Cisco Blogs


Cisco Blog > Security

Insider Threats: Allow Employees to Conceal Network Traffic?

You can lock every window and bolt every door to keep out intruders, but it won’t be of much use if the attacker is already inside; if the attacker is an insider. Most security reports and headlines highlight stories of organizations that are attacked by an external party, but incident statistics highlight a growing number of attacks from insiders and partners. These incidents are real, and threaten your most sensitive information. How do you know when an insider is exfiltrating data from your organization? Cisco Managed Threat Defense (MTD) monitors for advanced network security intrusions using expert staff and OpenSOC, which Pablo Salazar introduced last month. Our staff has a decade of experience investigating security attacks and resolving benign anomalies. In my twelve years as an InfoSec professional, I’ve seen cases where employees conceal their activity for a variety of reasons. In one particularly interesting incident, it was discovered an employee was encrypting and obfuscating outbound traffic from his laptop over a period of several weeks, using for-purchase VPN software called Private Internet Access.

Banner image for Private Internet Access, which was used by the employee on the corporate network.

Banner image for Private Internet Access, which was used by the employee on the corporate network.

Read More »

Tags: , , , , ,

#CiscoChampion Radio S1|Ep 38. Threat Focused Firewall

October 28, 2014 at 12:56 pm PST

cisco_champions BADGE_200x200#CiscoChampion Radio is a podcast series by Cisco Champions as technologists. Today we’re talking with Cisco Product Marketing Manager Dave Stuart, about the threat focused firewall. Brian Remmel (@bremmel) moderates and Antonio Cheltenham, Jason Alert and Sven Kutzer are this week’s Cisco Champion guest hosts.

Listen to the Podcast.

Learn about the Cisco Champions Program HERE.
See a list of all #CiscoChampion Radio podcasts HERE.

Cisco SME
Dave Stuart, Cisco Product Marketing Manager

Cisco Champions
Antonio Cheltenham, @acheltenham, Systems Administrator
Jason Alert, @RoutingNinja, Senior Network Engineer
Sven Kutzer, @svenkutzer, Senior Systems Engineer

Highlights
What is a threat focused firewall
Why is it important
What is vision/migration path for those looking to move to threat focused firewall solution
Security advantages of passive discovery
Using agents (i.e. AMP Connector technologies) for robust visibility into network behavior
How threat focused firewall solution receives updates about new threats and handles malicious traffic not yet flagged Read More »

Tags: , , ,

Not If, but When: The case for Advanced Malware Protection Everywhere

A recent Bloor Research Market Update on Advanced Threat Protection reminds us of something that many security vendors have long been loath to acknowledge: traditional, point-in-time technologies, like anti-virus or sandboxes, are not entirely effective when defending against complex, sophisticated attacks.

This is due to something we have said before and we will say again: malware is “the weapon of choice” for malicious actors. We know blended threats introduce malware. Our 2014 Annual Security Report notes that every Fortune 500 company that was spoken to for the report had traffic going to websites that host malware. Bloor tells us all, once again, that attack methods are becoming more complex.

To put it plainly, when it comes to networks being breached, it is not a case of if, but when.

Read More »

Tags: , , , , , , , ,