Cisco Blogs


Cisco Blog > Government

Cybersecurity Awareness Month: Unsampled Netflow – Why it’s Important for Cybersecurity

Quick question for IT leaders – can the switches on your network report 100% unsampled netflow?  If they can’t, there may be elusive cybersecurity threats hiding within your network. Yes, inside your network.

Every week, I hear stories of intellectual property (IP) loss and personal identifying information (PII) being compromised. This is due in part to many agencies still approaching cybersecurity the way they always have – guarding the edges to keep threats out. But that’s not enough anymore. With malware now being custom-written to bypass the perimeter, external drives plugged in, and the ever-present possibility of tricked or malicious insiders, monitoring inside the network is now one of the most effective ways to find and eliminate threats.

Read More »

Tags: , , ,

It’s Back – It’s Cisco IOS Software Security Advisory Bundle Time Again

Today, we released the final Cisco IOS Software Security Advisory Bundled Publication of 2013. We committed to these predictable disclosures back in 2008 because your feedback was clear—they allow you to plan ahead and ensure resources are available to analyze, test, and remediate vulnerabilities in your environments. (For more information on the history of this evolution, take a look at my colleague John Stuppi’s post this past March.) If you haven’t had the opportunity to review my earlier posts on preparing for bundled disclosures or leveraging the Cisco IOS Software Checker tool, I’d encourage you to do so now. Hopefully, the guidance will help lessen the impact of evaluating the recently published Cisco Security Advisories. Read More »

Tags: , , , ,

Introducing Kvasir

Cisco’s Advanced Services has been performing penetration tests for our customers since the acquisition of the Wheel Group in 1998. We call them Security Posture Assessments, or SPA for short, and I’ve been pen testing for just about as long. I’ll let you in on a little secret about penetration testing: it gets messy!

During our typical assessments we may analyze anywhere between 2,000 and 10,000 hosts for vulnerabilities, perform various exploitation methods such as account enumeration and password attempts, buffer/stack overflows, administrative bypasses, and others. We then have to collect and document our results within the one or two weeks we are on site and prepare a report.

How can anyone keep track of all this data, let alone work together as a team? Are you sure you really found the holy grail of customer data and adequately documented it? What if you’re writing the report but you weren’t the one who did the exploit? Read More »

Tags: , , , ,

7-Day Forecast: Bundle Up!

It’s that time of year again—consider this post your friendly T-7 notice to start preparing for the final Cisco IOS Software Security Advisory Bundled Publication of 2013! As a reminder, the Cisco Product Security Incident Response Team (PSIRT) releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our advisories, vulnerabilities scheduled for disclosure in these upcoming Security Advisories will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.  Cisco security publications that disclose vulnerabilities scoring lower than 7.0 are described in our Cisco Security Vulnerability Policy. Read More »

Tags: , , , , ,

IoT World Forum: Getting More Out Of IP Cameras

10254_Surveillance_256For the past 15 years, businesses of all types and sizes have used IP cameras to monitor and protect their physical environments. Whether monitored in real-time by security staff or analyzed following a breach, cameras provide an essential physical security solution to keep employees, data, and network appliances safe.

While this use case is still very much relevant today, the advent of the Internet of Things (IoT) has dramatically expanded the scope and capabilities of connected cameras now acting as powerful sensors and intelligent platforms to also deliver extraordinary gains in operational efficiency, situational and acoustic awareness, and forensic investigations.  Furthermore, the evolution of video analytics such as facial and license plate recognition, as well as audio analytics, has significantly enhanced the ability of IoT-enabled cameras to deliver superior insights into all application areas – from safety and security, to business intelligence.

Read More »

Tags: , , , , ,