses save and make money. Today, employees in any place on any device can access any application across any network in any cloud. As a result, there are challenges associated with implementing a comprehensive BYOD policy that encompasses a proliferation of devices connecting to a network.
Even though mobility can cut costs and increase productivity, 60 percent of IT professionals recently surveyed believe mobile devices in 2013 present more of a risk to their organization than they did in 2012. And even with the growing concerns over mobile security, it still appears that only 60 percent of organizations require security technology for mobility plans. Why isn’t that number higher? After all Android Malware grew 2,577 percent in 2012 alone.
Read More »
Tags: byod, Cisco, Cisco Security, Cisco Security Intelligence Operations, Internet of Everything, IoE, malware, mobile, mobile malware, mobility, security
In the previous installment of the onePK series, you received a crash course on Cisco’s onePK. In this article, you’ll take the next step with a fun little exposé on onePK’s C API. You will learn how to write a simple program to reach out and connect to a network element. This is staple onePK functionality and is the foundation upon which most onePK applications are built.
The following short program “ophw” (onePK Hello World), is a fully functional onePK application that will connect to a network element, query its system description, and then disconnect. It doesn’t do anything beyond that, but it does highlight some lynchpin onePK code: network element connection and session handle instantiation. This is the foundational stuff every onePK application needs before useful work can get done. Read More »
Tags: Cisco, cisco ios, Cisco Security, cisco sio, IOS, ncsam-2013, network security, One Platform Kit, onePK, open source, secure software, security
Are your finances secure with your financial institution? Vystar Credit Union in Florida, USA speaks out on one of their recent efforts to ensure highly secure access at their institution. With the pressures of compliance and the need to protect their institution’s network and assets, Vystar deploys ISE and AnyConnect with great success. Most recently coming from Gartner IT conference in FLA I had a chance to speak with other organizations that expressed secure access concerns. Read More »
Tags: anyconnect, byod, Financial Services, Gartner, ISE, secure access, security