Cisco Blogs

Cisco Blog > Security

Active Threat Analytics: Easing the Burden of Threat Management

In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he would begin again. And again. Every day. Forever.

I suspect that it will not be a great imaginative leap for those of you in the in the information security industry to empathize with this unfortunate soul. Cyberattacks are continuously growing in frequency and sophistication. Threats are ever-present. New technologies and changing business models are always forcing you to change your tactics. Protecting your organization’s sensitive information seems like a Sisyphean undertaking: constant and unceasing.

I hear this from our customers all the time. IT security feels like an uphill battle, and the struggle to guard against ever-evolving threats seems interminable. As innovative social, mobile, analytics, cloud, robotics, and Internet of Everything (IoE) technologies transform every organization into a digital organization, the prospect of maintaining a strong security posture amid such rapid and widespread change can be daunting. We hear you, we get it, and we are ready to help. Just as Cisco is helping organizations become digital, we are also deeply committed to ensuring that security is the bedrock upon which the successful digital enterprises of the future will stand. For that to happen, organizations will need security solutions designed for the world of tomorrow. To help organizations transform securely, we have created Cisco Active Threat Analytics – a suite of next-generation managed security services that will help customers to detect threats in their environments with great speed, accuracy, and focus.

Read More »

Tags: , , , , , , , , , ,

IT Paradox: Managing More Complex Networks with Limited Resources

I speak with Cisco customers regularly. The topic of the Internet of Everything (IoE) comes up often.  Put simply, their concerns can be summed up in a single question: How can I prepare for the network of tomorrow when it’s difficult to keep pace with managing the fast-moving complexity of my network today?

IoT: So Many Vulnerabilities. So Little Time and Resources. So Much at Stake.

Research firm IDC predicts there will be over 28 billion connected devices installed by 2020, while fellow analyst Gartner forecasts that 4.9 billion connected things will be in use in 2015, up 30 percent from 2014, and will reach 25 billion by 2020.

An example of one industry that’s moving to meet this opportunity is retailing. Like me, I’m sure you’ve noticed the change in your shopping experience — whether it’s contextual matching of products to your personal profile or in-store product or pricing comparisons using your mobile device.

But moving into the revolutionary digital retail environment enabled by the Internet of Things doesn’t come without risk. New connectedness brings new security threats. For the typical network administrator a major security issue like the Heartbleed bug can quickly turn into a bad case of heartburn. What’s the nature of the vulnerability? What devices are impacted? How do I respond? When you combine these questions with the day to day demands of directly supporting end-users, answering technical questions, resolving network issues, writing scripts, creating reports, monitoring systems and managing version controls, it’s not surprising that a network operations team can be overwhelmed. And that’s before the growing connectivity fueled by the Internet of Things.  Read More »

Tags: , , , , ,

Getting to Know Tom Powledge, Vice President of Cisco Managed Security Services

After several months leading the managed security services portfolio at Cisco, I sat down with the social media team to discuss my path to Cisco, the evolution of the security market, and the future of security. [Note: This is an abridged version of the full interview.]

Q: After nearly 20 years at Symantec, why did you decide to move to Cisco?

TP: Cisco has all of the pieces necessary to solve the biggest security problems facing businesses today and into the future. Cisco’s position in the network, its broad security product portfolio, its strong and continued investment in security, and its pivot toward driving business outcomes and solving customer problems place this company in a unique position to lead the charge toward the next generation of security. As a part of a company that builds the cloud, mobility, collaboration, and Internet of Everything technologies driving change in the security market, we have a unique opportunity to proactively build security services that enable the secure adoption of these innovations. Our ability to integrate with networking technologies and all types of connected devices allows us to feed huge amounts of data from across an entire customer network into our big data platform for detecting, investigating, and analyzing threats. I’m eager to take what I’ve learned throughout 19 years in security and put that knowledge and experience to work in building up Cisco’s resources into a next-level suite of solutions. Read More »

Tags: , , , , , ,

Quick Tips for Tracking Alerts

It’s no secret, networks, in general, are more challenging to manage than before.

As networks increase in complexity to embrace new business innovations, they may require more supporting devices, which, in turn, can result in even more alerts to manage.

If you’re a network manager or security officer, what are you going to do?

At Quintiles, they started using Smart Net Total Care to identify devices that might have security vulnerabilities. In the centralized portal, their IT team could easily access information on each type of alert, which is displayed by category or device and contains summary information with a link to the actual alert on

“In the past, our security team would receive a notification and need detailed data from us to determine our level of risk,” says Wil Bolton, senior network systems engineer for Quintiles. “Now we can be proactive, because we can check the portal and know immediately. We have already completed some critical upgrades based on PSIRT information and can be confident that we are aware of a potential vulnerability.”

So, how are you going to quickly identify risks and network vulnerabilities? How will you reduce time chasing irrelevant alerts, so you have more time to focus on projects you care about?  Read More »

Tags: , , ,

Radware and Cisco Sign OEM Agreement As DDoS Mitigation Becomes a SP Imperative

DDoS attacks are no longer just a nuisance and they can cause lasting damage. Organizations that ignore this threat often learn the high costs involved in the damage from these attacks – ranging from mild service degradation and to extended service outage. According to Aberdeen Group research, the cost of a one second delay in website load time can translate to a 7% reduction in conversion rate and up to $2.5 million in losses per year. The cost of outage? That can reach nearly half a million dollars per hour.

Attacks have evolved in multiple dimensions: Read More »

Tags: , , , , ,