If you had asked me a few years ago, I might have predicted that the rise of large scale hacking and network-based Advanced Persistent Threats (APTs) would spell the end of old-school espionage (poison-tipped umbrellas, office break-ins, dangles and the like). Those of us who fancy ourselves logical, savvy cyber security specialists can be forgiven for thinking such analog antics wouldn’t persist in a digital world.
And yet, human espionage remains a nagging issue. A Russian spy ring was disrupted in New York in January. New stories about employees stealing trade secrets from their employers regularly make headlines, such as this one in May. More than one article alleges that Vienna and Lausanne (home to recent Iranian nuclear negotiations) are swarming with spies from Tehran. And these are just the stories that get reported.
There is no question that spycraft is changing with the times. Recent, damaging breaches of US government employee information—amply documented elsewhere—provide some interesting hints as to how: Read More »
Tags: APT, cybersecurity, digital, malware, security
With the recent launch of FirePower Threat Defense on Cisco 4000 Series Integrated Services Routers, I would like to spend some time talking about enterprise branch security and what are the requirements to keep in mind to secure your branch office. Let’s start out by examining your branch environment.
What’s happening at the branch today?
Cloud is redefining application delivery. Mobility is redefining network architecture. Next generation applications like Ultra High Definition videos, Web, and SaaS applications put increased pressure on bandwidth availability.
Organizations may be considering Direct Internet Access (DIA) at the branch to leverage local internet path for public cloud and internet access. Leveraging the local internet path at the branch reduces IT spending (freeing up costly WAN bandwidth for mission critical applications) and ensures better application experience, for example for applications hosted in the public cloud (less latency) but it may come with a cost since now the branch may be exposed to security threats. Read More »
Tags: branch office, Cisco FirePOWER, Cisco ISR, guest wi-fi, security, threat defense, threat protection
We introduced OpenAppID in early 2014 with the goal of empowering customers and the open source community to control application usage in their network environments. Since then, we have increased our coverage from 1,000 OpenAppID detectors to more than 2,600, and have received valuable feedback from the community on ways to improve the product.
The case of having an open, application-focused detection language and processing module for Snort has attracted the attention of the Internet of Everything (IoE) world. There are countless devices out there using the Internet on their own, varying from a remote IP based camera to an industrial based sensor in which may include some security features on them.
With the combination of OpenAppID and Snort we are giving the capability to the open source community to create their own application-based protocols and classifications, which can be used to Read More »
Tags: IoE, IPS, open source, OpenAppID, security, Snort, Sourcefire
The Cisco 2015 Midyear Security Report provides an overview of key threats observed in the first half of 2015, along with insights on current and future trends and advice for organizations that utilize security solutions and services. Coinciding with a theme, The Innovation Dogfight between Attackers and Security Vendors, this year’s report is a clear realization that just as quickly as network security personnel and CXOs innovate their security measures, adversaries and their malware seem to be several steps ahead.
Join our next #CiscoChat on Thursday, August 13, at 10:00 a.m. PST: @CiscoSecurity hosts Talos technical leader, Craig Williams, to discuss the report’s findings and implications for organizations and attack defenders.
Read More »
Tags: #CiscoMSR, Business Trends, ciscochat, security, Social Chat, social media
One of the hardest things for a company to do is to embrace new technology and manage it in line with company policy. At most organizations, users are generally told not to access certain company data on certain devices, but they go around security controls because efficiency and convenience outweigh the risk. Rather than preventing new technology from emerging in the environment, embrace it and understand it, but do so prudently. Read More »
Tags: Cisco, Cisco IT, cisco on cisco, coc-security, GTTS, security, Sourcefire