In a world where malware and advanced cyber threats are enterprises’ greatest concern, the need for innovation in security is at an all-time high. Mobility and cloud are drastically changing the IT security paradigm, and our attackers are radically increasing the sophistication of their attack methods. Cisco has been listening to our customers’ concerns and we are investing in threat intelligence and defense.
As part of our investment to strengthen the network with more analytics and intelligence to target today’s complex and disruptive threats, Cisco has announced the intent to acquire Cognitive Security, a privately held company headquartered in Prague, Czech Republic. Cognitive provides security software that is focused on applying artificial intelligence techniques to detect advanced cyber threats.
When Cognitive’s technology is combined with traditional firewalls, network security, content security, and Intrusion Detection and Prevention Systems, it provides a complete detection and mitigation solution that enables customers to protect against advanced attacks and zero day attacks in near real-time.
Why is this important? Well, think of this simple use case: An employee’s own personal device is infected outside the perimeter of the enterprise. Once the employee brings that device on to the network, the enterprise’s perimeter defense solution cannot protect against the threat because the device has already been infected. This can cause a full range of negative impacts on the enterprise and the data center. With Cognitive’s technology integrated in to existing security tools, unknown abnormal network behavior is quickly and automatically identified and subjected to further analysis and enforcement.
The Cognitive software will be integrated in to Cisco’s Security Intelligence Operations (SIO), bringing together global security intelligence from the cloud with local intelligence on a customer premise to protect against advanced cyber threats.
The acquisition of Cognitive supports Cisco’s focus and investment in security and is integral to all three key components of our security strategy: 1) Cloud-based threat intelligence and defense; 2) Common policy management and context; and 3) Network enforced policy – where we truly make the Network part of the security paradigm, as opposed to sticking yet another security “box” in the network and expecting it to do all the work for us.
I am delighted to welcome the Cognitive team to the Cisco family and look forward to working with them to ensure that we are delivering always on, integrated security that empowers our customers to realize the benefits of a mobile, cloud enabled business.
Tags: analytics, Chris Young, Cisco, cognitive security, Security Research Tags: acquistion
At Cisco Live London, one of my data center theater presentations will focus on the benefits of a context-aware and adaptive security strategy. This approach helps accelerate the adoption of virtualization and cloud, which traditional static security models often inhibit. Context-based approaches factor in identity, application, location, device, and time along additional security intelligence such as real-time global threat feeds for more accurate security access decisions.
Neil MacDonald, vice president, distinguished analyst, and Gartner Fellow in Gartner Research has been advocating the benefits of a context-based approach now for some years as outlined in his Gartner blog. Not only does he say that by 2015, 90 percent of enterprise security solutions will be context-aware but in cloud computing environments where IT increasingly doesn’t own key IT stack elements, having additional context at the point of security decision leads to better decisions with risk prioritization and business factors accounted for. Neil MacDonald also co-authored a report, "Emerging Technology Analysis: Cloud-based Reputation Services," which highlights the value of cloud-based threat intelligence in enabling secure cloud adoption.
Read More »
Tags: cisco live london 2013, Cisco Security, context-aware and adaptive security, data center security, network security, Secure-X, SecureX, security, security intelligence
It's only been a few days since we said goodbye to 2012 and we are already seeing what many predicted for 2013: an increase in the creation, enhancement, and usage of numerous exploit kits by cyber criminals. Cyber criminals don't take long vacations in December. On the contrary, they "work hard" and make lots of money during the holiday season! These criminals are continuously improving their tools to keep up with us (the good guys) and continue enhancing their "money-making machines." A real-life example is how cyber criminals were able to quickly incorporate the exploits of the recently found Java vulnerability that I described in a post a few days ago.
Exploit kits make it easy for these criminals because they can easily spread malicious software that exploits well-known and new vulnerabilities. New exploit kits are loaded with some of the most dangerous zero-day exploits and other features that allow criminals to increase their profits.
Read More »
Tags: ASA, cloud security, exploit kits, exploits, security, web security
Ask the Data Center Security Expert with Cisco’s Rajneesh Chopra
Rajneesh Chopra is the Director of Product Management and Marketing at Cisco for the enterprise firewall line of technologies and has more than 10 years of product management leadership experience in the networking and data center arena. He also has a very futuristic outlook and a great passion for solving big customer problems.
Rajneesh sees the confluence of mobility, power efficiency, and standardization as the key drivers for change in the next-generation data center and with implications for the way security will need to be addressed. These changes are particularly significant as they are being driven by end-users versus heavy marketing pushes, which can often artificially induce change. Rajneesh delves into each of these factors and the role they play in the next generation data center.
Read More »
Tags: data center security, end-to-end architecture, enterprise firewalls, secure mobility, SecureX
Researchers from Kaspersky Lab have released information about a large-scale cyber espionage campaign called Operation Red October (otherwise known as Rocra). The report has garnered the attention of multiple news agencies and generated many published articles since the Kaspersky report has claimed that attackers were targeting hundreds of diplomatic, governmental, and scientific organizations in numerous countries.
These reports indicate that the command-and-control (C&C) infrastructure that is used on these attacks receives stolen information using more than 60 domain names to hide its identity. Furthermore, this information appears to be funneled into a second tier of proxy servers. These are very clever attacks that many are now claiming have been taking place for more than five years! Red October is being compared with other malware that has been associated with cyber espionage such as Duqu, Flame, and Gauss.
Read More »
Tags: cisco red october, cyber espionage, cyber terrorism, espionage, red october, rocra, security