Holidays are here. It is time to take a pause from work for travels and family celebrations. But hackers are not taking a rest. Just recently, a major hotel chain reported that it suffered a security breach related to customer credit and debit card payments.
The hospitality industry is certainly not the only victim of data breaches. A recent report on Protected Health Information (PHI) data breach suggests that many industries (not just the healthcare industry alone) have experienced a PHI data breach – in fact 90% of them.
The industrialization of hacking has generated increasingly sophisticated and discrete cyberattacks for financial or political gain. No organizations today are immune from these nonstop attacks. So what can you do to help protect your organization?
Defense in depth is a proven information security strategy. Your layered defense includes all the security components you have already deployed such as firewalls, IPS, and advanced malware protection. But, have you utilized one of the strongest tools that you already have? It is the network itself.
Your Cisco network includes Catalyst and Nexus switches, integrated services routers (ISRs), aggregation services routers (ASRs), wireless products, and UCS systems. These network solutions can add another layer of security protection for you throughout the attack continuum, before, during and after an attack.
Read More »
Tags: network as a sensor, network as an enforcer, network security
The Digital Economy and the Internet of Everything means everything is now connected. Digitization is fundamentally transforming how we conduct business. It creates new opportunities to develop services and engage with employees, partners, and customers. It’s important to understand that digitization is also an opportunity for the hacking community, presenting new services, information, data, devices, and network traffic as attack targets. To take full advantage of the digitization opportunity, security must be everywhere, embedded into and across the extended network – from the data center to the mobile endpoints and onto the factory floor.
Today, Cisco is announcing enhanced and embedded security solutions across the extended network and into the intelligent network infrastructure. These solutions extend security capabilities to more control points than ever before with Cisco FirePOWER, Cisco Cloud Web Security or Cisco Advanced Malware Protection. This is highlighted in Scott Harrell’s blog. We are also transforming the Cisco network into two roles: as a sensor and as an enforcer of security.
The role of the Network as a Sensor The network provides broad and deep visibility into network traffic flow patterns and rich threat intelligence information that allows more rapid identification of security threats. Cisco IOS NetFlow is at the heart of the network as a sensor, capturing comprehensive network flow data. You can think of NetFlow as analogous to the detail you get in your monthly cellular phone bill. It tells you who talked to whom, for every device and user, for how long, and what amount of data was transferred – it’s metadata for your network traffic.
Visibility to network traffic through NetFlow is critical for security, as it serves as a valuable tool to identify anomalous traffic on your network. Watching NetFlow, we gain an understanding of the baseline traffic on the network, and can alert on traffic that is out of the ordinary. The network is generating NetFlow data from across the enterprise network all the way down to the virtual machines in the data center. This gives us visibility across the entire network, from the furthest branch office down to the east-west traffic in the data center. Read More »
Tags: Cisco Advanced Malware Protection, Cisco Cloud Web Security, Cisco FirePOWER, Cisco Identity Services Engine, Cisco TrustSec, IoE, IOS Netflow, ISE, Lancope, network as a sensor, network as an enforcer
The topic of cybersecurity has become so ubiquitous that it’s almost a daily occurrence to read or hear about security breaches in the news. Cisco understands this paradigm shift within the nature of computing, that the Digital Economy and the Internet of Everything now requires what we are calling Security Everywhere. Security has to span the extended network in order to protect against an ever growing array of attack vectors. Scott Harrell, Vice President Product Management has written a more detailed blog about this specific topic here .
The key point to note about Security Everywhere is that organizations are under unrelenting attack and breaches are happening every day. Attackers have also created sophisticated malware that can be launched into the network, gather information to intelligently understand exactly what, when and how to attack and then launch an extremely surgical and devastating attack against the network. Our Cisco 2015 Annual Security Report is an excellent resource for detailed research about the nature and frequency of attacks against the enterprise.
Read More »
Tags: CLUS15, network as a sensor, network as an enforcer, security
I’ve had some recent discussions with colleagues in the armed forces regarding cyber security and how they consider “cyber” to be the fourth warfighting domain along with land, air, and sea. They describe how cyber has its own terrain made up of computing resources. As I further thought through this concept I saw a striking resemblance between the network and air warfare. To elaborate on this thought I must first set the context around the concept of air supremacy.
There are probably many different variations of the definition of air supremacy but let’s just use “the degree of air superiority wherein the opposing air force is incapable of effective interference” for the purpose of this blog. I borrowed this definition from NATO. There are two key words in the definition, “degree” and “effective.” Prior to achieving supremacy one must first move from parity, through superiority to eventually supremacy. Air parity is the lowest degree in which a force can control the skies above friendly units. In other words, prevention of opposing air assets from overwhelming land, air, and sea units. Read More »
Tags: application visibility control, cyber security, cyber space, cybersecurity, cyberspace, Flexible NetFlow, IP SLA, malicious threats, netflow, network as a sensor, network superiority