We were excited to read the Infonetics Data Center Security Strategies and Vendor Leadership: North American Enterprise Survey, which was released yesterday. It revealed Cisco’s continued leadership in a market that spans a multitude of vendors – application/database, client, data center integration and network. The report indicates that leaders need to offer the right mix of products across the data center security and cloud arenas as well as demonstrate security efficacy and integration into adjacent markets. Cisco has continued to execute on a unified security portfolio spanning firewalls, Intrusion Prevention System (IPS), gateways, and integrated threat intelligence further complemented by strategic partnerships. Seamless integration and shared security intelligence with routing and switching (Nexus and Catalyst) and converged infrastructure (Cisco UCS) enables our customers to benefit from optimized traffic links, the highest levels of security resilience, increased availability and scalability as well as lower costs of ownership. Per the report, “to say you’re the leader in the data center/cloud security is to say you are an innovator who can tackle the biggest problems in IT security for the biggest and most demanding customers.”
We’d like to highlight two areas that Cisco has continued to demonstrate an outright lead over other vendors. In the area of perception as the top data center security supplier, Cisco leads with 47 percent of votes compared to IBM with 38 percent and McAfee with 28 percent, who ranked second and third. Cisco scored between 40 to 60 percent of respondents’ votes (covering 10 criteria) for being the leading data center security supplier with McAfee scoring 15 points below Cisco, HP received around 20 percent of votes, and Juniper and Trend with 15 percent. Read More »
Tags: catalyst, Cisco UCS, data center security, firewalls, gateways, IPS, nexus, unified security portfolio
As part of Cisco’s Compliance team, I’ve monitored organizational breaches and attacks. If you’re like me and follow media reports and industry news, then you know that data breaches have increased in severity and frequency. Unfortunately, many organizations do not have the tools, personnel, and funding to prevent, quickly detect, and contain data breaches. The Payment Card Industry (PCI) Security Standards Council offers robust and comprehensive standards to enhance payment card data security. According to Ponemon Institute, organizations that are PCI compliant have fewer data breaches than non-compliant firms do. However, we know that PCI compliance is not enough. Even if you’ve met the stringent requirements of PCI DSS 2.0, your cardholder data may not be totally secure.
So, how can organizations maintain compliance and end-to-end security? The Compliance Solution team has gathered thought leaders in the payment card industry to offer research, guidance and best practices to help organizations overcome these challenges.
Join our webcast on April 16, 2013, with PCI experts from the Ponemon Institute, Verizon Business, and the PCI Security Standards Council to learn how Cisco can help bridge the gap between PCI compliance and security to minimize the impact of an attack. Read More »
Tags: compliance solutions, payment card industry, pci, PCI DSS 2.0, PCI security standards council
Innovation never stops in the mobile world, and that rule applies to security threats as well. Network attacks are becoming more sophisticated and even high-tech businesses with the most advanced security may find themselves in the crosshairs as we shift to more devices and anywhere access.
Just a few weeks ago, multiple leading social networking and large enterprises were hit with an attack when their employees visited a known and trusted website focused on mobile application development. Attackers used a method commonly referred to as “water-holing,” where they compromise a legitimate site commonly visited by employees of their target organizations. Using zero-day vulnerabilities and malicious code that change at a rapid rate, these attacks highlight the need to consistently enhance traditional defenses based on signatures or reputation with global and local context analysis.
This episode underscores how important security is in a more mobile, more connected world—attackers are paying attention, using these industry trends to create targeted and sophisticated attacks that can bypass traditional defenses. The Cisco 2013 Annual Security Report found that Android Malware grew 2,577 percent in 2012 alone. The Internet of Everything is taking shape and the number of online connections is soaring. According to Gartner’s Top 10 Strategic Technology Trends for 2013, 30 billion things will be connected by 2020.
Read More »
Tags: 2013 annual security report, attackers, byod, Cisco Security, Cisco Security Intelligence Operations, Internet of Everything, IoE, malware, Mike Fuhrman, mobile, mobile malware, security, sio, zero-day vulnerability
There is still time to register for the upcoming FIRST Technical Colloquium April 2-3 2013. The event has a very exciting program covering, bitsquatting, webthreats, RPZ, Passive DNS, Real-world monitoring examples, Spamhaus, SIE, Cuckoo Sandbox, Malware Analysis and many more current issues facing the incident response community.
The event’s line-up includes notables from Cisco Security Intelligence Operations (SIO), Internet Systems Consortium, Shadowserver foundation, KPN-CERT, NATO, MyCert and ING amongst others. Program details can be found here.
Read More »
Tags: CSIRT, FIRST, Gavin Reid, KPN-CERT, malware, Malware Analysis, MyCert, NATO, security, security intelligence operations, sio, TRAC
6,000 miles away from Cisco headquarters, the Cisco AnyConnect Secure Mobility Client for Android was showcased at Samsung’s SAFE™ (Samsung for Enterprise) booth at Mobile World Congress 2013. The SAFE program offers enterprise customers the peace of mind to use Samsung devices for both work and play. As noted in this year’s annual security report, Android malware grew 2577% over 2012. Under the SAFE program, Samsung has built an enterprise mobile ecosystem and partnered with key market leaders to deliver tested enterprise-ready solutions on their portfolio of smart devices. Read More »
Tags: 2013 annual security report, cisco annual security report, Cisco AnyConnect, Cisco AnyConnect Secure Mobility Client, Mobile Device Management, Mobile World Congress 2013, vpn