There’s no question that cybersecurity is top-of-mind for Fortune 500 companies. This, compounded by a significant global security talent shortage, contributes to the burgeoning need for security companies to deliver both a comprehensive technology portfolio and a strong security consultancy service practice.
With this as the backdrop, Cisco is pleased to announce its intent to acquire Portcullis Computer Security, Ltd., a privately held UK-based consultancy that provides cybersecurity services to enterprise clients and the government sector. Portcullis’ range of security consulting services includes assessments to identify vulnerabilities, forensic testing, first responder training to prepare for attacks, policy review and creation, security awareness training, and overall security posture audits. Together, Cisco and Portcullis will provide strategic guidance to our clients to help them with their most difficult security challenges.
Through this acquisition, we increase our ability to offer robust security, risk and compliance services to help clients overcome operational and technical security challenges, anticipate and respond to new threats, and drive new business.
The acquisition of Portcullis also complements the talent and skills Cisco gained through the Neohapsis acquisition earlier this year. Portcullis has a long history of providing security consulting services in Europe, with an extensive customer network, and a respected reputation for penetration testing of web applications and infrastructure. When paired with Cisco’s existing security services portfolio, Portcullis will help accelerate Cisco’s security services business and more quickly expand its security consulting services outside of North America.
The Portcullis team will join the Cisco Security Solutions organization under the leadership of Vice President James Mobley. The acquisition is expected to be complete in the second quarter of fiscal year 2016.
Tags: acquisition, James Mobley, M&A, Mergers and Acquisitions, Risk Management, rob salvagno, security, services
Today, we released the last Cisco IOS & XE Software Security Advisory Bundled Publication of 2015. As a reminder, Cisco discloses IOS vulnerabilities on a predictable schedule (the fourth Wednesday of March and September each calendar year). Last cycle, we began including Cisco Security Advisories addressing vulnerabilities in Cisco IOS XE Software in this publication. This change was a direct result of your feedback, and we hope the timeline and additional “bundling” continues to allow organizations to plan and ensure resources are available to analyze, test, and remediate vulnerabilities in their environments.
Today’s edition of the Cisco IOS & XE Software Security Advisory Bundled Publication includes three advisories that affect the following technologies:
- IPv6 First-Hop Security
- SSH Version 2 (SSHv2)
- Cisco IOS XE Software
You may recall that Cisco announced enhancements to the Cisco IOS Software Checker last year. As my colleague Kevin Saling shared, the tool can display first-fixed software release data based on the combination of Cisco IOS Software releases and Cisco Security Advisories selected. Users can now quickly identify the first release that addresses all vulnerabilities disclosed in the selected advisories. Read More »
Tags: Cisco IOS software, psirt, security, security advisories, vulnerabilities
“It’s our thesis that privacy will be an integral part of the next wave in the technology revolution and that innovators who are emphasizing privacy as an integral part of the product life cycle are on the right track.” —The Privacy Engineer’s Manifesto, 2014
Privacy in an always and increasingly connected world is a complex topic. Does privacy mean the same thing it did 20—or even 10 years ago—before we all used smartphones and social media? How does data that we generate in our connected day tell a story, become monetized, and get purposed and repurposed? How do vendors ensure that privacy is designed into products and services?
These are issues that Michelle Finneran Dennedy, a leading authority on privacy, corporate policies, and the protection of the Internet, is passionate about—and so is Cisco. So I’m very pleased to say that Michelle joined Cisco as Vice President and Chief Privacy Officer today. Simply stated, welcome, Michelle! Read More »
Tags: chief privacy officer, Cisco Security and Trust Organization, security, security and trust, welcome
In so many parts of life, the passing of time is a benefit. Wine and whisky mature, intelligence is gained, and friendships grow stronger. For those of us working in IT security, however, the passing of time brings new challenges. Prolonging the use of older technology exponentially increases risk and the resulting problems can cost more than recommended maintenance/upgrades.
Let’s consider three facts:
- Fact 1: IT is fundamental to the economy, safety, health, and well-being of the world’s societies. Today’s IT systems support everything from advanced medical research to a country’s economic growth.
- Fact 2: Attacks on IT will continue to evolve in terms of efficiency, complexity, and deviousness. The need for better prevention, detection, and remediation recovery from cyber attacks continues to grow.
- Fact 3: IT devices are developed to perform securely within the known constraints and challenges of their launch environment, with flexibility for some upgrades. But at some point, all technology reaches a lifecycle limit. Quite often that limit is less about the device’s ability to “just power up” and more about it doing so securely.
Consider these facts together and what is the conclusion?
Read More »
Tags: Cisco Security and Trust Organization, security
Historically, threat actors have targeted network devices to create disruption through a denial of service (DoS) situation. While this remains the most common type of attack on network devices, we continue to see advances that focus on further compromising the victim’s infrastructure.
Recently, the Cisco Product Security Incident Response Team (PSIRT) has alerted customers around the evolution of attacks against Cisco IOS Software platforms.
Today, Mandiant/FireEye published an article describing an example of this type of attack. This involved a router “implant” that they dubbed SYNful Knock, reported to have been found in 14 routers across four different countries.
The Cisco PSIRT worked with Mandiant and confirmed that the attack did not leverage any product vulnerabilities and that it was shown to require valid administrative credentials or physical access to the victim’s device.
SYNful Knock is a type of persistent malware that allows an attacker to gain control of an affected device and compromise its integrity with a modified Cisco IOS software image. It was described by Mandiant as having different modules enabled via the HTTP protocol and triggered by crafted TCP packets sent to the device.
Note: Cisco Talos has published the Snort Rule SID:36054 to help detect attacks leveraging the SYNful Knock malware.
Given their role in a customer’s infrastructure, networking devices are a valuable target for threat actors and should be protected as such. We recommend that customers of all networking vendors include methods for preventing and detecting compromise in their operational procedures. The following figure outlines the process of protecting and monitoring Cisco networking devices.
We thank Mandiant/FireEye for their focus on protecting our shared customers, and for adding their voice to calls for greater focus on network security.
Tags: cyber security, ios attack, ios compromise, IOS Security, psirt, security, SYNful Knock