penetration testing

Grounded by Cybersecurity: Protecting the Aviation Industry from Digital Threats

7 min read

Securing aviation systems involves proactively identifying, assessing, and addressing potential security vulnerabilities within aviation infrastructure. The work entails simulating cyber-attacks and exploiting weaknesses within the aviation ecosystem. These include communication networks, air traffic control systems, and aircraft avionics. By emulating the techniques, tactics, and procedures (TTPs) of real-world threat actors, cybersecurity professionals can uncover hidden vulnerabilities and evaluate the resiliency of aviation systems against cyber intrusions. The findings from these tests can then be used to develop effective countermeasures, enhance security policies, and contribute to the safety of passengers, crew, and ground personnel.

May 24, 2017

SECURITY

Can Your Organisation Be Breached? Find Out with a Red Team

4 min read

Have you ever wondered about how the everyday information available on your network could compromise your entire organisation? I lead the Cisco Security Advisory Services team in EMEAR.  We recently performed a “Red Team” exercise in which our client set us the objective of attempting to gain access to their client database. For the uninitiated: […]

March 27, 2017

SECURITY

Tabletops Aren’t Just For Eating Dinner On

4 min read

How to take your Incident Response plan to the next level ‘Practice does everything’ – Periander (Often misquoted as ‘Practice makes perfect’) You’ve gone through the work of creating an incident response (IR) plan, created some runbooks to deal with likely, known threats, and you’re feeling a lot better about the ability of your organization’s ability […]

July 27, 2015

SECURITY

The Best Defense is a Good Offense? Why Cisco Security Researchers Attack Cisco Technologies

1 min read

This week, Cisco provided comments on the Department of Commerce’s Bureau of Industry and Security (BIS) proposed cybersecurity regulations. These comments reflect the realities of how Cisco looks to protect both our customers and our products. They also emphasize the critical role that security researches, access to tools, and qualified talent have in cybersecurity. Cisco has […]

July 20, 2015

HIGH TECH POLICY

Concerns about the Department of Commerce’s Proposed Export Rule under the Wassenaar Arrangement

1 min read

Today, Cisco filed comments on a Proposed Rule published by the Department of Commerce’s Bureau of Industry and Security (BIS) in an effort to comply with an international agreement called the Wassenaar Arrangement. The proposal would regulate a wide array of technologies used in security research as controlled exports, in the same manner as if […]

September 23, 2013

SECURITY

Introducing Kvasir

4 min read

Cisco’s Advanced Services has been performing penetration tests for our customers since the acquisition of the Wheel Group in 1998. We call them Security Posture Assessments, or SPA for short, and I’ve been pen testing for just about as long. I’ll let you in on a little secret about penetration testing: it gets messy! During […]