Cisco Blogs

Cisco Blog > Security

The Continuum Approach for Secure Mobility

A couple weeks ago, we spoke about the mobility journey and the phases that organizations take as they embrace the widely accepted mode of mobility—Beyond BYOD to Workspace Mobility (device-focus, application-focus and experience-focus). Whatever phase your organization is in, security is a top priority. These phases can help determine your secure mobility approach but your risk aversion level will also define it. Whatever your risk tolerance, the mobile threat landscape is extremely active and clever—do not underestimate it.

The dynamic nature of mobile threats does not stop by simply entering from your mobile device but it can further propagate and manifest across the network, wired devices, virtual, cloud and data center environments. So your secure mobility approach must be non-stop, continuous and pervasive—end to end. To hinder the chance of threat damage or inappropriate access whether intentional or not, one must offer comprehensive secure mobile access controls at the access layer across each phase of an attack, before, during and after.

Read More »

Tags: , , , , , , ,

South of Several Borders

Let me tell you a little about a country I’d not been to before until recently: Chile. Beyond its abundant natural resources and terrific terroir for wine grapes, Chile has become a hub for banking and retail companies with operations that span Latin America. Through the continued growth of business and the Chilean public sector and government leadership going through a period of change, Chile continues to adopt cutting edge technology to become more connected. In short, Chile is quite amazing.

Read More »

Tags: ,

Spam Hits Three Year High-Water Mark

Takedowns of prolific spam botnets, such as Rustock in 2011 and Grum in 2012, had a substantial effect on reducing overall global spam volumes. This, combined with diminishing returns for spammers sending via bots, had left many email recipients basking in the comfort of (mostly) clean inboxes. No doubt this downward trend in global spam volumes also saved countless dollars that would have otherwise been frittered away on phony university degrees, suspect weight loss products, and erectile dysfunction medication.

Unfortunately, however, the good times seem to be coming to an end. Spam volumes have increased to the point that spam is now at its highest level since late 2010. Below is the graph of global spam volume as reported by Cisco SenderBase. From June 2013 to January 2014, spam was averaging between 50-100 billion messages per month, but as of March 2014 volumes were peaking above 200 billion messages per month–more than a 2X increase above normal.

Read More »

Tags: , ,

Sensitive Data Exfiltration and the Insider

The Insider Lifecycle

Traditional security is designed to keep outsiders from getting in. What happens when the enemy is an insider? A new paradigm must be explored, where the focus needs to shift inward and how data is going outbound.

Identifying anomalies in data exfiltration is critical to how to spot the insider. The insider has a typical lifecycle:

1. Identify places where sensitive data is store
2. Retrieve the data from the location
3. Move the data within the organization to prepare for exfiltration
4. Transfer the data outside the organization

Arguably, the weak points of this chain of events occur in steps 1, 2, and 4, where the insider must go through funnel points—near the data and at a public outbound connection.

Things to Look For

In almost all cases of data theft, the insider had access to the data, but in many cases, the insider’s role would have been suspect when considering the data they were accessing. Consequently, role should be examined for the end user in the context of data they are accessing.

Read More »

Tags: , , , , , , , ,

Summary: Why Should You Participate in the Cisco IoT Security Grand Challenge?

Interested in learning more about the Cisco IoT Security Grand Challenge? Plan to attend a free one-hour webinar at 12 p.m. EDT Wednesday, May 7. Cisco Futurist Dave Evans and Dr. Tao Zhang, Chief Scientist for Smart Connected Vehicles at Cisco, will talk about why the Challenge is so important to the future of IoT, and answer any questions you may have.

Read the full blog for more information.

Tags: , , , , , , ,