Cisco Blogs


Cisco Blog > Security

Mission to Helsinki

I grew up in Northern New York State, so a trip to Helsinki in the middle of February held no fears for me. Interesting things are going on in Finland from a cybersecurity point of view, so I jumped at the chance to speak to the Security Day conference in Finland’s capital city. The conference appearance was actually one stop on an itinerary that took me to three countries, two press conferences, and four customer visits…in five days.

In some ways, it’s a tribute to globalization that audiences all over world share the same concerns about cybersecurity. Mobility, identity, explosive growth of an Internet of Things, and an increasingly malicious threat environment are as much on the minds of the people I met in Finland as they are in every part of the world I have traveled. I also found it notable that the Security Day conference celebrated its 12th anniversary this year with the largest number of attendees in its history. My talk centered on three kinds of methods that can make it harder for cybersecurity adversaries to succeed. First, I recommend doing the basics—patching, asset inventories, identity management, visibility into device and user behavior—and doing them well. Here it is particularly important to eliminate any dark space in an infrastructure. It’s the assets and users that you don’t know about that will oftentimes create our largest risks.

Second, the security community has been innovating some delightful ways to lead adversaries on merry, frustrating chases. Virtualization, honey pots, software-defined network configuration changes, and systems set up to act as mineshaft canaries, can be used to bring frustration and confusion to the working lives of adversaries.

Third, I shared my thoughts on developing new kinds of metrics designed to reflect changing definitions of security effectiveness. These include heightened ability to measure…

Adversarial Dwell Time—Time required to detect an adversary entering a system.
Compromise Speed—Time required for an adversary to perform their mission.
Unmitigated Attack Duration—Time an attack operates before stopping it.
Adversarial Confusion Ratio 1—Ratio of time an adversary appears confused to the total time of an attack.
Adversarial Confusion Ratio 2—Number of incorrect adversary decisions to the number of correct decisions.
Cost Effectiveness Ratios—Cost of protecting an infrastructure and/or service to cost of losses, and cost of protecting an infrastructure to cost of restoring a service.

These proposed metrics probably justify a free-standing blog post in their own right, so stay tuned for that.

In summing up, I described the above methods as steps along the path of building a condition of information superiority over security adversaries. This means knowing more about the infrastructure, services, and users you protect than your adversaries as a precondition for the ability to act effectively.

There’s a lot more that can be said about this, and the more I talk to customers and security practitioners, the more I’m learning and processing to take these concepts further. That alone is one of the factors that makes cybersecurity so fascinating. There’s something new to learn and think about every day.

Tags: , , , , ,

Summary: Announcing The Cisco IoT Security Grand Challenge

Despite its overwhelming business benefits, the Internet of Things (IoT) also significantly increases security risks.  That’s why Cisco is pleased to announce the IoT Security Grand Challenge, an industry-wide initiative to bring the global security community together to secure the IoT, and deliver intelligent cybersecurity for the real world – before, during, and after an attack. Winners will be awarded $50,000 in prize money and be publicly announced at the IoT World Forum this Fall!

Read the full Fame and Fortune Awaits: The Cisco IoT Security Grand Challenge blog post to learn more.

Tags: , , , , , , ,

Fame and Fortune Awaits: The Cisco IoT Security Grand Challenge

Despite its overwhelming business benefits, the Internet of Things (IoT) also significantly increases security risks, via a dramatic increase in attack surface and diversity of potential threats.  And since IoT is a significant component of the larger Internet of Everything (IoE) market transition that combines connected devices with people, process, and data, it’s even more imperative that we ensure that the things we connect are secure. To achieve this goal, the security community needs to work together to develop innovative security measures.

That’s why Cisco is pleased to announce the IoT Security Grand Challenge, an industry-wide initiative to bring the global security community together to secure the IoT, and deliver intelligent cybersecurity for the real world – before, during, and after an attack. Companies and individuals are invited to develop solutions for one of three focus areas – Malware Defense, Security Credential Management, and Privacy Protection. Cisco will select up to six winners, each of whom will be awarded $50,000 USD. The winners will be announced at the IoT World Forum this Fall.

Interested in participating? Visit www.CiscoSecurityGrandChallenge.com for full details about the challenge and begin preparing a response. Submissions are due June 17th, so get started right away. Good luck!

Tags: , , , , , , ,

Highlights from RSA 2014

IMG_1155This week I had the opportunity to attend the RSA Conference in San Francisco.

The theme for the conference this year was “Share. Learn. Secure” with a focus on recent breaches, surveillance programs and DDoS attacks with:

  • Hundreds of educational sessions with insights, best practices and real implementation case studies
  • Live keynote speakers
  • Two expos featuring hundreds of solutions including Cisco and Sourcefire booths featuring threat-centric security solutions to reduce complexity, provide visibility, continuous control, and advanced threat protection

Cisco’s Chris Young, SVP, Cisco Security Business Group, and Padmasree Warrior, Chief Technology and Strategy Officer, delivered the keynote “The New Model of Security” sharing our vision and strategy Intelligent Cybersecurity for the Real World.

If you did not attend RSA  in person, starting March 3 you can view an on-demand webcast of the keynote.

Read More »

Tags: , , , , ,

National Cybersecurity Center for Excellence: A Promising Fortress

It is one thing to recognize cyber threats and their potential to disrupt entire companies, agencies and institutions. It is another thing to do something about it. In light of recent threats we cannot sit still and wait for the next one.

On February 18, I was honored to join Governor O’Malley, Senator Mikulski, NIST director Pat Gallagher, and Montgomery County Chief Executive Ike Leggett in the partnership agreement signing ceremony to expand the National Cybersecurity Center for Excellence in Montgomery County.  Federal and Maryland officials signed the agreement with the National Institute of Standards and Technology in Gaithersburg to develop new cybersecurity technology and educational opportunities. Read More »

Tags: , , , ,