A few months ago we discussed the various ways that consumer PII is compromised. The recent attacks against Target and Neiman Marcus illustrate the constant threat that payment card accepting retailers of all sizes face. Yesterday Reuters reported that similar breaches over the holidays affected “at least three other well-known U.S. retailers”. Given the current onslaught, it’s a good time for retailers to examine their detection capabilities before a payment card data attack, while creating new goals for shortening remediation windows during and after an attack.
Now when I’m talking about safekeeping a mobile device, I’m not saying don’t use your Kindle by the pool or let your toddler play on the iPad while eating ice cream. These are dangerous things to be doing with a gadget, but today I want to focus more on the data within that device, rather than the device itself.
No matter what you do, your device may be stolen. It only takes a moment of inattention for someone to swipe your phone or tablet. Before that unfortunate event occurs, there are several things that you can do to mitigate the damage that occurs from the loss of a mobile device. Read More »
Today, many encrypted networks use insecure cryptography. Attackers exploiting weak cryptography are nearly undetectable, and the data you think is secure is less safe every day. Legacy encryption technology can’t keep up with current advances in hacking and brute force computing power. Additionally, legacy solutions are increasingly inefficient as security levels rise, and perform poorly at high data rates. In order to stay ahead of this challenge, encryption needs to evolve.
Some of the best conversations happen in private exchanges and I often wish we could all benefit more broadly. This most recent conversation was instructive in and of itself but it also pointed out a level of transparency both Jimmy Ray and I prefer. So hopefully it goes to say -- we welcome your input! We certainly don’t get it right all the time!
Cisco’s early adoption and implementation of Next Generation Encryption (NGE) is paving the way for the next decade of cryptographic security. NGE provides a complete algorithm suite, comprised of authenticated encryption, digital signatures, key establishment and cryptographic hashing. These components provide high levels of security and scalability, aimed at setting the standard for the next 10 years of encryption.
The next generation of encryption technologies meets the evolving needs of agencies and enterprises by utilizing modern, but well reviewed and tested cryptographic algorithms and protocols. As an example, Elliptic Curve Cryptography (ECC) is used in place of the more traditional Rivest-Shamir-Adleman (RSA) algorithms. By upgrading these algorithms, NGE cryptography prevents hackers from having a single low-point in the system to exploit and efficiently scales to high data rates, while providing all of the security of the Advanced Encryption Standard (AES) cipher
As computing power exponentially increases over time, according to Moore’s Law, attackers have access to more powerful tools to crack encryption keys. However, NGE is capable of staying ahead of this curve by improving security and robustness of Cisco’s already market leading trusted solutions to meet emerging global standards into the future.
Check out the video below to learn more about NGE: