For the last couple of years, Cisco Security Intelligence Operations has released a series of blog posts for National Cybersecurity Awareness Month. The theme for this month from the National Cyber Security Alliance is “Our Shared Responsibility.” The Department of Homeland Security is running a series on this theme, as are many other private organizations.
Our action and inaction have consequences for systems and services used by us, our friends, and our places of employment. Attackers use accounts compromised due to poor passwords and lack of two-factor authentication to launch other attacks on users connected to those accounts. End-user systems infected with malicious software are leveraged to conduct distributed denial of service attacks against financial and government websites. Users who fall victim to spear phishing attacks open the door for attackers to leap frog their way through sensitive networks and collect proprietary information from our places of employment.
In June, I attended the Gartner Security Summit in Washington, D.C. where I was asked by quite a few security executives, “My network folks just bought ISE, but what is ISE and what type of security does it provide?” Fast forward to July, and I wish I had this SANS review on ISE to offer a month earlier. (SANS, as many security professionals know, is a highly regarded organization on IT security and cyber security.) Read More »
Today’s threat landscape is more dynamic than ever before. Rapid changes in the world around us, driven by cloud, mobility and the Internet of Everything, are considerably affecting traditional security approaches. The notion of the “perimeter” no longer exists and threats are able to circumvent traditional, disparate security products.
The marketplace needs a pervasive, continuous security architecture that addresses each phase of the attack lifecycle. Today, we are excited to announce the acquisition of Sourcefire (NASDAQ: FIRE), which directly supports Cisco’s strategy to constantly defend, discover and remediate threats – with the ultimate goal of covering our customers before, during and after an attack.
Sourcefire, based in Columbia, MD, is a leader in intelligent cybersecurity solutions. Sourcefire delivers effective, highly automated security through continuous threat research, detection and protection across its portfolio of next-generation intrusion prevention systems (IPS), next-generation firewall, and advanced malware protection solutions.
Sourcefire couples its technology with automated, real-time visibility across the extended network that includes virtual, mobile and endpoints. These solutions work not only at a point-in-time, but also provide continuous threat protection and retrospective remediation across the network.
Having led security innovation for more than 12 years, Sourcefire has assembled a world-class team with deep security DNA that will help drive Cisco’s execution of its security strategy. Sourcefire was founded by Marty Roesch, who pioneered their success through open source, creating a community of security technologists working together to build an industry leading intrusion prevention system. Sourcefire also is home to the Vulnerability Research Team, a group of elite security experts who work around the clock to proactively discover, assess, and respond to the latest trends in hacking activities, intrusion attempts, malware and vulnerabilities.
Sourcefire’s open source model is expected to strengthen and accelerate Cisco’s ability to build a strong ecosystem of security partners who can bring real time threat intelligence and innovations to customers through integration with our technologies and platforms.
Security is a critical component to Cisco’s overall strategy to be the No. 1 IT company. Earlier this year, we acquired Cognitive Security, a security software company that applies artificial intelligence techniques to detect advanced cyber threats. Cognitive Security and Sourcefire are expected to help Cisco achieve our goal as we offer more best-in-class security services; more intelligence sources for continuous protection; and an open platform to enable a threat-aware network.
We believe that Cisco and Sourcefire customers will benefit from the combination of world-class products and technologies to provide continuous and pervasive advanced threat protection across the entire attack continuum and from any device to any cloud.
I am delighted to welcome the entire Sourcefire team to the Cisco family, and look forward to a prosperous future together.
In closing, I would simply like to remind you that this blog contains forward-looking statements which are subject to risks and uncertainties, including the risk factors discussed in Cisco’s most recent reports on Form 10-K and Form 10-Q filed with the SEC on September 12, 2012 and May 21, 2013, respectively, and in the press release announcing this transaction. Such risks could cause actual results to differ from those contained in the forward-looking statements. For further information, please consult such Form 10-K, Form 10-Q, and Cisco’s Form 8-K covering such press release, each available free of charge at the SEC’s website at www.sec.gov or by going to Cisco’s Investor Relations website at http://www.cisco.com/go/investors.
Cisco published earlier this week the 2013 Cisco Global IT Impact Survey, exploring the relationship between IT and the business goals of the companies they support. Among other things, 42 percent of those interviewed responded that they know about the Internet of Things, “as well as I know Einstein’s Theory of Relativity.” In other words, beyond a passing knowledge of e=mc2, the relevance of the Internet of Things to IT is about as illuminated as a black hole.
Does that really matter at this point? you might ask. Isn’t the Internet of Things about Nike FuelBands and talking toasters? In fact, a lot of what we call “industrial automation” or “safety and security” is the leading edge of the Internet of Things. It’s already here today, called into the service of greater efficiency, productivity, and safety. This is “operational technology” instead of “information technology”: in other words, technology that directly monitors or controls physical objects and processes, such as assembly lines on a factory floor.
This has enormous implications for IT:
1. Security threats go from the merely cyber to the cyber-physical. Gartner summed it up nicely in the WSJ last week. And let’s not even talk about Shodan.
2. Beyond BYOD. The consumerization of personal electronic devices transformed the enterprise networking landscape. IT adapted to the new security threats posed, figured out how to associate multiple devices to a single user, etc. Now imagine “bring your own programmable logic controller.”
3. Redefining networking scalability and data management. And we thought video was a huge driver of traffic on the network. SAP and Harris Interactive recently estimated that 4 billion terabytes of data will be generated this year alone. (For some idea of the scale, take a single IoT use case — smart meters. Jack Danahy estimated 400MB of data per year. Not much, you say? Multiply that by, say, 1 million households, and you get 400 terabytes already. For a single use case. In one city.)
IT has much to offer, and should. As proprietary connectivity networks converge onto TCP/IP, IT can bring its expertise in securing IP-based networks. With experience in deploying cloud services, IT can bring in network management best practices. And with expertise in software-defined networking, IT can help re-architect networks to support immense scale, real-time requirements, analytics at the edge, and more.
From the outside-in, the Internet of Things may seem like a fast-moving train that’s zooming by too fast to board. But if you’re in IT, get on board: you’ll experience relativity and relevance.
The concept of crowd sourcing cyber intelligence may sound like an unstructured process, but there’s more to it than that. First, you need to remember that all crowds consist of collections of individuals contributing to the community knowledge base. Second, someone has to take responsibility for gathering data from the crowd, analyzing it, and refining it into actionable information that crowd members can apply to their unique situations.
One of the main reasons I’m excited about my job is that I work for an organization with unique qualifications to lead the movement to collective, crowd-sourced cyber security. Cisco has customers all over the globe that have agreed to share threat intelligence data with us for analysis and redistribution back to the community. This process evolved as a byproduct of our main line network products, solutions, and services business. It also hasn’t escaped our notice that these efforts not only deliver huge benefits to our current customers, but also carry with them a truly compelling business value proposition. I really shouldn’t say more, but do it any way in a video blog post you can access here.