It has been 15 years since Kevin Ashton popularized the term the Internet of Things. How could we have known then what that would come to mean and the huge impact that it would have on our lives? Cisco projects that 50 Billion things (or devices) will be connected to the Internet by 2020; or, the equivalent of 6 devices for every person on the planet. This exponential growth of connected devices is fundamentally impacting both society and the economy—changing our lives forever.
However, with all of our focus and media attention on the Internet of Things, we are really missing the fundamental technology revolutions that are reshaping our world. Radical advances in processing, storage, wireless technologies and new ways of delivering technology are reshaping our world -- all at a much faster speed and drastically reduced price.
In my view, the Internet of Things is really a short-hand for the five technology pillars that are shaping a revolutionary new, connected world. Read More »
Check out the new Cisco UCS Hardening Guide white paper which is now released and available on the Cisco Security Portal. The paper outlines and highlights security best practices for Cisco UCS.
This paper provides information to help users secure Cisco Unified Computing System (Cisco UCS) platform and provides guidance on how to harden Cisco UCS Software features. The paper provides references to lots of related documentation.
In our previous blog, we began our exploration of how Fast IT will transform the role of the IT organization — enabling it to drive innovation in unprecedented ways for the business. And to do so amid the rapid disruption of the Internet of Everything (IoE) economy.
Specifically, we examined the role of Fast IT in simplifying complex, cumbersome infrastructure. And how this added agility will open the door to faster provisioning of enterprise apps; a new dimension in value derived from cloud; and a true place for IT as a service orchestrator and trusted partner for the business.
But Fast IT transformation extends further still, enabling expansive and dynamic new capabilities through analytics and security; driving the cultural change that must accompany infrastructure change; and liberating the IT organization through dividends in cost and time savings.
Every organization needs to face the fact that breaches can and do happen. Hackers have the resources, the expertise, and the persistence to infiltrate any organization, and there is no such thing as a 100 percent effective, silver-bullet detection technology. As security professionals, we tend to focus on what we can do to defend directly against hackers that will infiltrate a system. But, what about our own users? Increasingly we need to look at how user behavior contributes to attacks and how to deal with that.
The 2013 Verizon Data Breach Investigation Report found that 71 percent of malware attacks target user devices. And, the 2014 report finds that the use of user devices as an attack vector has been growing over time, probably because they offer an easy foot in the door. According to the 2014 Cisco Midyear Security Report, global spam is at its highest level since 2010 and that’s just one technique targeted at end users. “Watering hole” attacks, phishing, and drive-by attacks launched from mainstream websites are all popular ways to target devices. And, then there’s the shadow IT phenomenon where users will ignore approved corporate standards to use the hottest technologies or whatever device or application will help them get their job done faster, better, and easier.
Educating users is important. They need to be wise to attackers’ techniques and the dangers that unsanctioned websites and applications can present. Also, putting policies in place to restrict user behavior can go a long way toward preventing malicious attacks that often rely on relatively simple methods. But it is not enough.
Microsoft Tuesday is here once again and this month they are releasing a total of eight bulletins. Three of which are rated as critical, while the remaining five are rated as important. There’s a total of 24 CVEs this month, 20 of which were privately disclosed to Microsoft and four which are either publicly known or under active attack, making them 0-day vulnerabilities. Of those four, two are being actively attacked, while two have been publicly disclosed but do not seem to be under attack for supported software. Of the 24 CVEs, 15 are categorized as allowing remote code execution, four as elevation of privilege and three as security feature bypasses.