Avatar

This week TriplePundit featured Cisco Corporate Affairs Senior Director Kathy Mulvany in its series on leading female CSR practitioners. Read the complete interview below. Thanks to TriplePundit for permission to republish this interview.

Kathy Mulvany_personal photoTriplePundit: Briefly describe your role and responsibilities, and how many years you have been in the business.

Kathy Mulvany: As senior director of corporate affairs, I’m responsible for helping to steward Cisco’s overall corporate social responsibility (CSR) strategy, build awareness of our CSR programs around the world, and engage with a broad set of stakeholders including customers, shareholders, governments, nonprofit partners and advocacy groups. Within Corporate Affairs, I oversee a number of teams, including CSR strategy and planning, marketing and communications, the Cisco Foundation and corporate grant making, CSR reporting and stakeholder engagement, as well as our veterans program.

I’ve been a part of Cisco’s Corporate Affairs organization for seven years and with Cisco since 1996. One benefit of working for a large corporation is that I’ve had the opportunity to move around within the business, which keeps it fresh while broadening my expertise and professional network. Having worked in various Cisco organizations over the years, including Corporate Marketing, Latin America Marketing and Office of the Chairman and CEO, I can honestly say I’ve found my passion in Corporate Affairs with CSR.

3p: How has the sustainability program evolved at your company?

Continue reading “Cisco’s Kathy Mulvany Featured in Women in CSR Series”



Authors

Alexis Raymond

Senior Manager

Chief Sustainability Office

Avatar

The Great Correlate Debate

SIEMs have been pitched in the past as “correlation engines” and their special algorithms can take in volumes of logs and filter everything down to just the good stuff. In its most basic form, correlation is a mathematical, statistical, or logical relationship between a set of different events. Correlation is incredibly important, and is a very powerful method for confirming details of a security incident. Correlation helps shake out circumstantial evidence, which is completely fair to use in the incident response game. Noticing one alarm from one host can certainly be compelling evidence, but in many cases it’s not sufficient. Let’s say my web proxy logs indicate a host on the network was a possible victim of a drive-by download attack. The SIEM could notify the analysts team that this issue occurred, but what do we really know at this point? That some host may have downloaded a complete file from a bad host – that’s it. We don’t know if it has been unpacked, executed, etc. and have no idea if the threat is still relevant. If the antivirus deleted or otherwise quarantined the file, do we still have anything to worry about? If the proxy blocked the file from downloading, what does that mean for this incident?

This is the problem that correlation can solve. If after the malware file downloaded we see port scanning behavior, large outbound netflow to unusual servers, repeated connections to PHP scripts hosted in sketchy places, or other suspicious activity from the same host, we can create an incident for the host based on our additional details. The order is important as well. Since most attacks follow the same pattern (bait, redirect, exploit, additional malware delivery, check-in), we tie these steps together with security alarms and timestamps. If we see the events happening in the proper order we can be assured an incident has occurred.

 

Continue reading “To SIEM or Not to SIEM? Part II”



Authors

Jeff Bollinger

CSIRT Manager

Infosec CSIRT

Avatar

Needle and thread. Fire and wood.  Peanut butter and jelly.  Just a few things that are essential together so that you can sew, keep warm and well, is just yummy.  So what happens when the data center-class server blade for the branch meets applications?  That’s the topic discussed in the 2nd episode of the Inside the Branch: UCS E-series episodes.

Last week was the series premier of our 5 part series on UCSE.  Hugo and Jay discussed the basics of the product and some key facts we should know.  In this episode, Hugo met with Vidya, our guru in charge of Cisco applications for UCSE.

Continue reading “UCS E-series Meets Applications | Inside the Branch”



Authors

Allison Park

Product Marketing Manager

Enterprise Networks

Avatar

I’m happy to report that Cisco UCS Director (formerly Cloupia) has been selected as a finalist for the 2013 Storage, Virtualisation & Cloud (SVC) Awards!  Please take a moment and vote for UCS Director at http://cs.co/SVCAward.

SVCThis finalist nomination recognizes the innovation and differentiation that Cisco UCS Director provides for end-to-end converged infrastructure management — including automation for both virtual and physical resources across compute, network, and storage.

The video below provides a good overview of Cisco UCS Director and its benefits for IT organizations:

 

https://www.youtube.com/watch?v=q-NX772MR78&list=PLA0164FAC1A432DE2&index=8

The sweet spot for Cisco UCS Director is in managing converged infrastructure based on Cisco’s Unified Computing System (UCS) with Cisco Nexus switches and third party storage — focusing on our market-leading integrated systems including the FlexPod solution with NetApp, as well as VCE’s Vblock Systems and our VSPEX solutions with EMC storage.

But the beauty of Cisco UCS Director is that it can also manage heterogeneous environments, including non-Cisco infrastructure and multiple hypervisors. Whether you call it your single-pane-of-glass or one ring to rule them all, it’s a highly innovative and comprehensive infrastructure management solution for your data center operations.  These capabilities and more are highlighted in the award nomination which you can read here.

Continue reading “Cisco UCS Director is Nominated for a ‘Storage, Virtualisation and Cloud (SVC)’ Product of the Year Award!”



Avatar

“Cisco applauds introduction of the Innovation Act,  legislation which aims to address the growing problem of patent assertion entities, often called patent trolls.

“According to a new study released this week, the problem is getting worse.  Nearly 60 percent of new patent lawsuits are being filed by patent assertion entities, up from 25% in 2007.  They are targeting legitimate businesses with threat letters and costly lawsuits, in the hope for a quick and easy settlement.  According to one estimate, these profiteers cost American businesses $29 billion in 2011.  This is a problem that cries out for legislative action.

“The legislation introduced today by Chairman Goodlatte and others goes a long way toward addressing the issues.  It helps dry up the financial incentives that have allowed patent trolls to thrive and significantly increases transparency.

“We stand ready to work with Chairman Goodlatte and his cosponsors as the bill moves through the legislative process, and we are especially grateful for the support of Cisco’s local Representatives Eshoo, Holding and Lofgren for their cosponsorship of this important legislation to address a major challenge faced by America’s technology industry.”



Authors

Mark Chandler

Retired | Executive Vice President

Chief Legal and Compliance Officer

Avatar

Late October is the start of the colorful fall season in East Coast and taking a ferry ride up the Hudson river in Big Apple is a photographer’s delight. Not to mention the vibrant Greenwich Village Halloween Parade, with hundreds of people dressing up in outrageous costumes. While you are enjoying the scenery, come meet our good Cisco folks talk about writing SDN Applications on controllers at the Open Network User Group (ONUG) event on October 29-30 hosted by JPMorgan Chase at their New York City headquarters.

On both days, we are giving a live demo of the Extensible Network Controller (XNC) and specifically, the Latency Optimized Forwarding application. This is a very good opportunity to see live, how the network administrator can easily and transparently create a custom forwarding path through the network. Moreover, on Day 1, we have Chris Marino giving a presentation on OpenStack Networking: Software Defined Networks in cloud environments. All around, it is a wonderful opportunity to interact with the Cisco team to get insights into how to implement SDN in your Data Centers in a low risk way.

Hope to see you there and good luck if you are running the world famous New York City Marathon on Nov 3rd !

To learn more about XNC, please visit http://www.cisco.com/go/xnc

To learn more about ONUG and event agenda, please visit http://opennetworkingusergroup.com/

 

 



Avatar

It didn’t take long, but soon after the Los Angeles Unified School District began their rollout of some 650,000 iPads to their students, they ran into some technical issues. Students in at least one of LAUSD’s high schools quickly discovered a way to bypass the security on the devices. Still in Phase 1 of the program, only 15,000 of the devices have been given to students, but already the District has suspended home use of the iPads due to the security issues. According to reports, LAUSD had been using software that “lets school district officials know where the iPads are, and what the students are doing with them at all times. This software also lets the district block certain sites, such as social media favorites like Facebook.” There are now questions circulating around whether the LAUSD staff was well prepared for these devices and their implementation, and what is going to be done moving forward to continue the rollout and secure the iPads.

student using mobile device

In my previous article I wrote about how educational staff need to be prepared to properly utilize iPads in their classroom. IT staff responsible for managing these iPads should also receive the proper training and preparation. What’s interesting to note here is that, at least in my experience, Apple’s stance on iPads in education is generally fairly hands-off. They recommend managing or locking down the iPads as little as possible. The idea here is that these are best served as single user devices and the best experience for the student is full ownership and manageability of the iPad out of the box. iPads aren’t meant to be used like a rolling cart of laptops going from room to room. They don’t support user profiles and managing or locking down the iPads introduces more complexity than is needed.

You want to protect the investment in these devices from theft, and prevent students from accessing inappropriate content, but if you are planning on allowing the students to take these devices home, you can only go so far. As evidenced from the LAUSD issue, students quickly discovered the iPads were so locked down they couldn’t use them at home, so they found a way to delete the configuration profiles which essentially removed any of the locks or restrictions on the iPad. Some students even went so far as to offer ‘unlocking’ service for $2. Quite the entrepreneurial spirit!

Now, it’s a daunting task for any IT department of any size to introduce over half a million new devices under your umbrella of responsibility. Add to this, that depending on the MDM solution chosen, each of these iPads have to be unboxed and configured before being handed to a student. Now, when something goes wrong they have to be collected, and reconfigured. It stands to reason that Phase 1 will remain a trial phase until some of these issues are worked out. Continue reading “Los Angeles Unified School District – Hack the iPads!”



Authors

Rob Coote

System Analyst

Northern Alberta, Canada

Avatar

Does BYOD really mean that my device will become the company’s device? Do I control my private data or does my employer? How can I make sure I maintain a work-life balance when my personal device is also my work device? Will my company support any device I choose?

Some of these questions might seem familiar as more business employees consider adding their own device to their company’s network. These questions also represent an important part of a comprehensive mobile strategy: User buy-in.

Brett Belding BYOD - without headerRecently, I read an interesting CIO article by Adam Bender that highlighted the importance of getting employees on board when implementing a BYOD policy. The article discusses that according to Frost & Sullivan analyst, Audrey William, many employees are worried that they won’t be able to control data on their device once they begin using it for work. In addition, William states that employees are also concerned about the lines blurring between work and play when both personas are merged onto one single device.

Although the concept of BYOD is not new, these concerns have important consequences in our networked world. So, what’s the answer?

An honest, safe, and secure MDM solution and effective policy communication. Continue reading “Honesty is the Best BYOD Policy”



Authors

Brett Belding

Senior Manager

Cisco IT Mobility Services

Avatar

Welcome back to Season 4 of Engineers Unplugged! The whiteboards are shiny and new, and the markers are fresh. We have some incredible episodes lined up for this season, featuring multiple languages, countries, and guests new and returning.

To kick off the season, we’re changing the pace a little bit, stepping away from the whiteboards, with a special episode that highlights one of the EU mission statements: actionable information from and for the community.

Community Building! Amy Lewis interviewing Fred Nix at VMworld Barcelona. (photo credit: Nick Howell)
Community Building! Amy Lewis interviewing Fred Nix at VMworld Barcelona. (photo credit: Nick Howell)

Today’s guest is Fred Nix (@nixfred), who works with a team at EMC to onboard SEs. He takes us behind the scenes of how they do it with methods you can apply to a company of 40 or 40,000. It’s a great story, let’s roll the clip:

Thanks to Nick Howell (@that1guynick, http://datacenterdude.com) for the photo. Keep us posted with who you’d like to see on the show, and the topics you’d like to hear discussed. The hotline is open!

Welcome to Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:

  1. Episodes will publish weekly (or as close to it as we can manage)

  2. Subscribe to the podcast here: engineersunplugged.com

  3. Follow the #engineersunplugged conversation on Twitter

  4. Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja

  5. Practice drawing unicorns



Authors