Cisco Blogs


Cisco Blog > The Platform

Cisco Security Leadership Transition

I would like to announce that David Goeckeler is assuming leadership responsibilities for Cisco’s Security Business Group (SBG) effective immediately.  David has served as vice president of Product and Platform Engineering for the SBG for the last two years. His expertise will continue to help drive Cisco’s security momentum and ensure we are our customers’ number one security partner.

David has been with Cisco for 14 years. Most recently, he and his team have been instrumental in developing Cisco’s end-to-end security architecture, integrating market-leading products from recent acquisitions including Sourcefire into Cisco security solutions. These efforts are enabling Cisco to address customers’ needs in a way that no other vendor can match today.

David played a key role in last week’s launch of the Cisco ASA with FirePOWER Services next-generation firewall (NGFW). His efforts also directly contributed to a report issued today by NSS Labs that shows Cisco as a leader in security effectiveness in its 2014 NGFW Security Value Map (SVM).

David maintains a deep bench of security expertise including Marty Roesch, Bret Hartman, Mike Fuhrman, Scott Harrell and Marc Solomon. David has received a M.S. in Computer Science from the University of Illinois at Urbana -- Champaign, and MBAs from Columbia University and the University of California -- Berkeley.

I would also like to share with you that Christopher Young has decided to leave Cisco. We would like to thank Chris for his leadership and guiding Cisco through significant transitions. Under David’s new leadership, we look forward to continuing to provide best in class security solutions to our customers.

Tags: , , , ,

Dynamic Cyber Attacks Call for Dynamic Controls

Last month’s earthquake in Napa Valley got me thinking. In earthquake-prone areas, new construction is being built to move dynamically to withstand shocks and tremors. Innovative materials and designs sway and bend to provide better protection. But older buildings based on traditional, static design concepts can suffer devastating damage in an earthquake and its aftershocks.

It’s similar to the journey we’re on in the security industry, which is scaling to better address the harsh realities we face as defenders. At Cisco, we track this journey through a scale of controls we refer to as  the Security Operations Maturity Model, which moves from static to human intervention to semi-automatic to dynamic and, ultimately, predictive controls. I will talk more about this scale in the coming weeks, but for now, let’s focus on the need for most organizations to shift to dynamic controls.

We all know that the security landscape is constantly evolving and attackers are innovating in lockstep with rapid changes in technology. In fact, as I talk with security professionals daily about the challenges they face, a few consistent points come up:

  • As new business models are built on innovations in mobility, cloud, the Internet of Things (IoT) and Everything (IoE), security solutions and processes must become more dynamic and more scalable to keep up with the change;
  • Further, as hacking has matured and become industrialized, the security models used to defend need to mature as well; and
  • Finally, there’s too much complexity, fragmentation, and cost in legacy security deployments.

A recent malicious advertising attack called “Kyle and Stan”, discovered by our Talos Security Intelligence and Research Group, demonstrates the challenges defenders are up against -- read their full post here. Posing as legitimate advertisers, cybercriminals contact the major advertisement networks to try to get them to display an ad with a malicious payload packed inside of legitimate software – spyware, adware, and browser hijacks, for example. They target popular websites and instruct the companies to run the ad for just a few minutes, leaving little or no time for the ad content to be inspected. In this case, malvertising victims were faced with an often-unprompted download of what appeared to be legitimate software with a hidden malicious payload. The malware droppers employ a range of clever techniques to continuously mutate in order to avoid detection by traditional, point-in-time systems.

Read More »

Tags: , , , , , , , ,

Securing What’s At Stake with the Internet of Things

The Internet of Things (IoT) has made a profound impact on our lives.  However, it also means that more personal information and business data will be passed back and forth in the cloud, and with that comes new security risks, new attack surfaces, and new kinds of attacks. And with an unprecedented number of companies staking the future of their businesses on the pervasive connectedness that the IoT world promises, business leaders need to empower their technical teams to create secure IoT networks.

Most organizations deploy disparate technologies and processes to protect key elements of their businesses, including the information technology (IT) that is typically focused on information protection and operational technology (OT) charged with managing control networks that support critical infrastructure, as well as physical spaces.  I recently encountered a company that implements more than 80 security products for different tasks.  Many of these systems don’t work together, which in turn limits the level of security this company can achieve.

In an IoT environment, we need to accommodate the priorities of both IT and OT networks, balance physical safety and security requirements, and also begin to implement cybersecurity solutions to equally protect all networks from attack.  Solutions must be put into place to protect the device, control levels of the network, and the data contained and shared. We need to shift our mindset from considering each object in isolation, to looking at the whole. Attackers are taking a holistic view of the IoT and defenders must do the same.

Read More »

Tags: , , ,

#CiscoChampion Radio S1|Ep10 Cyber Security

April 29, 2014 at 4:37 pm PST

#CiscoChampion Radio is a podcast series by Cisco Champions as technologists, hosted by Cisco’s Amy Lewis (@CommsNinja). This week Chris Young, SVP Security Business Group Cisco, and Bill Carter, Senior Network Engineer and Cisco Champion, talk about Intelligent Cyber Security for the real world.

Listen to the Podcastcisco_champions BADGE_200x200

Cisco Subject Matter Expert: Chris Young, SVP Security Business Group Cisco (@YoungDChris)
Cisco Champion: Bill Carter, Senior Network Engineer (@billyc5022)

Highlights:
How Cisco deals with fragmentation in Security market
Attack-driven model for Security, before, during and after
How Sourcefire acquisition fits in with Cisco Security
Open Source Security around Snort Community Read More »

Tags: , , , ,

Cisco Partner Summit Day 2: The Pace of Change

March 26, 2014 at 8:15 pm PST

With day one of Cisco Partner Summit covering the Cisco Partner Ecosystem, day two opened with the Magnetic Poets and a performance that included the entire audience. Partners were able to open day two of the event by performing with the band, via their own mobile devices.

Bruce Klein, Cisco SVP of Worldwide Partner Organization, then took the stage and talked about the continuing level of excitement this week. He kept things brief, since he wanted partners prepared for a different format for the General Session on day two this year. This morning’s session featured five Cisco executives speaking for 15 minutes each, focusing on the subject to be covered in an afternoon business transformation sessions.

We were able to catch up with partners to hear their perspectives on the 15 minute talks from today’s General Session. Here’s what they had to say:

Read on for a full recap of day two of Cisco Partner Summit. Read More »

Tags: , , , , , , , , ,