I’m often asked how to deal with the security threat landscape within the context of running a business. The security threat landscape can seem like a highly complex challenge, yet as I’ve looked at it through my work with Cisco and the broader industry, it can actually be boiled down into three simple phases: before, during and after attack.
It sounds simple in theory, but in practice the conversation often focuses predominantly on the “before” phase; that is, minimizing a hacker’s chances of success. While this is clearly the most important phase, it’s also crucial to have a clear threat containment strategy for “during” an attack, and a visibility and forensics plan for “after” it as well. It seems complex, but it can be surprisingly simple. Take a look at a recent video blog I did on the topic.
Tags: Attack, Cisco, forensics, John Stewart, security
Last week, following the release of the 2014 Cisco Annual Security Report, my colleague Levi Gundert and I took questions from you, our partners and customers, about the report and its most interesting findings.
This year’s report highlighted a number of new trends and found unprecedented growth of threat alerts, which reached the highest level we’ve seen in more than a decade of monitoring.
Although the report paints a grim picture of the current state of cybersecurity, we are optimistic that there is hope for restoring trust in people, institutions, and technologies. This must start with empowering defenders with real-world knowledge about expanding attack surfaces. To truly protect against all of these possible attacks, defenders must understand the attackers, their motivations and their methods – before, during, and after an attack.
Here is a link to view the recording of the broadcast. If you have any questions that didn’t get answered, please leave them in the comments, and Levi or I will get back to you.
Tags: 2014 annual security report, asr, cisco annual security report, CSO, cybersecurity, John Stewart, Levi Gundert, Live Social Broadcast, security, skills gap
It’s December and the 2013 cyber security news cycle has just about run its course. We’ve seen more and increasingly virulent attacks, continued “innovation” by adversaries, and a minor revival of distributed denial of services (DDOS) actions perpetrated by hacktivists and other socio-politically motived actors.
Against this, Cisco stood up tall in recognizing the importance of strong security as both an ingredient baked into all Cisco products, services, and solutions, and a growing understanding of how to use the network to identify, share information about, and defeat threats to IT assets and value generation processes. I can also look back at 2013 as the year that we made internal compliance with the Cisco Secure Development Lifecycle (CSDL) process a stop-ship-grade requirement for all new Cisco products and development projects. Read More »
Tags: asr, CSDL, CSO, cyber security, DDoS, John Stewart, security
Last October , Cisco confirmed that Sourcefire was now part of our family of security products and solutions .
“With this acquisition, we take a significant and exciting step in our journey to define the future of security. As one company, we offer an unbeatable combination that will greatly accelerate our mission of delivering a new, threat-centric security model. Through the addition of Sourcefire’s competitive talent and technologies, I see vast opportunities to expand Cisco’s global security footprint in both new and emerging markets, broaden our solution sets and deepen our customer relationships “
Chris Young, Cisco Senior Vice President Security Group
in his blog “Delivers Threat-Centric Security Model “
“Beyond the technology, one of the things that is important to me is that Cisco and Sourcefire both share key values that transcend our company names, HQ locations and number of employees. Much like Sourcefire’s Firemen Principles, you can be confident that these values will continue as one team at Cisco.”
Martin Roesch, Sourcefire founder and CTO and now VP and Chief Architect of Cisco Security Group
in his blog ONE Team
These days , John Stewart , Senior Vice President, Cisco Chief Security Officer , announced that we completed the deployment of Sourcefire at Cisco . John Stewart oversees at Cisco the Threat Response, Intelligence and Development ( TRIAD ) organization .
The implementation is already giving us insights into our data center that we never had before
To know more about this deployment and John’s first impressions check his blog
The First Inline Production Deployment at Cisco
The Cisco security architecture helps data center networking teams take advantage of security capabilities built into the underlying data center fabric, to accelerate safe data center innovation. There are three important security measures that every IT organization should follow to securely support data center innovation.
To learn more, download the Cisco white paper “Three Must-Have Security Measures that Accelerate Data Center Innovation.”
Tell us what do you think of the acquisition of Sourcefire by Cisco .
Tags: Chris Young, Cisco, Cisco TRIAD, CiscoIT, data center, John Stewart, Martin Roesch, security, Sourcefire
RSA 2013 ends and I both miss it and breathe a sigh of relief that it’s over. Let me explain. As a security guy, it’s nice to be around other security like-minded people. We all speak the language. You needn’t really justify why you are worried about things most people have never heard of. It’s exciting to see so many people try so many different things, be it startups, big companies, or inspired individuals. It’s great to see government employees, corporate executives, and pony-tailed security geeks all talking to one another. In a slightly strange way, it’s therapeutic.
That said, RSA is an incredibly intense week, and this year’s conference was no exception. In four-and-a-half full days (and this is just my schedule), I had:
- Eight customer meetings
- Eight dinners (working out to 1.78 dinners per day.)
- Four press interviews: two on-record, one background, 1 live videocast via Google+
- Four bizdev/company review meetings
- Two panels
- Two analyst interviews
- Two partner meetings
- One customer breakfast talk along with with Chris Young
And this doesn’t include the countless run-ins with friends, a quick word here or there, and emails that all have to be managed along the way. In some respects, you don’t get enough time with really good friends (if there really is such a thing as enough time for such people in our lives), and in the end, it’s a huge blur from meeting to meeting.
I posed a question in my blog earlier this year: Are we making progress in cyber security? I say yes, yet not nearly enough, and now I am thinking hard about how to change it before RSA 2014.
Tags: Chris Young, cyber security, cybersecurity, John N. Stewart, John Stewart, RSA, RSA 2013