We all know that the virtualization and cloud megatrend is a game changer for data centers, leading to profound shifts in everything from IT services and business models to architectures. Business benefits include reduced capital investments, new revenue growth opportunities, and the greater efficiency, agility and scalability demanded by globalization.
Enterprises have held back from making the transition to virtual and cloud environments primarily because of the inherent security risks and concerns.
Targeted attacks and security breaches are getting more sophisticated. The Verizon Security Threat Report for 2011 showed that 3.8 million records were stolen in 2010, and 94% of this data came from servers (an increase of 18%).
As security concerns are the primary barrier to making this transition from virtualized data center to cloud, we must rethink how security fits in to these new architectures and develop new security tools to ensure the secure transfer of information.
For enterprises to confidently seize the business benefits offered by data center virtualization and the cloud, security must be seen as the art of the possible, not as a hindrance.
Watch below as I explore the challenges and leading practices for securing virtualized environments today, and into the future.
Please join me also for a special webcast ”Defending the Data Center “ today at 10:00 am PDT /1:00 pm EDT /17:00 GMT -- To watch register here
Security events, such as vulnerabilities and threats, that are detected globally continue to grow and evolve in scale, impact, diversity, and complexity. Compounded with this is the other side of the coin, the unreported or undetected events waiting in the wings, hovering below the radar in a stealthy state. With all of the security technologies at our disposal, are they sufficient enough to provide effective protection? Well, it is certainly a good start when applied correctly. At a summary level, Cisco’s Security Intelligence Operations (SIO) approach to this challenge was covered in the Network World feature article, “Inside Cisco Security Intelligence Operations.” However, one of the core human elements, which I will introduce, that deserves closer attention is the role of security analyst. In addition, this article provides those of you with career interests some additional insight into working in the IT security field.
During my 25-year career, I’ve been fortunate to work closely with some of the best and brightest, supporting government and enterprise customers around the world regardless of where I worked. These experiences have enabled me to meet with statesmen and CEOs, into open and closed-door meetings on “the Hill” and abroad, to serve as a member of the CSIS Commission on Cybersecurity, and participate on numerous think tanks, boards of directors, and advisory boards. I’ve worked and learned from leaders in private industry and global governments, the defense and intelligence communities, and I’ve always gotten after it with the goal of making a difference and producing positive results.
When Brad Boston asked for me to succeed him in leading the Cisco Global Government Solutions Group (GGSG) in addition to my role overseeing the Corporate Security Programs Organization (CSPO), I was humbled, honored, and excited. GGSG/CSPO is a great organization. Fortunately for Cisco, our customers, and me, Brad will remain nearby, focusing on our go-forward strategy for Satellite Solutions. This expanded role certainly ups the ante for me, yet it is not an altogether new one. As a member of GGSG senior staff since it was formed, and in my role leading Corporate Security during the past ten years, I’ve watched the organization grow and thrive.
In taking the helm, I will build on this team’s outstanding achievements in meeting the unique requirements of governments around the world. We’ll continue to address the challenges faced by global government agencies, defense and intelligence communities, and work to advise our public sector customers on the leading practices and technology solutions that can achieve and enhance their mission goals. In my ongoing role as Chief Security Officer, I’ll continue to oversee and work with my leadership team to drive initiatives focused on Information Security, Product Security and Government Security, with focus on crypto, advanced government services, and cybersecurity—in support of our customers.
My expanded leadership team and I recognize what a critical role we play for our global government customers. To all of you, rest assured, we will continue to strive to become your most-trustworthy vendor and a true partner—one that works hard to help enable your mission success, delivers on our commitments, and gives only our best.
In an effort to reduce costs and improve operational efficiency, organizations of all sizes have begun compressing their firewall and other security services into smaller form factors and fewer physical units. Many small and midsized companies have opted for UTMs to run all of their security on a single box. Unfortunately, UTMs have failed to deliver on their promise to deliver true multi-service security. Most UTMs do one or two things really well, but add all the other services as “checkbox” items just to say they have it. Read More »
The New York Times’ Nicole Perlroth filed an alarming account of government and corporate network vulnerabilities that comes across like a briefing dossier read by James Bond aboard a Heathrow-Beijing flight. But it does the good work of putting a critical technology issue before a broad audience.
“Traveling Light in a Time of Digital Thievery” (NYT, Feb. 10) details extraordinary counter-espionage precautions taken in China by prudent travelers and their organizations. Many now leave their usual notebooks, smartphones and tablets safe at home. Some say a device taken into China is never again permitted to touch their corporate network.