This week, Juniper Networks announced a new cloud-based threat intelligence service focused on fingerprinting attackers’ individual devices. We’d like to officially welcome Juniper to the cloud-based security intelligence market—a space where Cisco has a proven track record of leadership through Security Intelligence Operations (SIO). Imitation is indeed the sincerest form of flattery, but in Juniper’s case, they entered the market years late and with limited visibility.

Let’s take a closer look at Juniper’s latest offering.

To start, here is what we know for certain: cyber threats take advantage of multiple attack vectors, striking quickly or lurking for days, months and even years inside your network. Not only this, but the Cisco 2013 Annual Security Report showcases how the web is an equal opportunity infector, with cyber threats crossing national, geographic and organizational boundaries as quickly and easily as users can click on a link. Security solutions must understand the attacks and infrastructure they are launched from, with tracking individual hackers doing far less for your defenses than blocking malicious activity being actively distributed over the network.

The Problem of Visibility

When a detective walks onto a crime scene, they don’t just focus on one thing. The only way to understand an event is to look at the entire scene: interview witnesses, check the neighborhood and look into the history of everyone involved; in other words, context—or the “who, what, where and how” information using every available piece of data.

Just as a skilled investigator builds a holistic picture, security solutions are only as reliable as the intelligence they receive, with Juniper’s being limited by the number of “honeypots” across their customer base. In network security, focusing on a single piece of information, a single attack vector, or one delivery mechanism misses the global visibility and context needed to stop advanced attacks. Cisco SIO powers our security solutions, receiving over 100 terabytes of network intelligence across 1.6 million deployed web, email, firewall and IPS devices. We correlate this data from physical, virtual and cloud-based solutions with a world-class threat research team, augmenting all of this with an ecosystem of third-party contributors. Fingerprinting is one small tool you should deploy in your arsenal, even though it has limited utility and perhaps even limited accuracy.

Read More »

Tags: attackers, attacks, cloud-based threat intelligence, cyber, cyber threats, malware, security intelligence, security intelligence operations, sio, targeted attacks, threat intelligence

I attended MobileCon 2012, the newly branded CTIA enterprise and application event, earlier this month. I noticed the common theme this year was MDM-BYOD-Cybersecurity. Given the recent McKinsey report that indicated 77 percent of CIOs today state that they will allow some form of consumerization in the coming few years, IT professionals are challenged to increase flexibility without compromising security

Throughout the event, I heard many BYOD case studies with a huge interest/following in data and metrics. On this theme, I thought our own Cisco BYOD case study that we have been sharing with our customers would be of interest to this community.

Note, I will provide updated numbers soon as my peers continue to seek out the latest and greatest mobile devices here in the center of Silicon Valley.

For Cybersecurity, I’d like to follow up on John Stewart’s thoughts from yesterday. October is National Cybersecurity Awareness Month, and the joint-task theme between public and private industries resonated across the show. On this note, Cisco is one of the contributors in CTIA’s recently released Cybersecurity Whitepaper.

In my next few blogs, I want to share interesting facts I’m calling, “Did U Know Data for Mobile Security.” The first fact comes from Osterman Research, Inc. for Azaleos.

“The leading factor (34%) cited for deploying an MDM solution was the potential for loss of intellectual property.”

Tags: bring your own device, byod, cyber, cybersecurity, MDM, Mobile Device Management, mobile devices, mobilecon, STIA