Cisco Blogs


Cisco Blog > Security > Threat Research

Shellshock Exploits in the Wild

This post was authored by Joel Esler & Martin Lee.

The recently discovered Bash vulnerability (CVE-2014-6271) potentially allows attackers to execute code on vulnerable systems. We have already blogged about the issue and provided more technical detail in a further blog. The rapid release of IPS signatures for our platforms allowed us to follow very quickly, the attempts at exploitation of the vulnerability in the wild.

For further details of our response to the issue, please see the Event Response Page.
Read More »

Tags: , , , , , ,

Security Must Mature to Protect Against Threats

As we discuss in the Cisco Midyear Security Report, cybersecurity is becoming more of a strategic risk for today’s businesses, creating a growing focus on achieving “security operations maturity.” That’s why Cisco has developed the Security Operations Maturity Model – to help organizations understand how security operations, technologies, and products must evolve to keep up with the pace of change in their environments and increasingly sophisticated attacks. The model plots a journey along a scale of controls that moves from static to human intervention to semi-automatic to dynamic and, ultimately, predictive controls.

Every day I see evidence of why we need to evolve our security capabilities. A perfect example is the Kyle and Stan malicious advertising attack that our Talos Security Intelligence and Research Group discovered and continues to analyze. Ongoing research now reveals that the attack is nine times larger than initially believed and began more than two years ago. The expansiveness and extended period of the campaign reflects the ability of this attack to continuously morph, move quickly, and erase its tracks leaving nearly indiscernible indicators of compromise. To effectively detect and protect against attacks like this, organizations need dynamic controls that see more, learn more, and adapt quickly. Relying exclusively on static controls and human intervention puts defenders at a significant disadvantage and allows attacks to run rampant.

Read More »

Tags: , ,

Greater Dynamic Controls for Secure Access and Mobility

Businesses today are required to meet multiple challenges with respect to connecting users to applications.

First, it is no secret that the demands of employees and users are great–they expect access to enterprise resources and their work via more mediums than ever before–by personal laptops, tablets and smartphones, both at home and on the road. The Internet of Things (IoT) is the latest technology where we must now prepare for a world where everything is connected. From Wi-Fi-enabled sensors for treatment care to vending machines for restocking or even sensors linked to power controls.

In addition to meeting demands of workers and all of these connected devices, there are also security challenges associated with connecting these devices into business networks to balance productivity with keeping advanced security threats, insider misuse and data breaches at bay. Read More »

Tags: , , , ,

The Dynamic Protective Shield of Big Data Analytics

September 28, 2014 at 11:17 pm PST

As we think of Healthcare and Big data Analytics, some of the topics that come to fore front are personalized medicines, managing readmissions, identifying health risk indexes and many more. While each of these is important areas that benefit from power of Big Data Analytics, one of the areas that is at table stakes in Healthcare is protecting critical care systems. Can the power of big data analytics provide us a protective shield?

Before we dive in, the question that comes up is why is Healthcare Security any different and why Big Data Analytics instead of the traditional approaches to protection that we have today.

This was the topic of my presentation at the recently concluded COM.BigData 2014 conference in Washington DC: ‘Dynamic Protection for Critical Care Systems using Cisco Cloud web security (CWS): Unleashing the power of Big Data Analytics’.

While the Health IT transitions are opening up healthcare access in newer ways that has significant security implications, there are additional trends that are making Healthcare a prime target.

Healthcare Security Trends

Targeting Healthcare Industry

According to the World Privacy Forum, the street value of a stolen Healthcare data is ~ $50 as compared to $1 for a stolen social security number. The Ponemon Institute, in its third annual report on Medical Identity theft, 2012, estimates the economic impact of medical identity theft at 41.3 billion per year, a significant increase from 30.9 billion per year in 2011. In addition, new attack models such as ransomware can capitalize on the sensitivity of the situation, where the question is not about losing your data, but your life. Adding up all these, healthcare industry is an attractive target.

The expanded boundaries

The expanded boundaries

Read More »

Tags: , , , , , ,

Cisco Meraki Systems Manager Extends Enterprise Mobility Management to the Cloud

The industry is going beyond BYOD—it’s not just about simply connecting the device anymore: the mobile landscape has grown to include apps, devices and content, all of which require security and management. This is no easy task. Enterprise mobility management (EMM) is no longer a nice-to-have for our customers—it is a necessity. You need a mobile strategy.

We at Cisco have been steadily building out our mobility portfolio across infrastructure, policy and management over the past few years to provide our customers with what they need to get ahead of the mobile trend.

It has always been Cisco’s strategy to use open API’s with ISE to integrate with host of 3rd party EMM vendors, including Citrix, MobileIron, Airwatch and many more. We are now extending that flexibility to create a cloud-managed EMM offering with our Cisco Meraki solution.  The latest addition to the Cisco mobility portfolio, the Cisco Meraki Systems Manager Enterprise is an evolution of Cisco Meraki’s existing MDM cloud offer, and a natural extension of the Cisco Meraki network management solution (e.g. extending management of wireless access points to the management of devices connecting to the enterprise domain).

Cisco is committed to customer choice, and will continue to offer different options to the market, including ecosystem EMM partner solutions. The addition of the Cisco Meraki Systems Manager broadens that portfolio to strengthen our offering and empower our customers attain the mobility solution best suited for their specific requirements.

For more information on the Cisco Meraki Systems Manager, read the full announcement blog here.

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,