The routine goes something like this. First a breach of security occurs somewhere in the enterprise, it could be something as small as a single computer getting infected or it could be a massive data loss. It seems like that’s a wide range of events, but often the reaction in an enterprise is the same. The IT executives have a meeting to determine fault and then the analysts and engineers are given the task of making sure that that particular incident never happens again. The analysts and engineers then reply with budget requests for new software and hardware from their favorite vendors. Unfortunately the end result is generally that money is spent and security is only moderately improved, if at all.
In the midst of reacting, everyone forgets that technology doesn’t configure itself and that the weakest link are the people. Instead of ramming in the latest and greatest in technology, we should be leading our company to review, create (if necessary) and rewrite our security policies. Without a policy, security tools are like unguided missiles that we hope hit their target. Read More »
Tags: #ciscochampion, ASA, Cisco ASA with FirePOWER Services, Cisco Security
Midsize organizations are among the earliest adopters of new technologies. In general, they conduct much of their business over the Internet and are quick to embrace new apps, online payment systems, cloud, and Bring Your Own Device (BYOD) technologies. Fast adoption of innovations helps them to compete against larger organizations by meeting customer demands more cost effectively. But these business enablers are also creating security vulnerabilities that adversaries are exploiting for financial gain.
Adversaries aren’t just targeting prized assets like customer and employee data, invoices, and intellectual property. Cybercriminals also recognize that smaller companies are a vector into the networks of larger corporations. A 2013 study conducted by PricewaterhouseCoopers on behalf of the UK Government Department for Business, Innovation and Skills found that 87 percent of small businesses had been compromised, up 10 percent from the previous year. Many small and midsize companies are now mandated by partners to improve their threat defense. Regardless of size, organizations have legal and fiduciary responsibilities to protect valuable data, intellectual property, and trade secrets.
Read More »
Tags: cisco annual security report, Cisco Security, midmarket, Midmarket Security, security, security research
Given that modern attacks are complex and sophisticated, there is not a single product or tool that will ever be 100% effective at detecting threats. Prevention eventually fails. Therefore, you need protection before, during, and after an attack.
Modern-day networks are large and complicated. It is a nightmare for incident response teams and security investigators because it often takes days and months to identify that their networks were compromised. A wide variety of tools, technologies and platforms are available, like big data platforms, machine learning algorithms, statistical techniques, threat intelligence platforms, reputation feeds etc. It is often confusing for the decision makers to identify what is needed for their environment.
Read More »
Tags: breach detection, Cisco Security, johari window, security
This week sees the IoT ( Internet of Things) World Forum (IoTWF) Research & Innovation Symposium that is showing IoT related subjects such as the current research, use cases, and customer experiences as part of the Internet of Everything. This time the symposium will focus on transportation and energy, key areas where IoT can change the life of every human being.
To complement the IoT relevance in Energy, you will have seen the press release today from Cisco highlighting the adoption of the Cisco Secure Ops Solution by Royal Dutch Shell, details of which were shared with delegates at the forum (and if not I’ve put a link at the bottom of this post).
Peter Granger “drills-down” on the new Secure Ops solution adopted by Royal Dutch Shell
We saw the collaboration between Cisco and Shell and Shell’s commitment to Cisco’s architectural approach at Cisco Live. If you haven’t read it you can here: High Energy at Cisco Live in San Francisco. At the event Alan Matula (CIO and EVP, Shell) spelled out the changing IT and OT (Operational Technologies) environment in his industry, and how Shell had seen this all coming…
“About 3 or 4 years ago we saw the internet of everything coming and we decided to set up a unique differentiated technology outfit and we put it right next to research and development and that actually pushes the technology advances as close as possible to the business outcomes that we’re trying to drive.”
You also saw (if following my blog) that Cisco announced Secure Ops here: Unveiling Cisco Collaborative Operations and Secure Ops Solutions. So now we have the customer proof point: the important piece!
So, what’s new? well a lot actually. I think the first thing is how Cisco is changing to not only work with partners as we’ve always done, but to take the lead in providing a solution directly to our customers if that’s what they want. With this solution there are a number of partners, but Cisco provides leadership so everyone knows their role and we have a more holistic approach, guided by Cisco.
Now down to the business. Shell will deploy the Cisco Secure Ops Solution at upstream, downstream and lubricant sites. The Cisco Secure Ops Solution provides remote proactive monitoring and Service-Level-Agreement -(SLA)-driven management of security, applications and infrastructure. At the IoTWF Shell shared that it has deployed the Cisco Secure Ops Solution to increase the security maturity level by improving its cyber security and risk management, while lowering costs of delivery and operations.
When you think about all the challenges that oil and gas industry companies face today, you’ll see that they operate in the world’s toughest conditions. Whether it’s traditional on-shore or off-shore or non-traditional methods (horizontal drilling and “fracking” for example), energy companies have to be aware of a variety of threats, including safety, environmental, and cyber threats, when making important decisions in real-time.
“Cisco’s solution is designed to help companies combat new and evolving cyber security threats to the energy industry, specifically in the industrial control system (ICS) domain. Working with Shell, Cisco has developed solutions that directly address security concerns for the types of sometimes harsh environments in which Shell operates.”
“Cisco Secure Ops is a turn-key solution that implements and maintains security controls, risk management and compliance for industrial control system (ICS) environments using a combination of people, process and technology. Industrial control system delivery partners, like Rockwell and Yokogawa Electric, support the solution. Additional partners will be forthcoming.”
Here’s a quote from Greg Carter of Cisco (Director/GM, Internet of Everything Services Group, Cisco) that confirms the benefits:
“Cisco Secure Ops Solution was designed to provide a robust and secure solution to quickly address potential threats that come with the increase in connected people, processes and things with IoE. I’m thrilled that Shell is already seeing the benefits from these innovations on a global scale and look forward to continued success with this solution across other verticals in the months ahead.”
If you want to learn more about the Cisco Secure Ops solution, click here. To read a copy of the Press release, click here.
Tags: Cisco, Cisco Industries, Cisco Security, ICS Security, Industrial Security, oil & gas, Royal Dutch Shell, shell
Today, we released the final Cisco IOS Software Security Advisory Bundled Publication of 2014. Six years ago, Cisco committed to disclosing IOS vulnerabilities on a predictable schedule (on the fourth Wednesday of March and September each calendar year) in direct response to your feedback. We know this timeline allows your organization to plan and help ensure resources are available to analyze, test, and remediate vulnerabilities in your environments.
Today’s edition of the Cisco IOS Software Security Advisory Bundled Publication includes six advisories that affect the following technologies:
- Resource Reservation Protocol (RSVP)
- Multicast Domain Name System (mDNS)
- Session Initiation Protocol (SIP)
- DHCP version 6 (DHCPv6)
- Network Address Translation (NAT)
Read More »
Tags: Cisco IOS software, Cisco IOS Software Checker, Cisco PSIRT, Cisco Security, psirt, security advisories, vulnerabilities