Cisco Blogs


Cisco Blog > Security

Putting a Damper on ‘Lateral Movement’ due to Cyber-Intrusion

Analysis of high-profile cyber breaches often reveals how intruders gain their initial footprint in the targeted organizations and bypass perimeter defenses to establish a backdoor for persistent activities. Such stealthy activities may continue until intruders complete their ultimate mission—claiming the “crown jewels” of the victim organization.

“Lateral movement” is a term increasingly used to describe penetration activities by intruders (more information on lateral movement is available in Verizon’s 2014 Data Breach Investigations Report[1]). These activities begin with network reconnaissance, typically leading to compromises, hijacking of user accounts and ultimately privilege escalation to access sensitive data. Organizations may go to great lengths to detecting and stopping the initial breach and final data exfiltration as well as establishing more intelligence at their ingress/egress perimeters. But how can you minimize the damage caused by an intruder’s lateral movement once your network is already compromised?

Read More »

Tags: , , ,

Cisco 2014 Midyear Security Report: Threats – Inside and Out

Through our ongoing “Inside Out” project at Cisco, our threat researchers have the opportunity to closely examine select networks—with our customers’ permission—to identify evidence of malicious traffic. We use Domain Name System (DNS) lookups emanating from enterprise networks to create a snapshot of possible data compromises and vulnerabilities. This research yielded a significant finding that we presented in the Cisco 2014 Annual Security Report—malicious traffic was visible on 100 percent of the corporate networks we sampled, based on analysis of DNS lookups originating from inside those networks.

For the just-released Cisco 2014 Midyear Security Report, our researchers focused on the networks of 16 Cisco customers that are large multinational organizations. Their observations during the first half of 2014 yielded three compelling security insights tying these enterprises to malicious traffic:

Read More »

Tags: ,

Cisco 2014 Midyear Security Report: Exposing Weak Links to Strengthen the Security Chain

The Cisco 2014 Midyear Security Report has been released, diving into threat intelligence and cybersecurity trends for the first half of 2014.

You may be thinking, “What could have possibly changed since January?” True to form, the attacker community continues to evolve, innovate, and think up new ways to discover and exploit weak links in the security chain. Also true to form, they sometimes simply use tried and true methods to exploit some of the same old vulnerabilities that continue to present themselves. The 2014 Midyear Security Report hits on all aspects and once again illustrates that in the age of the Internet of Things, as the attack surface grows, so too grow the number of attacks, the types of attacks, and the impacts of these attacks. Read More »

Tags: , ,

Latin America Insights: Keeping Your Organization Safe in a Mobile World

The power of mobility has transformed the IT landscape.

While mobility and other tech forces, such as cloud and big data, have enabled organizations to improve productivity and increase efficiency, the constant challenge of keeping data, assets and users secure continues to be a top concern for CIOs and CSOs.

And these concerns stretch across global borders. For example, Frost & Sullivan analysts predict a $1.1B investment towards IT security in Latin America by 2015.

Today, security is no longer an expense, but a necessity for moving forward. It’s an investment for the future longevity of any company. With this in mind, how can business and IT leaders keep their organizations safe in a mobile world? And what can we learn from the mobile security adoption we are seeing in Latin America?

Recently, I had a chance to participate in a new Future of Mobility podcast with Frost & Sullivan Research Analyst, Bruno Tasco, to discuss the answers to some of these questions and how organizational leaders can address security in a way to reap the benefits of true mobility. The podcast is available for download in Spanish and Portuguese and a summary in English can be found on iTunes.

Here are a couple of considerations for CIOs and CSOs as they evaluate their mobile security strategies and look to future-proof their business.

Prepare for Fast Changes

Talking about mobility or general mobility in our Latin America market is like talking about the past. According to the Cisco Visual Networking Index (VNI), Latin America is experiencing and will continue to see incredible mobile adoption. Read More »

Tags: , , , , , , , , , ,

Summary: Mitigating Business Risks

Organizations are rapidly moving critical data into the cloud, yet they still have serious concerns about security and other business risks. Read Bob Dimicco’s blog to learn several important steps companies can take to mitigate the risks of cloud services, such as uncovering shadow IT, assessing data security, and instituting cloud-specific employee policies.

Tags: , , ,