Cisco Blogs


Cisco Blog > Security

For Value Chain Security Collaboration, Use a Carrot With Your Stick

The Digital Economy is transforming the way that organizations operate. Deploying a secure, trustworthy infrastructure is no longer enough. Security must be designed into all facets of an enterprise’s network and its third party ecosystem. At the same time, enterprises of all sizes must shrink the attack surface. And, foster an open, security-aware culture, internally and throughout their value chain.

Given Cisco’s commitment to being trustworthy, transparent and accountable, I have been thinking quite a bit lately about the importance of collaboration.

Partnering for improved security

Ensuring that your value chain embraces security wholeheartedly requires a commitment to collaboration. Embracing that commitment can enhance and accelerate security innovation. A true partnership that focuses on security can also create opportunities for previously unexplored operational excellence. Read More »

Tags: , ,

Holiday Shopping Threat Avoidance

The holidays are upon us and the shopping season is kicking into high gear. This year, an estimated 270 million consumers will shop online and, for the first time, more than half of them will use mobile devices to check off their holiday shopping lists.

With consumers searching for holiday discounts through display ads, social media and email, Cisco Talos Security Intelligence and Research Group predict that both malvertising and email spam will be significant vectors for cyber crime this season — especially for mobile shoppers. This is worrisome for the simple reason that most mobile devices do not posses the ability to block many of these threats, leading to increased vulnerabilities as attackers seek profit gain during the busiest time for online commerce.

Through their research, Talos found that Android users are particularly vulnerable. Of the all Apple and Android OS blocks observed on the Cisco’s Cloud Web Security (CWS) platform, the Talos team found that nearly 95% were Android-related. At the heart of the problem, many users are running significantly older versions of the Android OS, which lack the security updates for today’s most persistent threats. This holiday season, we advise that our mobile shoppers exercise additional caution.

Keep reading for more on our findings and recommendations.

How OpenDNS Predicts Attacks When Hacker Infrastructure Is Cheap and Plenty

On Thursday OpenDNS announced two new data science models that detect clues to an attack, and then find the attacker’s entire infrastructure. The first model titled Spike Rank (SPRank) detects spikes in network traffic using mathematical concepts that are often found in sound wave analysis, the same methods music services like Shazam and Pandora use for analyzing song patterns. The spikes SPRank finds, which indicate an attack or use of an exploit kit, then serve as fingerprints or clues for further detective work, often starting by finding a single IP address or domain currently exhibiting suspicious behavior.

odns1

A visual example of network traffic spikes or “sound waves” that SPRank can detect.

Read More »

Introducing the Cisco Technology Verification Service

Building Trust and Transparency One Step at a Time

Like all successful companies, we listen to our customers and strive to exceed their expectations. Our customers expect us to be trustworthy, transparent and accountable. As a company, there are many ways we are doing just that.

We started this journey more than 10 years ago when, based on customer feedback, we centralized our approach to driving security and trust—not only into our products, but into the very fabric of how we do business. And, we’ve continued to build on these efforts to earn your trust one step at a time. The momentum we’re gaining this year is clear.

In April 2015, we launched the Cisco Trust and Transparency Center, which includes our Transparency Report on Government Requests for Customer Data, articulates our Trust Principles, and provides information about our Trustworthy Systems and processes.

Read More »

Tags: , , , , , ,

An introduction to the new Cisco Network Visibility Flow Protocol (nvzFlow)

As recently announced, Cisco AnyConnect 4.2 extends visibility to the endpoint with the Network Visibility Module (NVM).  Users are one of the most vulnerable parts of any security strategy, with 78% of organizations saying in a recent survey that a malicious or negligent employee had been the cause of a breach.  However, until now, IT Administrators had been blind to user behavior on their devices.  NVM allows you to monitor and analyze this rich data to help you defend against potential security threats like data exfiltration and shadow IT, as well as address network operations challenges like application capacity planning and troubleshooting.

AnyConnect NVM supports the Cisco Network Visibility Flow protocol or nvzFlow for short
(pronounced: en-vizzy-flow).  The protocol is designed to provide greater network visibility of endpoints in a lightweight manner by extending standard IPFIX with a small set of high-value endpoint context data.  Leading IPFIX vendors have begun implementing the new protocol to provide customers with an unprecedented level of visibility.

Read More »

Tags: , , , , , , , , , , , ,