Cisco Blogs


Cisco Blog > Collaboration

The Cost of Security During the Olympics

May 24, 2012 at 10:31 am PST

This summer the world will be watching London. At the same time, the city will have to deal with millions of extra people and the logistical challenges that go with it. Obviously, one of the most important of these challenges is security. We’ve all seen the furore in the papers about the government spending more on security than they initially planned – up from £282 million to over £550 million. . I don’t know about you, but I’d rather we spend the money than be underprepared during the Olympics and Paralympics…when all eyes are on London.

So, what does £550 million buy you these days? 23,700 security personnel to cover 100 venues, for a start. However, there are also virtual threats to consider. During the 2008 Beijing Olympics, China suffered 14 million online attacks. It’s no surprise; the information infrastructure is critical to the Games running smoothly. That’s why, as the networking infrastructure supporter  of the London 2012 Olympic and Paralympic Games, we’ve been working closely with BT and Atos as the Communications Services Partner and the Global IT Partner respectively to provide robust and secure network infrastructure. But it’s not just those involved in the Games that need to think about security. Businesses are vulnerable while the Games are on too. And it’s a time when they should be capitalising on increased demand and opportunity. Unfortunately 42% of businesses have not reviewed their security arrangements for the Games and will be vulnerable to serious threats throughout the Games period. A key part of this is ensuring their networks are set up to cope with increased demand and potential threats.

That’s why Cisco is holding a security webinar with Deloitte, Atos and G4S on June 1st at 12:30 pm (PST). Read More »

Tags: , , , , ,

Personal Security Incidents Can Put Everyone at Risk

When employees use their own devices for work, there’s no such thing as a personal security breach

It’s no exaggeration to say that mobile smart devices have changed the way people work. With smartphone in hand, employees now expect to be able to check email from their kid’s baseball game, finalize financial transactions on the fly, and log into cloud-based services at the gym—not to mention play Angry Birds whenever they want. The downside to this round-the-clock connectivity is the security risk it can introduce to your network and, because devices are personally owned, the difficulty of locking them down. These days, there’s no such thing as a personal security breach. A security incident on a personal device can put your entire network at risk.

Read More »

Tags: , , ,

The Missing Manual: CVRF 1.1 Part 2 of 2

This post is a continuation of The Missing Manual: CVRF 1.1 Part 1 of 2.

Praxis: Converting an existing document to CVRF

Now it’s time for some XML! Let’s take what you’ve learned and manually convert the Cisco RVS4000 and WRVS4400N Web Management Interface Vulnerabilities security advisory into a CVRF document. Please note that this process is meant to be instructive and somewhat of a stream-of-consciousness-narrative of how to manually build your first CVRF document. It is expected that, by and large, this process would itself be automated and CVRF document producers would have in-house code to parse their own documents and emit CVRF.
Read More »

Tags: , , , ,

The Missing Manual: CVRF 1.1 Part 1 of 2

Prolegomenon

In this post you will learn about some of the design decisions behind the 1.1 release of the Common Vulnerability Reporting Framework (CVRF). Particular attention is paid to explaining some of the required elements and the Product Tree. After those tasty tidbits, we will convert a recent Cisco security advisory into a well-formed and valid CVRF document. To close, you are treated to some of the items on the docket for future versions of CVRF. It bears mentioning that this paper is not meant to be an exhaustive explanation of the CVRF schemata. It is a rather capricious, if somewhat disorganized look at some outliers that aren’t fully explained elsewhere. It is assumed the reader has a working knowledge of the Common Vulnerability Reporting Framework and of XML.

Read More »

Tags: , ,

BYOD: No Longer a Four-Letter Word to Enterprise IT Leaders?

Until now, it’s been assumed that enterprise IT leaders probably view the current BYOD (“Bring Your Own Device”) movement with about the same enthusiasm as a farmer awaiting the next locust invasion.

A recent survey from the Cisco Internet Business Solutions Group (IBSG), however, indicates that BYOD may no longer be a “four-letter word” in enterprise IT departments. In fact, the study of 600 U.S. enterprise IT leaders—all from companies of 1,000 or more employees—shows that, if anything, BYOD now has a predominantly positive reputation in U.S. enterprise IT circles. Read More »

Tags: , , , , , , , , , , , ,