Cisco Blogs


Cisco Blog > Security

Ask the Data Center Security Expert: Context-Aware and Adaptive Strategies for an Agile Data Center

At Cisco Live London, one of my data center theater presentations will focus on the benefits of a context-aware and adaptive security strategy. This approach helps accelerate the adoption of virtualization and cloud, which traditional static security models often inhibit. Context-based approaches factor in identity, application, location, device, and time along additional security intelligence such as real-time global threat feeds for more accurate security access decisions.

Neil MacDonald, vice president, distinguished analyst, and Gartner Fellow in Gartner Research has been advocating the benefits of a context-based approach now for some years as outlined in his Gartner blog. Not only does he say that by 2015, 90 percent of enterprise security solutions will be context-aware but in cloud computing environments where IT increasingly doesn’t own key IT stack elements, having additional context at the point of security decision leads to better decisions with risk prioritization and business factors accounted for. Neil MacDonald also co-authored a report, “Emerging Technology Analysis: Cloud-based Reputation Services,” which highlights the value of cloud-based threat intelligence in enabling secure cloud adoption.

Read More »

Tags: , , , , , , , ,

Cisco’s New SMB Business Portfolio – Essential Tools for Secure Productivity

A key trait of innovative small and medium sized businesses (SMBs) is agility– making decisions quickly, shifting direction with a customer, and swiftly working out the details with colleagues. But at the end of the day, what it all comes down to is having the right technology—to enable responsiveness, increase overall productivity, and keep SMBs competitive.

And that becomes especially important when you look at statistics around mobility. The mobile worker population is expected to reach 1.3 billion by 2015, and 71 percent of SMBs now functioning as work-from-anywhere businesses (according to IDC’s Worldwide Mobile Worker Population 2011–2015 Forecast. At the same time, this move to mobile has refocused SMBs’ attention on security.

On-the-go SMB workforces need to be able to work and collaborate securely, whether onsite or mobile. And, since SMBs generally don’t have dedicated IT departments, they need technologies that are easy to use and manage, all while fitting within a tight budget. This kind of enablement is what allows small businesses to be agile.

In response to these challenges, Cisco has introduced a host of new small business technologies designed to support the requirements of nimble SMBs that are looking to get an edge. These offerings deliver new capabilities around security, collaboration, and mobility.

To learn more about our latest small business products, visit our website. And, watch for additional blogs in the coming days that will zero in on related topics to provide more context around how you can help maximize productivity in a secure environment, however you define your workspace.

We’d also love to hear from you about your SMB challenges. What are you hoping to tackle this year from an IT perspective?

Tags: , , , , , ,

Happy New Exploit Kits! (I mean Happy Belated New Year!)

January 22, 2013 at 7:44 am PST

It’s only been a few days since we said goodbye to 2012 and we are already seeing what many predicted for 2013: an increase in the creation, enhancement, and usage of numerous exploit kits by cyber criminals. Cyber criminals don’t take long vacations in December. On the contrary, they “work hard” and make lots of money during the holiday season! These criminals are continuously improving their tools to keep up with us (the good guys) and continue enhancing their “money-making machines.” A real-life example is how cyber criminals were able to quickly incorporate the exploits of the recently found Java vulnerability that I described in a post a few days ago.

Exploit kits make it easy for these criminals because they can easily spread malicious software that exploits well-known and new vulnerabilities. New exploit kits are loaded with some of the most dangerous zero-day exploits and other features that allow criminals to increase their profits.

Read More »

Tags: , , , , ,

Building Trust in the Expanding World of Big Data Retailing

These days, the generation of data has become almost as constant as breathing. With every click or swipe, today’s mobile, hyperconnected consumers exhale an ever-expanding trail of digital details, revealing troves of information about their wants, needs, interests, well-being, and aspirations.

All of that data offers great promise for retailers looking to know their customers in deep, new ways in order to provide carefully targeted products and services. But it is also a source of headaches. Those same retailers are wrestling with a complex new realm of Big Data analytics, where a deluge of information from new sources like video, mobile, and social media threatens to swamp their capacity for processing. That is, if they can properly access those new data streams in the first place.

Read More »

Tags: , , , , , , , , , , , , , ,

Red October in January: The Cyber Espionage Era

January 15, 2013 at 9:02 am PST

Researchers from Kaspersky Lab have released information about a large-scale cyber espionage campaign called Operation Red October (otherwise known as Rocra). The report has garnered the attention of multiple news agencies and generated many published articles since the Kaspersky report has claimed that attackers were targeting hundreds of diplomatic, governmental, and scientific organizations in numerous countries.

These reports indicate that the command-and-control (C&C) infrastructure that is used on these attacks receives stolen information using more than 60 domain names to hide its identity. Furthermore, this information appears to be funneled into a second tier of proxy servers. These are very clever attacks that many are now claiming have been taking place for more than five years! Red October is being compared with other malware that has been associated with cyber espionage such as Duqu, Flame, and Gauss.

Read More »

Tags: , , , , , ,