A couple of days ago, I participated in a Social Video Broadcast about cyber security survival tips for the holiday season. Some of my advice is familiar. Use stronger passwords, apply the “smell test” to too-good-to-be-true on-line offers, read the manual—especially the parts about account set up and security—when turning on a new device. Others are a little less well known. I keep a separate credit card account with a low spending limit for on-line purchases. Ask your Sys Admins if it is OK to connect a new “BYOD” device to an enterprise network when you return to work in January.
But the most important advice I offer is to slow down and think before doing anything that might subject you to cyber mayhem. Technology, and the Internet in particular, has programmed us to rush through life. But the best way to make it into to the Cyber Security Victims Hall of Regret is to lose your sense of situational awareness by clicking on anything that moves. This needn’t lead to paralyzing indecision. But taking a moment to ask: “Is this for real? Is this wise? Why does that look funny?” will spare you from a lot of harm in the holiday season.
The infamous Maginot Line was a defensive countermeasure developed by the French Army to protect the Franco-German border. It was an enormous structure and while referred to as a line, it was extremely deep and varying in depth between 12 to 16 miles. The defensive structure was completed in 1939 at the estimated cost of 3 billion French Francs or today’s equivalent of nearly 50 trillion Euros.
While the Maginot Line successfully prevented a direct attack, the travesty of this investment and strategy was that German Army simply flanked the line through the Ardennes Forest via the Low Countries.
This analogy is the basis for our upcoming National Town Hall on Cyber Security Broadcast on October 25, 2012 at 2PM ET/11AM PT. Companies and Federal, State and Local Governments have invested significant funds in creating perimeter defenses to defend their information systems from Internet born threats; yet these threats are continuing to bypass these defenses at an alarming rate and wreak havoc once inside. In collaboration with the 1105 Media, Cisco has assembled a panel of cyber security thought leaders and experts to discuss this growing trend. Thought leaders from Forrester Research, The SANS Institute, The Multi-State Information Sharing and Analysis Center, Patent and Trade Mark Office and Cisco will provide their thoughts and experiences with regards to this topic.
If you’re interested in tuning into this broadcast please register at the following link:
I have a thing for metaphors. I wrote my dissertation on them. And they have helped me enormously as a non-engineer working in IT security.
Metaphors are powerful tools (that’s a metaphor, by the way). Literally referring to something as something else enables us to make mental connections between concepts that are not really the same. War and weapons have proven historically useful metaphors. In wartime, everything changes. We look at the situation, our opponents, and even ourselves very differently (I like the image of a noble warrior on the battlefield more than that of a guy who spends most of his day sitting and typing…)
But metaphors also cause trouble, especially when we use them to over-simplify. I am skeptical of “security as war” metaphors, including that of the arms race. The metaphor detracts from the very real threats of cyber- and information warfare. War doesn’t define security any more than war defines firearms. Unless we are specifically talking about threats from nation states (and a few other actors) using information technology as part of armed conflict, we are not talking about war. And this is not what we are usually talking about in information security.
Today, the word “cyberspace” is used in many contexts, but it is not always clear what exactly that term describes and what it means. In this post we will compare the definitions of cyberspace from several sources with the purpose of establishing a range of notions as to what cyberspace is and to derive its ontology. Sources are relevant entities like national or regional government, standardization bodies, and dictionary.
The reason why the term “cyberspace” is chosen is that all other terms (e.g., cyber security, cybercrime, cyberwar, cyberterrorism, etc.) are based on, or derived from, cyberspace itself. Therefore, cyber security is security of cyberspace. Cybercrime is crime committed within cyberspace or where elements from/of cyberspace are used as a vehicle to commit a crime, and so on for other derived terms.
Protecting data, resources, and assets, including audio-video (A/V) content and communications no matter where it resides or travels on Cisco-powered networks can be a daunting undertaking to say the least. People ultimately are responsible for making this happen. With this thought in mind, here are a few questions that frequently challenge someone with this type of responsibility:
How can one ensure that the confidentiality, integrity, and availability of the core network keeps pace with the introduction of new technologies, while managing the continuous stream of disclosures on existing product vulnerabilities and emerging threats?
What preemptive or corrective actions can one take to mitigate or remediate known or potential weaknesses in your network operations?
What trusted informational resources are available that we can apply in the design, operation and optimization of a secure network, and where can this information be found?
This article provides personal insight into a specialized role residing within Cisco’s Applied Intelligence team, a team which was highlighted in the Network World feature article (page 3), “Inside Cisco Security Intelligence Operations.” The role is that of the Security Intelligence Engineer (SIE), a role which focuses on researching and producing actionable intelligence, vulnerability analysis, and threat validation that typically leads to providing answers and solutions to the challenges posed by these questions.