Year: 2016

August 13, 2016 1 Comment
Avatar

Becoming a “Retailer of the Future” with Customer Experience

More than ever before, today’s consumers have more options about what to buy and where to buy it. With each interaction, they choose which retailers they support with time, attention, personal data, dollars and social capital. That’s no small investment to make, and as a result customers turn to retailers and brands that not only sell the products they want, but deliver the end-to-end experience they want.

Working with our research partner PSFK, Inc., Cisco has identified four key capabilities that support the customer experience while enabling today’s digital transformation. We discuss these capabilities in a recent joint paper on the “Retailer of the Future.”

1. Customer Mobile Experience

Today’s retail industry is shifting from how to acquire customer data to how to extract insights from it – insights that can be turned into differentiation and competitive advantage for the retailer and a better experience for consumers. Customers can shop more efficiently, get mobile help when they need it, receive targeted offers, and gain immediate access to product information. The data you gather also helps to build strong, long-term relationships with shoppers, while respecting trust boundaries, and increasing your revenue opportunities.

2. Associate Productivity

One of the key opportunities of digital transformation is the chance to reduce operating costs by improving staff performance. Today’s mobile capabilities don’t only serve your customers – they also enhance the quality and efficiency of the workforce experience. These associate productivity solutions help create an optimized work environment staffed by productive, agile personnel who work from anywhere and collaborate within and outside your organization.

3. Security

It’s said that there are just two types of companies: Those that have been hacked, and those that just don’t know it yet. Retail stores are among the most vulnerable targets for hackers. In such an environment, retailers must take extraordinary measures to protect customers, associates, and stores. A strong, multi-layered defense of data, networks, and devices not only helps to protect your operation, but it spares you the high cost of the damage to the brand and its reputation.

4. Unifying Retail

In this digital age, you must balance customer demands for more personalization and digital services, operational demands, requirements for unified commerce and opportunities for new stores or formats. Unified computing platform address this challenge by consolidating and running critical store functions on a single, integrated system. Services may include security, mobility, networking, video on-demand, video surveillance and loss prevention, cloud connectivity, wireless, retail applications, and many others.

Becoming the Retailer of the Future

Utilizing these four capabilities enables the “Retailer of the Future”: Enterprises that have transformed shopper experiences, platforms, and cost models to completely disrupt their business. Building on a foundation of differentiation and innovation, you are positioned to capture the hearts and minds of today’s shopper. Loyalty becomes synonymous with membership, offering access to a broader set of services, perquisites, and connections.

To learn more about current trends and how you can implement the customer experience, please download our new paper “The Future of Retail.”
https://www.youtube.com/watch?v=M1MPiFEJ0S8&list=PLE122E9E4108CAEBE&index=5

Authors

Avatar

Brian McDonald

Global Retail & Hospitality Industries Marketing Lead

Private Sector Industry Marketing

August 12, 2016 5 Comments
Avatar

Cybersecurity for Defense: Insider Threat Part 2

In my last blog post, I discussed what an inside threat actually means in the cybersecurity world and why it is so important for the Department of Defense to pay attention to. Now, I’m going to dive a little deeper into tools that DoD and other government agencies can use to help protect its networks and the sensitive government information they contain from insider attacks.

Previously, I went over the three prongs of the Insider Threat Task Force (ITTF)’s baseline requirements: 1) human intelligence, 2) training, and 3) monitoring. All three used together make up an equation to help agencies stay on top of insider threats. For me, the most important part of that equation is achieving comprehensive visibility into what is actually on the network – not what agencies think is on the network. I have long been a proponent of traffic analysis, from my earliest days as a network engineer and even more so now as a security professional.

If you look at currently U.S. Government-mandated technologies, the two most commonly used to achieve network visibility are Full Network Pack Capture (PCAP) and the Security Information and Event Management (SIEM) platforms. Both PCAP and SIEM are very powerful platforms, but each have inherent limitations.

Security Information and Event Management (SIEM) platforms provide near real-time analysis of security alerts generated by network hardware and applications. They are relied upon by analysts to create situational awareness and a general overview of the state of the enterprise. As powerful of a tool as the SIEM can be, it has a couple of major flaws. Out-of-the-box, the SIEM can only collect events data (syslog) and has no understanding of what those events actually mean or how they relate to each other. To make sense of that data requires a highly skilled individual that understands both the inner workings of the SIEM platform and the environment that they are trying to monitor. The second major problem is the syslog itself, because it is limited to only known threats.

PCAP data is another powerful tool to troubleshoot application performance issues or dig into data exfiltration event details. Most network engineers rely on a network PCAP tool as a go-to platform to debug unusual issues on the network, and DOD security professionals rely on PCAP to rebuild session information around suspect activity on the network. However, PCAP tools are often limited because they can only see what traffic is being redirected to them, as opposed to all traffic (internal and external) that actually moves across the entire network. PCAP platforms are most commonly deployed so they only provide a very narrow view of the network, which, in most cases, is only where data enters and/or leaves the network.

So if both PCAP and SIEM have shortcomings, how do analysts get the comprehensive visibility needed to keep an eye on their network? One way is to deploy probes throughout the network, a better way and a far more cost-effective way is to use the network itself as a very power sensor grid. By simply enabling a tool such as Cisco NetFlow on your current network infrastructure, the network transforms from its traditional role of moving packets around the network to a powerful sensor grid. It becomes a network-as-a-sensor.

2

NetFlow provides some very powerful functionality:

  • A trace of every conversation in your network
  • An ability to collect records everywhere in your network (switch, router, or firewall)
  • Network usage measurements
  • An ability to find that is entering and leaving the network as well as traffic that never leaves the network.
  • Lightweight visibility compared to Switched Port Analyzer (SPAN)-based traffic analysis or Network TAP based security solutions.
  • Indications of compromise (IOC)
  • Security group information

With a platform that can leverage that flow data, such as Cisco StealthWatch, agencies can then easily identify what is on the network and have an early warning system in place to cut off the suspect activity.

Why is it so important for your agency to have these tools? One in four of all security breaches are caused by malicious insiders. In today’s environment, the question is not whether your network is going to be breached – agencies should assume malicious actors are already inside. The real question is how to minimize the damage.

We as an industry continue to try to outthink and out-engineer the bad guys. Unfortunately, the bad guys heavily outnumber the good guys in both numbers and resources. While it is imperative we continue to guard the gates and make getting in as difficult as possible, federal agencies like the DOD must also shift from just looking at the perimeter to focusing on what is going on in their own backyards. If there is one thing to remember, it is that visibility is the key to garnering real-time intelligence and the catalyst for properly identifying and remediating threats. Agencies should keep this in mind when evaluating potential solutions for addressing insider threats.

Authors

Avatar

Michael Reed

Security Engineering Manager

Cisco StealthWatch - Federal

Leave a Comment
Avatar

Vulnerability Spotlight: Rockwell Automation MicroLogix 1400 SNMP Credentials Vulnerability

This vulnerability was discovered by Patrick DeSantis.

Description

Talos recently discovered a vulnerability in Allen-Bradley Rockwell Automation MicroLogix 1400 Programmable Logic Controllers (PLCs) related to the default configuration that is shipped with devices running affected versions of firmware. This vulnerability is due to the presence of an undocumented SNMP community string that could be leveraged by an attacker to gain full control of affected devices and grants the ability to manipulate configuration settings, replace the firmware running on the device with attacker-controlled code, or otherwise disrupt device operations. Depending on the role of the affected PLC within an industrial control process, this could result in significant damages.

In addition to the default, documented SNMP community string of ‘public’ (read) and ‘private’ (read/write), an undocumented community string of ‘wheel’ (read/write) also exists, which enables attackers to make unauthorized device changes, such as modification of settings or conducting malicious firmware updates. It is possible that this community string allows access to other OIDs, however Talos tested specific use cases.

Read More >>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

Leave a Comment
Avatar

Thunder Down Under – F5 Agility rolls into Melbourne and Sydney

In a few weeks Spring season will set in, and it’ll be a Ripper Down Under. For the IT technology geeks there is plenty of action in store to celebrate the onset of Aussie spring. I am talking about F5 Agility 2016, that is about to rock Melbourne (Aug 16) and Sydney (Aug 18).

australia-1

After making a big splash in Vienna and Chicago in recent months, F5’s premier event is ready to rock and roll in Australia and herald the spring. Just last week, I was at F5 Agility, Chicago. It was an electrifying experience meeting customers and partners of Cisco and F5 and culminating in a powerful guest keynote by Mike Ditka, the legendary football coach and TV commentator. Mike’s passion to help individuals attain their personal and professional goals is totally extra-ordinary and most of us attendees were privileged to listen to him that day. That speech has super charged me to last for a long time, and in that mindset, let me switch context to F5 Agility, Melbourne Aug 16, and Sydney Aug 18.

australia-2

The agenda for both these events are identical. We have a packed set of activities from early morning till late evening. We are going to hear F5’s leaders, customers, and partners share how the latest solutions from F5 are transforming what’s possible for today’s organizations. In about two year’s time Cisco ACI and F5 partnership has demonstrated significant success in our joint solution momentum and customer adoption. I am pleased to invite you all to attend this premier industry event in Australia and get insights on how F5 and Cisco are bringing the power of cloud, security, data centers, converged systems, and as-a-Service together to enable fast, efficient, and secure application delivery in today’s challenging hybrid environments.

australia-3

F5 Exec and EVP of Worldwide Sales John DiLullo will deliver the keynote, articulating the Cloud story, in particular highlighting how an app-centric strategy helps companies maintain control over applications in the cloud by extending the same availability, performance, and security services across environments. Joining the keynotes from Platinum sponsors Cisco and Intel is Hugh Ujhazy, IDC’s  Associate Vice President of Australia Research who will present findings from local research on attitudes to Cloud adoption etc. We then have an F5 customer presenting on how they have transformed their strategy, infrastructure and ultimately their organization to take advantage of the Cloud.

Following the keynote, Cisco Exec Daniel McGinniss will be hosting the Plenary, Platinum Sponsor session titled “Deliver Application Agility with Cisco Application Centric Infrastructure (ACI)”, 11.00 am local time. What’s unique about this Breakout Session?  Daniel will discuss the challenges companies face to achieve successful digital transformation, and how the ability to develop, deploy, and fine-tune applications is critical in that journey. Daniel will then introduce Cisco ACI, an open, scalable, programmable SDN solution that helps address these infrastructure challenges. Then he will illustrate how Cisco ACI enables rapid application deployment, reduces cost and complexity via a unified policy approach, delivers compliance, and accelerates customers along their cloud journey. Daniel’s session at Chicago on this topic was a sell-out one and was rated as one of the top sessions at the event. So, do not miss his session.

For the technically oriented among you, we also have a number of technical breakout sessions hosted by F5 and its Partners. These sessions cover Security, Cloud in detail along-with other emerging Data center topics.

That is not all. Cisco ACI brings you additional customer engagement opportunity in the solutions expo hall. We are featuring cool demos showcasing our joint solutions namely, ACI -F5 BIG-IP and ACI – iWorkflow on both Aug 16 and 18, during the expo hours. Stop by the Cisco booth where product experts are available to engage in white-board illustrations to give you a deep-dive. Should you desire, we are happy to meet you in 1-1 meetings, so let us know how we can enrich your experience at the event

For all the hard work we all do at the event, there is plenty F5 offers to let us relax and enjoy. Rounding off the event, will be a networking reception in the solutions expo featuring live music and a sample of the best of local Australian produce! As for me, I am planning a visit to the Opera House, Bondi beach, Eureka Skydeck to name a few.

I am eager to see you all in Australia next week. There are some useful links for you to check out before your visit on how Cisco ACI and F5 work together on the innovation front.

For more information, Visit www.cisco.com/go/acif5

https://interact.f5.com/Agility2016ANZ—KeySpeakers.html

Authors

Avatar

Ravi Balakrishnan

Senior Product Marketing Manager

Datacenter Solutions

August 11, 2016 Leave a Comment
Avatar

Why I only buy Acura (and how it’s relevant to your sales and support strategy)

I bought my first Acura for two reasons: it was a good price and I trusted the seller.

What made me fall in love with my Acura – and become a die hard loyalist to the brand – has absolutely nothing to do with the price, the sales guy, or any other practical reason one considers when buying a car, such as luxuriousness, gas mileage, safety rating, or features.

The reason I am committed to Acura is their outstanding service.

I could gush for a few sentences, or even paragraphs, about how much I adore my local Acura service department. But all you really need to know is this:

the service I receive after the sale is the reason I keep buying this brand.

Is it just me?

No! Consumers love (or hate) brands. And what’s more, great service is a factor of love and loyalty. And love and loyalty are part of what lead said consumers to make larger purchases, more often.

 

What the Acura service team has in common with your sales and service teams

What’s the primary reason I call or visit Acura? Take a guess.

If you guessed “because something isn’t working”, you’re right!

My dealership uses my breakdowns as opportunities to build trust, gain insights on my preferences, and sell me more cars. They’re thinking about how to add more value and how to nurture our relationship (and my commitment) over the lifecycle of my purchase.

You’re thinking the same way, right?

 

How to earn more revenue from fewer customers

Here’s something we all know but don’t all act on: it’s more costly to land new customers than it is to retain existing customers. Fifteen percent more costly.

In fact, up to 90 percent of revenue can be earned after the sale.

How?

  • Steve Cox shares five tips for increasing wallet share with existing clients in this blog.
  • Ed Daly tells us how to develop a customer adoption strategy in this blog.

But wait, there’s more! We haven’t gotten to the loyalty phase yet.

 

How to turn all of your customers into life-long customers

We do business with people we know, like, and trust. It’s how you service your customer that makes them loyal to your brand. Or seek your competitors.

Everyone in your company is providing customer service, not just your support team. The more people within your company that delight your customers, the more likely your customers will want to do more business with you.

So how do you activate your entire company to better serve your customers?

  • Ed Daly highlights five strategies for creating a culture of customer success in this blog.
  • Scott Brown shares how to respond more quickly and deeply to customer needs in this blog.
  • Kelly Crothers reveals strategies to develop and maintain healthy relationships  in this blog.

There are a lot of practical strategies in these blogs. Pick one and get started today.

 

If you remember nothing else from this blog…

Remember the strategy that made me a die-hard-Acura-loyalist is the same strategy that will make all of your customers fall in love – and stay in love – with your brand.

 

Authors

Avatar

Jill Shaul

No Longer With Cisco

2 Comments
Avatar

#TransformationThursday: Thinking Outside of the Box

In the Name of Innovation:

Technology is only as useful as the processes it changes, the money it saves, and the lives that it improves. In increasingly complex city environments where there are more people, less resources and higher demands than ever, how do we ensure that we’re getting the right solutions to the right people at the right time? Finding the answer to this will require a fair bit of trial and error. But in the end, the importance will lie in the creativity and innovation that will allow us to stretch outside our comfort zones to successfully get us there.

Continue reading “#TransformationThursday: Thinking Outside of the Box”

Authors

Avatar

Arvind Satyam

Managing Director, Global Business Development

Smart+Connected Communities

1 Comment
Avatar

Proving it with Vodafone UK

Self-Optimizing Networks (SON) is not a new term and it has been thrown around for some time within the industry. Distributed SON (D-SON) is now active in many service providers’ radio networks having first been standardized in 3GPP release 8 (2008). Distributed SON, however, runs at the very edge of the network, and therefore has limited network visibility on which to make optimization change decisions. Centralised SON (C-SON), in contrast, by its very name sits further back in the network and so has visibility of the entire service provider’s radio network. At this point you immediately see two strong benefits for C-SON:

  1. Placing SON in a centralized position allows you to have a solution which spans radio networks that are built from multiple vendors. Something quite valuable when you consider how many service providers do not use a single RAN vendor.
  2. Seeing the bigger picture from a centralized point allows for optimization that would be much more complex if it was to be performed at the network edge, such as routing traffic to 2G, 3G or 4G layers.

So, when Cisco approached Vodafone promising to improve network performance, end user experience, and OpEx and CapEx through C-SON, they simply replied, “Prove it”.AU39909

“Prove it” meant a focus on Vodafone’s 3G network in the south of the UK. The bar was set at:

  1. Improve voice call set up success rate by at least 8%
  2. Improve data call set up success rate by at least 5%
  3. Reduce the call drop rate by at least 4% for both voice and data
  4. Reduce the number of 3G base stations with high voice drop call rates by 5%

3G networks have been deployed for a number of years and as a result have been through a lot of optimization by service providers and radio vendors. Radio teams within service providers are typically performance assessed by network KPIs and meeting certain performance thresholds. Meeting the “prove it” targets would certainly demonstrate the value of a C-SON automated approach in its ability to get to a high performance cellular network.

Vodafone deployed a number of Cisco C-SON applications in to their network, including:

  • Automatic Neighbour Relations (ANR) for both inter and intra-carrier
  • Automatic Parameter Optimisation (APO)
  • Dynamic Load Balancing (DLB)
  • Inter Carrier Load Balancing (ICLB)
  • Coverage and Capacity Optimisation (CCO)

After a brief period in the network, Cisco’s C-SON solution delivered:

  • A staggering 38.7% improvement in voice call success rates (against a target of 8%)
  • An equally staggering 26.5% improvement in data call success rates (against a target of 5%)
  • 6.3% reduction in dropped voice calls and a 2% improvement for data calls (against a target of 4%)
  • An 80.2% reduction in the number of 3G base stations with high voice drop call rates (against a target of 5%)

The end user experience improvements as a result of Cisco’s C-SON were crystal clear. The Cisco C-SON solution did not simply meet the “prove it” requirements, it smashed it out of the park. Vodafone is now deploying Cisco C-SON in to a large number of its OpCo’s. And we are now excited to “prove it” again in 4G.

Looking further down the road, it’s clear that a RAN vendor neutral C-SON approach, such as Cisco’s solution, is only going to grow in importance to service providers. Networks have rapidly grown in complexity – gone are the days of the GSM 2G only layer network. Many service providers have 2G, 3G and LTE network layers – three times the optimization challenge. Add the difficulties of having them work together, throw in indoor solutions such as small cells, and you can quickly see how costly and difficult it becomes for service providers who do not have an automated C-SON approach. Cisco C-SON’s automated applications solve these complexities and works to ensure end-users do not have a reason to churn to other providers. Anyone for adding 5G?

  • Check out the announcements by Vodafone UK using Cisco SON
  • You can learn more on what Cisco SON can do for mobile network operators here

 

Authors

Avatar

Mat Leaver

Product Manager, Engineering

Research & Development, Mobility

1 Comment
Avatar

“Security Seven”: Ways to Defend Your Factory – Part 2

In the first blog of this series, we talked about some of the unique security challenges that manufacturers face. The more connected your environment becomes, the more difficult it is to integrate your enterprise IT with your industrial technologies. 

Here are the rest of the Security 7:

  1. Play zone defense.

Use industry best practices, such as the ISA IEC 62443 standard, to set up zones and design schemas to segment and isolate your sub-systems. Create a demilitarized zone (DMZ) between your enterprise and manufacturing networks. On the network perimeter, firewalls and intrusion detection will help you keep threats at bay. And within the network, employing out-of-band deep packet inspection (DPI) in your routers, switches, and other network devices can help you spot viruses, spam, and other intrusions.

For example, the Emirates Aluminium Company Ltd. (EMAL) maintains a huge plant organized into several independent industrial zones and IT networks. Each zone handles a different stage of the production process. The company needed to coalesce these networks and share information to streamline production without compromising security and resilience. EMAL deployed a Cisco-based Industrial Demilitarized Zone (IDMZ) to link information from each zone with enterprise IT without compromising security. Each production area has a DMZ, with twin firewalls, providing a “neutral zone” where suspicious traffic can be identified and isolated before it can penetrate networks, servers, and systems. The solution lets EMAL safely share information across different interfaces and environments.

“DMZs are normally used to protect corporate networks from internet threats,” says Sylvain Boily, Automation Manager with BBA, a project consultant working on EMAL’s new smelter plants. “This application of DMZs within a manufacturing environment is groundbreaking.”

security_seven_5

  1. Reduce Capex (and Opex) with a remote security team.

If your company is made up of distributed sites in multiple locations, you need a way to apply security remotely.

For example, a leading oil and gas company operating in more than 70 sites globally was able to reduce costs by $700,000 per site deployed over five years (per their ROI study). To protect its critical infrastructure, including refineries, wells, and other sites, the company deployed Cisco Secure Ops, utilizing field-deployed software and networking gear to remotely monitor more than 50 upstream and downstream sites. The solution provided a secure “tunnel” from the field infrastructure to a centralized management console. Its centralized control center enables engineers and IT experts at a global service desk to quickly respond to any security threats.

The Cisco Secure Ops solution also enabled other capabilities:

  • Automated asset discovery and the inventory process to Level 1 of the Purdue Manufacturing Model
  • Tightened security by updating systems, limiting remote access, and monitoring compliance
  • Systemized downloading and distributing system patches and antivirus updates

Watch our secure ops demo from this year’s Cisco Live:

 

  1. Thwart attackers at the edge

A critical segment of any company’s network architecture straddles the Internet edge, where the corporate network meets the public Internet. Internet edge is the gateway to cyberspace, and serves many roles for the typical enterprise network. As network users reach out to websites and use email for business-to-business communication, you need to keep your corporate resources both accessible and secure. Something as simple as moving from unmanaged switches in your network to lightly managed switches gives you the ability to better secure ports and improves network visibility, control and security.

Cisco provides a modular building-block approach to the Internet edge, enabling flexibility and customization in network design to accommodate business models of differing sizes and requirements. Cisco offers solutions and validated designs for:

  • Firewall and intrusion prevention to protect the network infrastructure and data from Internet-based threats like worms, viruses, and targeted attacks,
  • Remote access (RA) VPN enables secure, consistent access to network resources from anywhere,
  • Email security, including spam and malware filtering services, and
  • Web security to support acceptable-use control and monitoring.

security_seven_6

There’s never been a better time to leverage a great defense for offense. 

The right security policies free up your organization to be more innovative and accelerate your digital transformation. In our “Cybersecurity as a Growth Advantage” study, 74 percent of manufacturers said that cybersecurity threats have hindered innovation. When you mitigate threats, take control and actively manage security, you not only minimize risk but also position your company to be more competitive and agile.

Put your cybersecurity strategy into overdrive.

We’re helping manufacturers such as Diebold, GM, Air Liquide and more ensure effective, robust plant-floor security while paving the way for future growth. We can help you understand potential threats and help quantify their financial risk to business leaders with a comprehensive Industrial Cybersecurity Risk and Vulnerability Assessment. To learn more, visit cisco.com/go/factorysecurity or contact inquire-factorysecurity@cisco.com.

For more factory security best practices, download our latest whitepaper:

security_seven_7

 

Authors

Avatar

Chet Namboodri

Senior Director

Global Private Sector Industries Marketing

2 Comments
Avatar

Building Blocks for an Innovation Disruption (Part 2)

Thomas Edison once said, “Genius is one percent inspiration and 99 percent perspiration.” Yet even today, when there’s never been a better time to innovate, many still believe that all you need is the next brilliant idea to disrupt markets. Wrong.

In today’s digital world, innovation takes as much perspiration, preparation and process as ever. Probably more, given the bewildering complexity and speed of new technologies, digitized solutions and business models.

Inspiration and perspiration—both are required to switch on that new light bulb, illuminate the world and reach your innovation destination.

Continue reading “Building Blocks for an Innovation Disruption (Part 2)”

Authors

Avatar

Alex Goryachev

Senior Director, Innovation Strategy & Programs

Corporate Strategic Innovation Group