Cisco Blogs


Cisco Blog > Security

Cisco Security Masters Dojo Course at CanSecWest 2013

My colleague, Joe Karpenko, and I will be presenting the Network Threat Defense, Countermeasures, and Controls Security Masters Dojo training course at the CanSecWest 2013 Applied Security Conference.

Attendees will perform two roles. First, as a Security Practitioner who will secure and harden devices within an organization’s network infrastructure, and second, as a Security Incident Response Investigator who must correctly detect, classify, and prevent threats targeting a network by configuring and deploying advanced network threat defenses and countermeasures. Read More »

Tags: , , ,

RSA Conference: T-Minus 30 Days and Counting

A month from now, thousands of cyber security friends, colleagues, professionals, hackers, defenders, sellers, buyers, old timers, and newbies will descend on San Francisco for the 2013 RSA Conference. We will challenge one another about what has changed, create new topics and new words to describe the previously indefinable, scare the heck out of each another, and ask the same questions…often: “What’s changed in the last year? Is it better? Is it worse? Is it new?”

“Security in Knowledge” is an apt theme for this year’s RSA. It resonates with me, given my very strong opinions that no company can effectively manage cyber security alone, either people-wise or data- and information-wise. Can any organization analyze 13 billion web requests per day? 150 million endpoints? A daily deluge of 75  terabytes of incoming data? You can’t cope with that yourself. We need to move to crowd-sourcing security, creating security knowledge, and ultimately increasing effectiveness rather than watching the ship continue to take on water at intermittently slowed rates.  Read More »

Tags: , , , , ,

Streamline Your Data Center with Three Key Optimized Security Measures

The data center is at the heart of promoting IT transformation. Mobility initiatives have created a need for increased connections; power initiatives have created a need for greater efficiency; and the increased need for real-time workload processing are driving that change. I see these as “signature” trends in 2013 and also highlighted these in my earlier post this year. Conventional IT security approaches often add complexity and usually impede efficiency gains. What’s needed is an approach that does not introduce latency or require the data center to be reconfigured to accommodate security. Neither should it introduce a myriad of new of tools, new reports, and new processes.

Very few vendors can claim to provide an end-to-end architecture where security is a key programmable element of the underlying data center fabric. This capability not only accelerates the adoption of virtualization and cloud technologies but also mitigates the complexity associated with disparate and siloed security technologies. The benefits are increased business agility backed by assured security posture, strong alignment of business function to security and reduced operational costs. In this paradigm, data center and IT executives will no longer be forced into making tradeoffs between business function and security to ensure newer and more capable services.

Read More »

Tags: , , ,

Acquisition of Cognitive Security Bolsters Cisco’s Cyber Threat Defense Capabilities

In a world where malware and advanced cyber threats are enterprises’ greatest concern, the need for innovation in security is at an all-time high. Mobility and cloud are drastically changing the IT security paradigm, and our attackers are radically increasing the sophistication of their attack methods. Cisco has been listening to our customers’ concerns and we are investing in threat intelligence and defense.

As part of our investment to strengthen the network with more analytics and intelligence to target today’s complex and disruptive threats, Cisco has announced the intent to acquire Cognitive Security, a privately held company headquartered in Prague, Czech Republic. Cognitive provides security software that is focused on applying artificial intelligence techniques to detect advanced cyber threats.

When Cognitive’s technology is combined with traditional firewalls, network security, content security, and Intrusion Detection and Prevention Systems, it provides a complete detection and mitigation solution that enables customers to protect against advanced attacks and zero day attacks in near real-time.

Why is this important? Well, think of this simple use case: An employee’s own personal device is infected outside the perimeter of the enterprise. Once the employee brings that device on to the network, the enterprise’s perimeter defense solution cannot protect against the threat because the device has already been infected. This can cause a full range of negative impacts on the enterprise and the data center. With Cognitive’s technology integrated in to existing security tools, unknown abnormal network behavior is quickly and automatically identified and subjected to further analysis and enforcement.

The Cognitive software will be integrated in to Cisco’s Security Intelligence Operations (SIO), bringing together global security intelligence from the cloud with local intelligence on a customer premise to protect against advanced cyber threats.

The acquisition of Cognitive supports Cisco’s focus and investment in security and is integral to all three key components of our security strategy: 1) Cloud-based threat intelligence and defense; 2) Common policy management and context; and 3) Network enforced policy – where we truly make the Network part of the security paradigm, as opposed to sticking yet another security “box” in the network and expecting it to do all the work for us.

I am delighted to welcome the Cognitive team to the Cisco family and look forward to working with them to ensure that we are delivering always on, integrated security that empowers our customers to realize the benefits of a mobile, cloud enabled business.

Tags: , , , ,

Ask the Data Center Security Expert: Context-Aware and Adaptive Strategies for an Agile Data Center

At Cisco Live London, one of my data center theater presentations will focus on the benefits of a context-aware and adaptive security strategy. This approach helps accelerate the adoption of virtualization and cloud, which traditional static security models often inhibit. Context-based approaches factor in identity, application, location, device, and time along additional security intelligence such as real-time global threat feeds for more accurate security access decisions.

Neil MacDonald, vice president, distinguished analyst, and Gartner Fellow in Gartner Research has been advocating the benefits of a context-based approach now for some years as outlined in his Gartner blog. Not only does he say that by 2015, 90 percent of enterprise security solutions will be context-aware but in cloud computing environments where IT increasingly doesn’t own key IT stack elements, having additional context at the point of security decision leads to better decisions with risk prioritization and business factors accounted for. Neil MacDonald also co-authored a report, “Emerging Technology Analysis: Cloud-based Reputation Services,” which highlights the value of cloud-based threat intelligence in enabling secure cloud adoption.

Read More »

Tags: , , , , , , , ,