Guest Blog Submitted by Filippo Galimberti, Sr. Marketing Manager SP
The industry has been discussing about Virtualization for a quite a while. The adoption is not picking-up as expected. Why? One of the main reasons is too much efforts are still spent on designing and testing a NFV Infrastructure meeting quality and performance requirements. The good news is, we have a solution for you.
Simplify Virtualization, Encourage Innovation, Move faster to NFV by leveraging a ready to go infrastructure
The real advantage of Virtualization for Service Providers comes from the creation of new services faster and more adapted to respond your customer needs. The NFV Infrastructure in the datacentre should be highly resilient and enable you driving innovation. At the same time it needs to be ready to power the new virtualized service offer at scale.
Cisco and Intel NFV Quick Start Initiative creates a unique opportunity for you to access our lab locations worldwide to help speed the test and adoption of your VNFs solutions. Providers can now benefit from a best of breed environment to realize their rapid innovation, achieving the new business models promised by the transformation toward virtualization. The chance to reduce the time for trials and proofs of concept tests from weeks to days is a key to your success.
The potential of virtualization is huge and it’s now! Now is the time to focus on delivering on customers’ expectations building on a solid NFV Infrastructure.
If you are attending the SDN World Congress in The Hague, stop by our booth and see the solution first hand. You also find more information at www.cisco.com/go/nfvi
For 27th time since 1972, a leap second is confirmed for 2016. It will take place on December 31 and to ensure our customers have everything they need to know about this upcoming event, Cisco has published an Information Page on Cisco.com.
Similar to a leap year, the leap second helps bring our tracking of atomic time in line with the Earth’s actual rotation (astronomical time). The key difference is that a leap second is only scheduled when measurement of the earth’s rotation requires it. And the decision on whether to add one is made just six months ahead of the occurrence itself.
As the backbone of the networking industry, we are completely cognizant of the potential disruption this addition of a leap second has on modern computing equipment and devices. To mitigate this risk, a network assessment must be done. In some cases, software updates may be necessary to ensure technology can navigate the scheduled leap second.
There’s never a better time to ensure our technology and customers’ networks are ready. Like in 2008, 2012 and 2015, we’ve set up a cross-functional team at Cisco worked to assess potential impacts and deliver any necessary fixes. As a result, we don’t expect any of our customers to experience major impacts or outages.
Customers should start by checking the Product Information tab of Cisco’s leap second information page. This list details how Cisco products are expected to respond to the 2016 leap second. It also includes links to updates that will be needed for select devices, and a summary list of products with no expected impacts.
The December timing of the 2016 leap second may add some complexity for those companies that experience their busiest period from late November through December. Many companies avoid performing network maintenance during this period, so we recommend that they work to implement the necessary updates as soon as possible.
Over 30 years ago, I had the opportunity to serve as a Community Service Officer (CSO) in the UCLA Police Department. The CSO program allows students to participate in the UCLA campus safety, serving as additional “eyes and ears”. We helped out as field escorts, hospital and resident hall patrol, bike patrol, building security, and even with special events including the 1984 Olympics!
On the eve of the 1984 Olympics, I was on duty patrolling the UCLA hospital adjacent to Westwood village when I responded to a terrible incident on a crowded sidewalk. As one of the first responders on the scene, I used my push-to-talk radio to communicate what I witnessed and heard to the police dispatcher and requested additional emergency responder support for the victims.
1984 was also the year that Cisco Systems was founded. By connecting two disparate networks with a router, Cisco enabled computers to share data as never before. Today, networks are much more than routers, and networks do much more than share data with the Internet and Internet of Things (IoT). The 2016 equivalent of my 1984 push-to-talk radio is capable of more than ever before, and Cisco’s innovation in public safety doesn’t stop there.
Safer Communities in the Digital Era
Today, the digital network architecture provides the platform to help public safety organizations with
Real-time situational awareness
Intra-agency communication and collaboration (voice, data, and video)
Data analytics and information sharing
Increased community engagement and stakeholder outreach
The main objectives of public-safety organizations are to keep citizens, communities, and public spaces safe; with faster response, improved operational efficiency, and reduced costs. The challenges in public safety and emergency response are becoming more complex, and expectations are rising higher. There is increasing demand for critical communications across a growing spectrum of voice, data, and video. In a crisis situation, every second counts. Potentially life-threatening situations change in a heartbeat, and decisions must be made in seconds.
Today, the community plays a critical role as bystanders are often the first responders using smartphones and social media providing high definition video, photos, and information in real-time.
The role of community policing is more important than ever to help encourage trust, engagement, and best practices for safer communities. During National Community Policing Week, it is important to bring together our communities and build trusted partnerships to help address the challenges in our communities today.
Community policing recognizes that law enforcement cannot solve public safety problems alone and encourages interactive partnerships with relevant stakeholders — including community groups, nonprofits, faith-based organizations, and businesses. This active collaboration can improve public trust and fortify relationships, which not only advances public safety, but also deepens social connectivity and creates lasting solutions to challenging problems we face every day.
In my experience as a CSO at UCLA, I acted as a liaison between students and the UCPD and assisted with outreach activities. The UCPD knew that we needed to recognize community stakeholders and grow in our communities in college campuses, cities, and countries around the world for the sake of a safer society. This need persists today.
The IACP Cisco Community Policing Award recognizes best practices worldwide including this years winners and finalists from Canada, India, United Arab Emirates, and the United States.
Award winners will be honored at the IACP’s 123rd Annual Conference and Exposition in San Diego, California, and Cisco is excited to be attending this event. We’re looking forward to engaging with influencers in the community policing space, as well as the larger public safety industry. There’s never been a better time to work towards a safer community.
What are your best practices for community safety? Comment below and let us know!
As we enter Cybersecurity Awareness month, it’s an appropriate time to closely examine the specific security threats that retailers and hospitality providers face each and every day. In these industries, the overall “attack surface” is becoming dramatically more complex and hackers are more sophisticated than ever before. “Protect now or pay later” should be your watchword, as problems that exist today will only become worse as hackers continue to adapt to current security strategies.
Some of these threats have arisen due to changes in the hacker environment – for example, the emergence of the most recent ransomware attacks. Others are inevitably part of the transition to the digital age: As more information goes online, it is more vulnerable to certain types of threats. The challenge is to align networks, systems, and company cultures to support secure practices in this new arena while allowing your business to achieve – and offer to customers – the many efficiencies and benefits of digitization and automation.
Currently, we can identify the top five digital threats as follows:
Ransomware Rising
Like malware, ransomware is growing and spreading to mobile devices. Ransomware is a form of attack in which hackers lock up parts of the organization’s system and charge a ransom to release it. Unlike malware, ransomware makes it more difficult for the crook to get caught since they are not stealing credit card numbers or other sensitive data that has to be transacted upon to reap the rewards. Large retailers are becoming prime targets for ransomware, for if the hackers capture and encrypt enough sensitive data, companies are forced to pay significant ransom fees to get the data back. Reports show that many times after paying the ransom, the data is not retrievable and the company has lost the information regardless.
Mobile Madness
Smartphones are replacing the PC these days, and mobile malware is spreading quickly via the wireless network. High-demand consumer usage in stores along with employee usage in offices and distribution centers creates greater vulnerabilities, which are sprawling in scope and complexity. Smartphone penetration is making it harder to secure and manage Wi-Fi networks for guests and employees.
Infusion of IoT
Next-generation customer experiences leverage the “Internet of Things” to create convenience and satisfaction among shoppers – in other words, retailers are pursuing a digital transformation that relies on a network consisting of many different devices including your systems, in-store cameras, sensors, and the shoppers’ smartphones. However, the devices that connect consumers to networks also increase the number of customer touchpoints, integration intersections, and personal data that must be secured. Devices leveraging digitization also create a vulnerability that invades your mobile apps, websites, or beacons.
Gnarly Networks
If primary security measures are not being met within systems and network infrastructure, focusing on more sophisticated protection for advanced threats is throwing good money after bad. Securing the network from end-to-end has never been more crucial in today’s digital landscape. Retailers who continue to rely on outdated or end-of-life hardware, operating systems and software introduce the kind of security vulnerabilities that hackers love. Those who invest in PCI compliance and rigorous lifecycle management practices layered with best-in-class security solutions are the ones who sleep well at night.
Daunting Data
Storing and securing sensitive data drives up costs for retailers due to the increase in consumer-driven data analytics and transactions, and it continues to rise. The number of consumer touchpoints, from omnichannel outreach or a mobile app to the beacon or POS at the store level, increases your security vulnerabilities and demands to protect data privacy. As well, you can use customer data to achieve new insights from analytics that will help you to create a better customer experience.
The benefits of digitization – including cost savings, new revenue streams, improved customer services and experiences, better staff management, and much more – are many. However, security must be part of the transformation conversation, helping to protect both traditional data sources and the new ones that expand in your digital infrastructure. Over the next few months, I’ll address each of these important issues in more detail, discussing what you need to consider to put together a roadmap to secure your business.
What are the main security concerns among your store or property? Let me know in the comments below.
Last week the Big Data and Analytics world was focused on New York City as the annual Strata+Hadoop World event took place. Cisco, as is the norm these past few years, was one of the many sponsors of the event. With our sponsorship came various opportunities, one of which was the ability for us to present a short keynote to the Strata+Hadoop audience.
It’s this Cisco keynote, a short 5-minute story presented by Cisco UCS Marketing Director Todd Brannon, that I want to highlight in this blog. Our story is a quick synopsis of Cisco’s involvement at the recent Rio Olympics – a true Olympic-sized example of Big Data and Analytic use cases in action.
Technology had a major impact on the 2016 Olympics at all levels
No matter how much pest prevention we do around our house, inevitably we’ll find a pest (or maybe even a lizard) in the house every now and then. It’s Florida.
Real pests vs. intrusive, hostile or malicious computer code. Obvious? Maybe. Similar? You bet.
In both situations, you react in either of two ways. The first option is to scream at the top of your lungs, freeze in panic and stare at it as scurries across the room or your computer screen. That is certainly the tactic my children like to take and it is probably not the most effective.
The second option – the way Cisco opts to approach it is with Advanced Malware Protection (AMP). AMP not only prevents malware, but also detects, contains and removes advanced malware too. Quickly. Not only can AMP detect malware but it can show where it came from, where it’s been and what it’s doing.
I started thinking about the critters that sneak into my house and what they have in common with malicious computer attacks. What was the chain of events that lead this outsider inside? What does it want to do in in my house? To watch TV? To play with my kids’ toys? To enjoy the air conditioning? Why does it want to be in here with my 2 and 9-year olds instead of outside with his friends? While I think about this I also wonder what’s motivating hackers to lurk inside a company’s computer systems? Or worse, my computer!
If I only knew what they were thinking, I would be able to target intrusions in a different way. Perimeter-based defenses alone can only do so much. Standalone signature based detection tools are inexpensive and equally inefficient. By moving to threat-centric security models, we gain visibility and control allowing your customers to act smarter and more quickly at all stages of an attack.
Can you say the same for other security solutions?
We’ve taken this comprehensive and scalable approach and packaged it into Cisco AMP for Endpoints, making it simple for your customer to understand – cutting down the learning curve to close a sale.
That’s something our competitors can’t do.
Not only does AMP strengthen your customer’s security defenses by providing an unprecedented level of visibility but it also provides you with entirely new service-based revenue streams – breach prevention, investigation and incident response.
What you can do right now to protect your company from malware.
Get a front row, virtual seat, to hear more about our security portfolio and what it can do for your business and your customers. Register now for Virtual Partner Summit.
This blog series explores how Cisco helps before, during and after a security breach as well as supply chain breaches. Learn how to take advantage of Cisco’s security product sales incentives and how to best market them. Come back next week to learn how Cisco helps you after a security breach.
It’s that time of year again: baseball playoffs. The top teams in both leagues are squaring off against one another this fall. One of the charms of baseball is that the best players make the game look easy. But it’s more difficult than it seems—especially hitting. Continue reading “Can You Handle a Manufacturing Knuckleball?”
Effectively protecting your assets increasingly involves effective threat intelligence to better understand the types of attackers targeting your sector, and what your vulnerabilities are. Lack of any threat intelligence at all, or even the foresight to use Google and Twitter to spot fake scams trending in top results can result in a company being one of the unfortunate victims paying out to one of the copycat DDoS threats making the rounds early in 2016, or to the even more recent Ranscam encrypting malware found to not release a victim’s files after a ransom is paid.
Recent studies have shown a significant uptrend in the percent of phishing campaigns being used to deliver ransomware. The combination of being used as an entry point for credential-stealing malware, Internet links designed to steal credentials, DDoS threat messages, and ever-increasing amounts of ransomware threat, clearly makes email one of the largest attack surfaces of an enterprise.
Protecting our assets from these threats begins with our Email Security Appliance, (ESA) designed to filter based on email volume, and other heuristics associated with spam and phishing campaigns. ESA is known to be effective in blocking over 99% of spam and phish emails. That leaves enterprise defenders with less than 1% of threats to deal with, but that remaining fraction is getting increasingly effective with more well-crafted spear phishing messages. These spear fishing campaigns target users with accurate branding logos, victim names, and messages that appear to be legitimate.
Instead being content that your spam/phish appliances are blocking 99%+ of phishing threats, and continuing to blindly deal with what may slip past controls, you could be using the data from your spam/phish quarantine to help bolster your defenses. The data in the phishing messages for recipients, subjects, and message bodies could be used to learn more about what type of threats are targeting your company, how to more effectively tune controls, and maybe most importantly, to serve as a method of early warning system for potential breaches of third parties your company is doing business with.
Targeted spear phishing campaigns stay under the radar of the spam controls, often by using smaller lists of valid email addresses purchased for a target organization in a campaign. These lists can be from a variety of sources including data from previous data breaches. Protecting your organization from the remaining 1% of targeted phishing campaigns not caught by blocking appliances requires a defense-in-depth strategy such as the one outlined in this Cisco whitepaper.
Part of a defense-in-depth strategy for your entire organization can be enriched by better understanding the threats facing you. By knowing more about the attackers’ tactics, you can better inform and prepare users, and by knowing more about who is being targeted in your firm, you can wrap further protections around them. Using spam data sets to generate metrics on the subject line and message body allowed the Cisco Midyear Security Report to show how successful emails with “invoice” themes were so far this year.
If your organization conducts phishing awareness to help employees become more secure, how much value could be added by producing metrics like these to tailor the training to stay ahead of current threats? October is National Cyber Security Awareness Month. If your organization does not have any phishing awareness training in place, you can get started in the right direction using the free online phishing awareness test by Cisco’s OpenDNS to learn about commonly identifiable tactics used by scammers.
What could your organization learn by extracting the recipient data for each phishing campaign noted by subject and message body, or payload similarity? How about if those recipients were bucketed by work group, types of access, or at an even deeper level, by what third parties they have been working with for activities such as closing sales, merger talks, and services?
If the same buckets of employees are ending up in targeted phishing campaigns fairly frequently it might be time to wrap more monitoring around those situations, examine the possibility of a third party they are working with being part of a breach where those employee email addresses could have been learned, or just as a warning that the deals they are working in are the subject of scrutiny by someone willing and able to employ phishing/malware to gain an edge.
We all have birthdays – but not all birthdays are celebrated the Cisco way.
One of the perks of being a Cisco employee is that the company recognizes that your birthday is an important day for you.
So to help you celebrate, Cisco employees get to take a day off for their birthday to have a party, spend time with family or take a vacation. It’s an annual holiday to celebrate you!
Additionally, some Cisco teams take birthdays very seriously. It’s a moment for some birthday fun with colleagues. This is the story of my friend Emma’s birthday.
I first met Emma through the IT Buddy program within Cisco IT. This program exists to help new college graduates transition from college life to corporate life while building a sense of community.
Early in career employees, or those within five years of their career journey, are paired with the new hires to help them during the transition and serve as a resource as they begin their path. The guidelines are minimal so the level of engagement is up to the buddy to decide. As time progressed, we jokingly referred to each other as ‘big’ and ‘little’ to mirror the Greek systems found at universities. In doing so, this led to a stronger mentorship bond. I found myself acknowledging both professional and personal milestones. After getting to know Emma better, I realized one of her annual traditions was a big celebration with friends for her birthday.
Emma Liu’s birthday in 2015 (left) and 2016 (right).
At our office at the Cisco Systems Headquarters in San Jose, we have started a small tradition of our own. Whenever one of our colleagues has an upcoming birthday we will arrive after normal working hours to decorate their desks.
Emma was one of the first to experience this surprise. In fact, her first year she had 3 separate groups decorate her desk throughout the course of the eve of her birthday! Fortunately, we all chose to go with pink as the color to be used.
Clearly, we like to have a little fun around here, but we also do some serious work. But the good thing is, that’s fun too!
I am just celebrating my third #Ciscoversary and Emma just passed her second #Ciscoversary! (We commemorate those, too!) Currently, I am as Business Systems Analyst and part of the Cisco Commerce Acquisition Integration team where I am the lead Project Manager for Meraki driving product integration onto our commerce platform enabling global orders and distribution. This is a great role because it is an important driver for Cisco’s revenue growth and has added an exciting line of products to our existing product portfolio.
Emma is a Business Systems Analyst on the Business Operations and Strategy team in Cisco Commerce. She is a project manager and has worked with teams on creating a tool to streamline and automate the Balanced Scorecard collection process in Commerce. One of her other projects is a tool used to track and report key financial information for quarterly financial reports.
As you can see, early in our careers we have been able to make a big impact across the company.
Over time, our buddy ‘family’ has grown with Emma becoming a mentor to other new hires and interns. The birthday tradition continues and celebrating accomplishments is one of the many ways we engage one another. Transitioning from college life to a professional career can be a challenge but with the help of the IT Buddy program there’s never been a more exciting time to launch your career at Cisco!
