Cisco Blogs


Cisco Blog > Security

Standing Up to Threats: The Cisco 2013 Annual Security Report & Security Intelligence Operations [Infographic]

Are you thinking about the evolving threat landscape? You should be. Each day, new vulnerabilities are found and new exploits are crafted. Attackers are becoming increasingly sophisticated, while industry trends such as cloud computing and mobility are rapidly expanding the attack surfaces. Your mobile device could act like a Trojan horse, passing right through your network perimeter. Or your compromised server could spread an infection to your most sensitive assets.

This is the first in a series of blog posts that focuses on how Cisco stays ahead of the latest security threats. Of course, to stay on top of something as fast changing and widespread as security threats, you need to understand them in great detail.

And that’s what the Cisco 2013 Annual Security Report (ASR) and Cisco Security Intelligence Operations (SIO) offer. Read More »

Tags: , , , , , ,

Network Threats Are Hitching a Ride in Mobile Environments

Innovation never stops in the mobile world, and that rule applies to security threats as well. Network attacks are becoming more sophisticated and even high-tech businesses with the most advanced security may find themselves in the crosshairs as we shift to more devices and anywhere access.

Just a few weeks ago, multiple leading social networking and large enterprises were hit with an attack when their employees visited a known and trusted website focused on mobile application development. Attackers used a method commonly referred to as “water-holing,” where they compromise a legitimate site commonly visited by employees of their target organizations. Using zero-day vulnerabilities and malicious code that change at a rapid rate, these attacks highlight the need to consistently enhance traditional defenses based on signatures or reputation with global and local context analysis.

This episode underscores how important security is in a more mobile, more connected world—attackers are paying attention, using these industry trends to create targeted and sophisticated attacks that can bypass traditional defenses. The Cisco 2013 Annual Security Report found that Android Malware grew 2,577 percent in 2012 alone. The Internet of Everything is taking shape and the number of online connections is soaring. According to Gartner’s Top 10 Strategic Technology Trends for 2013, 30 billion things will be connected by 2020.

Read More »

Tags: , , , , , , , , , , , , ,

Cisco AnyConnect + SAFE™

6,000 miles away from Cisco headquarters, the Cisco AnyConnect Secure Mobility Client for Android was showcased at Samsung’s SAFE™ (Samsung for Enterprise) booth at Mobile World Congress 2013. The SAFE program offers enterprise customers the peace of mind to use Samsung devices for both work and play. As noted in this year’s annual security report, Android malware grew 2577% over 2012. Under the SAFE program, Samsung has built an enterprise mobile ecosystem and partnered with key market leaders to deliver tested enterprise-ready solutions on their portfolio of smart devices. Read More »

Tags: , , , , , ,

Consider Mobile Work Patterns and Security Impact

February 28, 2013 at 9:37 am PST

Mobility and application access capabilities have encouraged many of today’s work patterns. Some work behaviors were recently noted in a Cisco-commissioned research report on mobility and BYOD comparing IT and end user viewpoints. Striking about the findings is that day-to-day business activities were relatively balanced on wired and wireless connections—so while mobility is here and growing, usage is no more than wired. Core to the findings were end users’ view that mobile devices are 37% less effective than their corporate laptop for conducting business activities. From an IT perspective, managing devices and multiple policies in a wired and wireless environment was a key challenge. Mobile device usage behaviors surveyed suggested a personal and social flair. The predominant applications used on mobile devices are not specific business applications (22%) but collaborative applications (56%). The report also indicates that mobile devices are used for personal use more frequently than IT estimates.  Read More »

Tags: , , , ,

Missing the Mark on Cloud-based Intelligence

This week, Juniper Networks announced a new cloud-based threat intelligence service focused on fingerprinting attackers’ individual devices. We’d like to officially welcome Juniper to the cloud-based security intelligence market—a space where Cisco has a proven track record of leadership through Security Intelligence Operations (SIO). Imitation is indeed the sincerest form of flattery, but in Juniper’s case, they entered the market years late and with limited visibility.

Let’s take a closer look at Juniper’s latest offering.

To start, here is what we know for certain: cyber threats take advantage of multiple attack vectors, striking quickly or lurking for days, months and even years inside your network. Not only this, but the Cisco 2013 Annual Security Report showcases how the web is an equal opportunity infector, with cyber threats crossing national, geographic and organizational boundaries as quickly and easily as users can click on a link. Security solutions must understand the attacks and infrastructure they are launched from, with tracking individual hackers doing far less for your defenses than blocking malicious activity being actively distributed over the network.

The Problem of Visibility

When a detective walks onto a crime scene, they don’t just focus on one thing. The only way to understand an event is to look at the entire scene: interview witnesses, check the neighborhood and look into the history of everyone involved; in other words, context—or the “who, what, where and how” information using every available piece of data.

Just as a skilled investigator builds a holistic picture, security solutions are only as reliable as the intelligence they receive, with Juniper’s being limited by the number of “honeypots” across their customer base. In network security, focusing on a single piece of information, a single attack vector, or one delivery mechanism misses the global visibility and context needed to stop advanced attacks. Cisco SIO powers our security solutions, receiving over 100 terabytes of network intelligence across 1.6 million deployed web, email, firewall and IPS devices. We correlate this data from physical, virtual and cloud-based solutions with a world-class threat research team, augmenting all of this with an ecosystem of third-party contributors. Fingerprinting is one small tool you should deploy in your arsenal, even though it has limited utility and perhaps even limited accuracy.

Read More »

Tags: , , , , , , , , , , ,