Cisco Blogs


Cisco Blog > Security

Defensive Security: The 95/5 Approach

Many organizations make the error of thinking that basic defensive software is sufficient to protect critical data and infrastructure. When in reality, in order for government and enterprise organizations to keep their data protected from increasingly advanced cyber threats, comprehensive defensive security approaches are critical. And even with advanced, comprehensive solutions, there are still risks.

No organization is ever going to be able to protect 100 percent of its assets 100 percent of the time, which is why I work on the 95/5 principle. No matter how many security solutions are deployed, if attackers are determined enough, they will find a hole. Humans make mistakes and without fail, attackers will take advantage of them.

With comprehensive security approaches, we can regularly block at least 95 percent of threats—but there is always going to be a margin of error—the other 5 percent. A proactive, continuous approach can help ensure the vast majority of offensive moves are rejected.

Read More »

Tags: , , ,

Security: Vital for Technology-enabled Education

More and more we are seeing the education landscape change to include more technology for collaboration and mobile learning. Colleges and universities are enabling secure networks for staff and students to access resources on-campus and off. With October being National Cybersecurity Awareness Month (NCSAM) and Educause next week, we are hearing a lot of talk about the importance of campus network security and threats. Read More »

Tags: , , , , , , , , , , ,

National Cyber Security Awareness Month

This month, we are marking the tenth anniversary of National Cyber Security Awareness Month (NCSAM). The goal is to raise awareness and educate Americans about the importance of cyber security. Agencies and organizations are holding events and driving initiatives to engage Americans in a discussion about how to establish safer practices.

NCSAM sheds light on the most pressing topics in security, including mobility, education, cyber crime and critical infrastructure.  In alignment with NCSAM’s mission, we are sharing our own cyber security best practices, advice and resources.

Read More »

Tags: , , , , ,

Despite budget constraints, spending on cyber security set to increase according to Cisco study of government IT decision makers

While the shutdown challenges in the federal government over the past week have been top-of-mind, a recent Cisco survey has discovered that when operations resume, overall budget constraints are seen as the greatest challenge to government IT infrastructure, even ranking ahead of cyber attacks. This information was gathered through a third-party survey, the Cisco Connected Government Study, which was conducted last month by Clarus Research.

400 government IT decision makers (federal, state and local) were included, and the results show that reducing costs and increasing security continue to be top priorities for government IT decision makers. In the face of budget challenges, a majority (59%) of government IT decision makers said they are still likely to increase investment in cyber security over the next year, followed by cloud computing (45%) and networking (42%), according to a new Cisco Connected Government survey.

Read More »

Tags: , , , , ,

A Weekly Dose of Cyber Security Awareness

In any given week, one doesn’t need to look very far to be reminded of the events and issues that can surface anytime, anywhere, and to anyone. Given their modes of occurrence, range of diverse levels, technical, non-technical, and globally, wouldn’t it be convenient to have a brief synopsis and analysis of the events and issues? A weekly publication from Cisco, the Cyber Risk Report, is available now to give you the awareness and insight related to these security events and issues. The Cyber Risk Report provides a lot of information that conveys thought-provoking analyses and perspective.

Why the Cyber Risk Report Matters

There are several benefits of this publication. The report provides current information on multiple topics saving you time from sifting through all of the media outlets. It can minimize your blind spots and broaden your understanding of the nature of the factors contributing to the weekly events being reported. It is not uncommon for these issues and events to surface simply because the victims have not seen them coming. The bad guys are betting on this. Is this the only source of knowledge needed? Of course not, but the Cyber Risk Report is certainly a great resource to gain insight and keep a pulse on the constantly evolving security landscape.

What the Cyber Risk Report Offers

The Cyber Risk Report contains a summary and analyses of events and issues that transpired in the week leading up to its publication. Every week a specialized team of Cisco security analysts meets to create its content based on a review of several information sources. This content is organized into categories that I have highlighted in red as shown in the snapshot below.

CRR_Sample

Figure 1: Cyber Risk Report Example

Read More »

Tags: , , , , , ,