Holidays are here. It is time to take a pause from work for travels and family celebrations. But hackers are not taking a rest. Just recently, a major hotel chain reported that it suffered a security breach related to customer credit and debit card payments.
The hospitality industry is certainly not the only victim of data breaches. A recent report on Protected Health Information (PHI) data breach suggests that many industries (not just the healthcare industry alone) have experienced a PHI data breach – in fact 90% of them.
The industrialization of hacking has generated increasingly sophisticated and discrete cyberattacks for financial or political gain. No organizations today are immune from these nonstop attacks. So what can you do to help protect your organization?
Defense in depth is a proven information security strategy. Your layered defense includes all the security components you have already deployed such as firewalls, IPS, and advanced malware protection. But, have you utilized one of the strongest tools that you already have? It is the network itself.
Your Cisco network includes Catalyst and Nexus switches, integrated services routers (ISRs), aggregation services routers (ASRs), wireless products, and UCS systems. These network solutions can add another layer of security protection for you throughout the attack continuum, before, during and after an attack.
Read More »
Tags: network as a sensor, network as an enforcer, network security
In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he would begin again. And again. Every day. Forever.
I suspect that it will not be a great imaginative leap for those of you in the in the information security industry to empathize with this unfortunate soul. Cyberattacks are continuously growing in frequency and sophistication. Threats are ever-present. New technologies and changing business models are always forcing you to change your tactics. Protecting your organization’s sensitive information seems like a Sisyphean undertaking: constant and unceasing.
I hear this from our customers all the time. IT security feels like an uphill battle, and the struggle to guard against ever-evolving threats seems interminable. As innovative social, mobile, analytics, cloud, robotics, and Internet of Everything (IoE) technologies transform every organization into a digital organization, the prospect of maintaining a strong security posture amid such rapid and widespread change can be daunting. We hear you, we get it, and we are ready to help. Just as Cisco is helping organizations become digital, we are also deeply committed to ensuring that security is the bedrock upon which the successful digital enterprises of the future will stand. For that to happen, organizations will need security solutions designed for the world of tomorrow. To help organizations transform securely, we have created Cisco Active Threat Analytics – a suite of next-generation managed security services that will help customers to detect threats in their environments with great speed, accuracy, and focus.
Read More »
Tags: Active Threat Analytics, ATA, Big Data, full packet capture, Incident Management, information security, it security, network security, security operations, threat detection, threat management
I speak with Cisco customers regularly. The topic of the Internet of Everything (IoE) comes up often. Put simply, their concerns can be summed up in a single question: How can I prepare for the network of tomorrow when it’s difficult to keep pace with managing the fast-moving complexity of my network today?
IoT: So Many Vulnerabilities. So Little Time and Resources. So Much at Stake.
Research firm IDC predicts there will be over 28 billion connected devices installed by 2020, while fellow analyst Gartner forecasts that 4.9 billion connected things will be in use in 2015, up 30 percent from 2014, and will reach 25 billion by 2020.
An example of one industry that’s moving to meet this opportunity is retailing. Like me, I’m sure you’ve noticed the change in your shopping experience — whether it’s contextual matching of products to your personal profile or in-store product or pricing comparisons using your mobile device.
But moving into the revolutionary digital retail environment enabled by the Internet of Things doesn’t come without risk. New connectedness brings new security threats. For the typical network administrator a major security issue like the Heartbleed bug can quickly turn into a bad case of heartburn. What’s the nature of the vulnerability? What devices are impacted? How do I respond? When you combine these questions with the day to day demands of directly supporting end-users, answering technical questions, resolving network issues, writing scripts, creating reports, monitoring systems and managing version controls, it’s not surprising that a network operations team can be overwhelmed. And that’s before the growing connectivity fueled by the Internet of Things. Read More »
Tags: Internet of Everything, IoT, IT management, network security, smart net total care, SMARTnet
After several months leading the managed security services portfolio at Cisco, I sat down with the social media team to discuss my path to Cisco, the evolution of the security market, and the future of security. [Note: This is an abridged version of the full interview.]
Q: After nearly 20 years at Symantec, why did you decide to move to Cisco?
TP: Cisco has all of the pieces necessary to solve the biggest security problems facing businesses today and into the future. Cisco’s position in the network, its broad security product portfolio, its strong and continued investment in security, and its pivot toward driving business outcomes and solving customer problems place this company in a unique position to lead the charge toward the next generation of security. As a part of a company that builds the cloud, mobility, collaboration, and Internet of Everything technologies driving change in the security market, we have a unique opportunity to proactively build security services that enable the secure adoption of these innovations. Our ability to integrate with networking technologies and all types of connected devices allows us to feed huge amounts of data from across an entire customer network into our big data platform for detecting, investigating, and analyzing threats. I’m eager to take what I’ve learned throughout 19 years in security and put that knowledge and experience to work in building up Cisco’s resources into a next-level suite of solutions. Read More »
Tags: analytics, Big Data, Cisco Security Solutions, managed security, network security, security, SIEM
It’s no secret, networks, in general, are more challenging to manage than before.
As networks increase in complexity to embrace new business innovations, they may require more supporting devices, which, in turn, can result in even more alerts to manage.
If you’re a network manager or security officer, what are you going to do?
At Quintiles, they started using Smart Net Total Care to identify devices that might have security vulnerabilities. In the centralized portal, their IT team could easily access information on each type of alert, which is displayed by category or device and contains summary information with a link to the actual alert on Cisco.com.
“In the past, our security team would receive a notification and need detailed data from us to determine our level of risk,” says Wil Bolton, senior network systems engineer for Quintiles. “Now we can be proactive, because we can check the portal and know immediately. We have already completed some critical upgrades based on PSIRT information and can be confident that we are aware of a potential vulnerability.”
So, how are you going to quickly identify risks and network vulnerabilities? How will you reduce time chasing irrelevant alerts, so you have more time to focus on projects you care about? Read More »
Tags: enterprise networks, network management, network security, smart net total care