Year: 2016

July 26, 2016 Leave a Comment
Avatar

How To Lose the Cyber Security War in 3 Easy Steps

The best way to succeed is to identify how to fail, then adapt accordingly. So, here’s how to lose:

  1. Focus on technology, not psychology.

2. Think that cyber security is an IT-only problem.

3. Believe that an air gap will save you.

We live in a connected world and that’s not about to change. Actually, our world will only become more connected – think Internet of Things – and whether or not some things should be connected is irrelevant. As long as the perceived benefits are greater than the risks, expect more connectivity.

Great. What do you do?

It’s important to understand that the good guys and the bad guys have one thing in common: they’re human. We all have our priorities and those drive our behavior. Your priority is to maintain safe, reliable service. You’re going to follow established processes and procedures that will help you meet that goal.

An attacker’s priority is to steal your data and/or disrupt service. And they will use any means at their disposal to do so.

To defend yourself, you need to stop thinking conventionally and think like a hacker.

To be clear, there is a difference between hacking for good – white hat – and hacking for evil – black hat. Most hackers are of the white hat variety, but understanding how hackers, in general, think is important. How so? First off, hackers are always asking themselves, “What if…?” In other words, how can the conventional be used in unintended and unexpected ways? Think MacGyver. They don’t want you to see them coming.

hackers_blog_2

Secondly, hackers love a challenge. If your organization is a high-value target, they’ll take all the time in the world to indulge themselves. The upside for vigilant defenders is that there are early warning signs that will alert you to their presence before they can do any real damage.

Lastly, hackers are opportunists who seek the path of least resistance. They won’t follow your org chart – they’ll exploit it. So if you think cyber security is somebody else’s issue, you’ve given the bad guys a hand.

Ready to play defense? Let’s try an exercise. Look around. Select a networked device and try to think like an attacker. Are you asking yourself, “Who would want to attack that?” If so, then you have just found yourself a potential attack target.

The more innocent a device may seem, the more attractive it becomes to an attacker because you’re not watching it. To the attacker, it’s a gateway to dig further into your network toward the real prize.

Now look around your control center. How many mobile devices are being charged through USB ports? How many of those devices have Bluetooth or Wi-Fi enabled? Is anybody using USB sticks? (I hope not!)

Everything is fair game to an attacker, and they will come at you from any angle they can find. Therefore, your defenses need to be layered and integrated.

This is defense-in-depth. Stuxnet proved that the air gap as a sole defense is a fallacy. The reality is, no one defensive technique can provide full protection. But if you make an air gap a part of your defense-in-depth strategy, you’ll be on the right road.

We aren’t going to become any less connected – the benefits are just too great. Those benefits bring risks that, like it or not, are now all of our responsibility to mitigate. So remember to put on a black hat once in while. You’ll be the better for it.

To learn more, check out our guide 10 Questions for Your Industrial Control System Cybersecurity and our latest Factory Security Whitepaper.

To receive future Manufacturing blogs straight to your inbox:

subscribe

Authors

Avatar

Marc Blackmer

Product Manager, Engineering

IoT Product Mgmt Networking

2 Comments
Avatar

The Mobile Moxy of Millennials

The workforce is aging and many organizations are having trouble recruiting younger talent. By the year 2025, Millennials will make up 75% of the workforce. Creating a familiar and engaging work environment is critical in attracting these young workers.

It’s no question: The proliferation of mobile devices is driving major behavioral changes in the Millennial workforce. In their personal lives, Millennials video chat with friends, find restaurant recommendations, and purchase concert tickets at the touch of a finger. They learn to do almost anything through online videos and readily store and share everything in the cloud.  They expect anytime, anywhere access to anyone or anything.

Meanwhile, Millennials often work in what, in their eyes, appears to be an antiquated cookie-cutter cubicle world of email and desk phones. The information they need to do their jobs is often siloed—trapped in a spider’s web of labyrinthine intranets. And often even the most minor tasks often requires manual, inefficient processes.

When you take all this into consideration, it’s easy to see why attracting millennials has proven challenging. Worse, employee engagement among all workers is at an all-time low – at only 32% in the United States and much lower in many other parts of the world.

That’s a hard pill to swallow: Employees are the heart of your organization and the key to its success. But employees, especially millennials, are not as engaged as they could be in their jobs. For most organizations, employee pay is the second largest operational expense. This lack of engagement is costing roughly one-third of that line item. This comes at a major cost when you consider that 64% of private-sector digital value at stake is tied to people-centric connections. Something must change or many of these organizations will soon lose the most valuable employees to nimble startups with work environments where millennials thrive.

The entire culture of “work” must undergo a radical transformation. It’s time to rethink the workplace model, communications processes, and work cultures. New ways to connect and collaborate, made possible by the digitization of work, enable organizations to build a work culture that attracts, engages, and retains Millennials.

Companies such as Cisco, Nike, American Express, and GlaxoSmithKline have already begun to rethink their entire work environment. They’re casting a strategic and holistic approach to connecting people, spaces, and things. And they’re reaping the benefits of increased employee engagement and work productivity.

What about your organization? Use the comments to let us know how you’re connecting and engaging your workforce.

 

Authors

Avatar

Lowell Johnson

Senior Director

Advanced Services for Collaboration

Leave a Comment
Avatar

The Need to Be Modern and Flexible

IaaS (infrastructure as a service) and PaaS (platform as a service) are new to the financial services vocabulary. They stand to dominate the discussions around the digital evolution.

Banco Bilbao Vizcaya Argentaria, S.A or BBVA has been the focus of global industry attention as they develop a modern digital platform to become a more flexible and scalable bank—a digital bank. As Carlos Torres Villa, CEO of BBVA has said, ‘I want to create an ecosystem capable of supporting our transformation process.’

image

Continue reading “The Need to Be Modern and Flexible”

Authors

Avatar

James Cronk

Director

Enterprise Business Group, EMEAR

July 25, 2016 Leave a Comment
Avatar

Protect the Branch with Stealthwatch Learning Network License

The threat environment faced by organization deploying branch networks continues to evolve. It’s time for a disruptive approach to handling network security across many distributed branch sites. Automation is becoming a requirement, because the growing volume and complexity of the threats to data security have made it impossible to keep up with them manually. Cisco is addressing the complexity of network security with a new self-learning, router-based solution called the Stealthwatch Learning Network License. The Learning Network works within a Cisco router in order to discover and learn about your network and adapt as the network and evolving threats to the network are encountered.

Stealthwatch Learning Network License uses a wide range of machine learning algorithms on premise (router) to model normal behaviors and detect anomalies in the network. This application of machine learning represents a disruptive approach to several of the common problems of network security and anomaly detection. Unlike security mechanisms of the past, this approach requires no special configuration and programming of rules, access control lists, and signature libraries;   instead, the learning agent equipped router constantly learns about network behavior and traffic patterns and using advanced analytics identifies anomalous traffic. Furthermore novel and advanced techniques are used to dramatically reduce the identification of benign anomalies through a simple user feedback (Like/Dislike) mechanism, alleviating one of the main challenges with anomaly detection.  The Stealthwatch Learning Network License is capable of quickly learning the environment it is deployed in and identifying relevant anomalies with unprecedented precision.

This Learning Network is the only solution available that combines machine learning with network content analysis and packet-capture deployed in a router to automate branch traffic visibility, protection, and remediation. The Learning Network is software that is sold as a smart license to the Cisco Integrated Service Router (ISR) 4000 branch-office router. It adds an adaptive component to your security efforts, which are no longer dependent on looking for threats that are already known. Instead, the learning network focuses on the relevance of anomalies; and being able to quickly respond to today’s threat environment and Zero-Day Attacks.

Learning Network components are a learning manager and one or more router deployed learning agents deployed at the edge of then network. A Learning Agent is virtual machine deployed into a Linux Container running in memory on a Cisco ISR 4000 series router. These agents inspect traffic, build models, and report anomalies in real time to the centralized Learning Manager. You may deploy at most one agent per router, and up to 1000 agents that communicate with a single manager in your network. At launch the ISR 4451 and ISR 4431 routers are supported, with other platforms to be supported in a near future.

The view of a suspected anomaly from the learning manager
The view of a suspected anomaly from the Learning Manager

The Learning Agent equipped router enforces security in the branch network router, operating as close as possible to the devices that generate the anomalies that pose risk.   It does so by monitoring traffic within and in between branch sites and data resources across multiple access network types. It learns traffic patterns and adapts policies accordingly.

The Learning Agent uses NetFlow but also Deep Packet Inspection (DPI), and Network Based Application Recognition (NBAR); capabilities that are already in Cisco branch routers, to collect, correlate, and analyze security information to perform advanced anomaly and zero-day attack detection. There is a defined Flexible NetFlow record in the router setup that sends that data to the agent running in router memory.

Screen Shot 2016-07-22 at 4.48.20 PM

A key Learning Network differentiator is the solution’s ability to adapt; to identify brand-new anomalies and working with an operator do something about them on the spot by identifying the anomalous characteristics and creating and applying mitigations for situations as they arise. This level of automation is really needed because of how complex and voluminous traffic streams and flows are becoming.

Traditional anomaly and intrusion detection and prevention are strong at catching threats that are already known and identifiable. They’re less able to discover new risks because, they rely on what they’ve been programmed to know and not what they learn as events unfold.

Another advantage of the Learning Network over traditional security solutions is its level of precision. Historically, anomaly detection systems have been rated based on the number of potential security events they’re able to detect. Given that many of these events turn out to be non-risk based or irrelevant traditional systems require tuning or else generate large volumes of unnecessary alerts and activity.

Stealthwatch Learning Network focuses on keeping its identifications precise and only alerting and acting upon events that pose real threats as confirmed by an operator, with a simple Like/Dislike feedback, allowing the Learning Network to identify only relevant anomalies.

It’s important to note that the learning manager operates separately from the Cisco Prime network management application. As a result, it lets you separate your security operations from networking operations, which can come in handy, depending on how your organization is set up.

The Learning Network extends the capabilities of Cisco’s market leading Stealthwatch Network Anomaly Detection (NBAD) and Visibility solution and both can be deployed in the same ISR.

The Learning Network can integrate data from the Cisco Identity Services Engine or access to a Cisco Talos Threat intelligence feeds to provide an operator with additional information and more granular visibility.

The Stealthwatch Learning Network license turns your ISR routers into security devices.  Learning network is not dependent on constantly updating signatures or rules and lists. It learns what’s normal and what’s not by getting to know everyday traffic patterns. This gives you a much more dynamic, always up-to-date approach to branch-office security.

 

Authors

Avatar

Brian Ford

Technical Marketing Engineer

Security Business Group

3 Comments
Avatar

Building Learning Communities Conference Redefines Educational Leadership

Blending the old with the new is evident in the city of Boston. Marked with a cobblestone path, The Freedom Trail takes you on a journey through our nation’s rich history of more than 250 years – from the Old State House where the Declaration of Independence was first read to the people, to the Boston Latin School, America’s first public school offering instruction to all. Yet, even on the historic Freedom Trail, just a few steps away you are surrounded by a sophisticated, vibrantly modern city.

BLC16 Blog Pic

This backdrop was the perfect location for the Building Learning Communities Conference, where educational professionals from around the world gathered together to discuss and share revolutionary ideas to transform education. Much like our Founding Fathers, their courage and determination to reimagine learning with technology in today’s untethered, global learning environment was inspiring, yet daunting.

Rethinking the design of once everyday tasks, developing leadership and vision, new educational tools and key behavioral changes, and preparing for resistance of technological adoption were common themes throughout the event.

There were master classes, inspirational keynotes and session options including classes on leadership and managing digital transformation, digital storytelling, using apps and Mindcraft for teaching and learning and even step-by-step instructions on becoming a connected educator.

While there were many great takeaways from the event, here are a few quotes to recap my week:

QuoteBLC#1

BLCQuote2

BLCQuote#3

As the city of Boston reminds us never forget our history, history also reminds us that we must continue to be inspired to do things differently. With technology opening the world to our students, faculty, staff, districts and campuses, we are truly empowered to create our new digital “Freedom Trail.”

Authors

Avatar

Lyanne Paustenbach

No Longer with Cisco

Leave a Comment
Avatar

Public Safety Shines at Cisco Live

Cisco Live US which was held in Las Vegas the week of July 10th is one of the premier IT industry events Cisco hosts every year. This year’s event drew over 28,000CLUS LV banner clip customers, partners, press and analysts. Our top executives presented keynote and innovation talks which tackled topics like cloud, collaboration, data center, enterprise networks, Internet of Things (IoT), and security across all business and public sector segments including government, education, healthcare, public safety, and transportation. We showed customers and other Cisco enthusiasts firsthand how our technology and solutions work together to solve their challenges—and hear their feedback. For a quick overview you can review daily highlights at the Cisco Live video portal.

Continue reading “Public Safety Shines at Cisco Live”

Authors

Avatar

AJ Ramsey

Global Industries Marketing Lead

GMCC-Services Marketing

Leave a Comment
Avatar

Top 5 mobility trends

This year’s Mobile World Congress was a hive of all things… well, mobile. There was much to ponder for service providers looking to stay at the cutting edge with the latest tech and solutions. Here are the five hottest topics from the event.

mwc

5G

Ready or not, 5G’s one of the key themes around all things mobile and it got plenty of airtime at MWC. The awesome bandwidth offered by millimeter wave (MMW) technology and the benefits that will give enterprises and end users across the spectrum, were clear to see.

But the more forward thinking service providers are viewing 5G as a platform for new applications, not just the old ones done better.

IoT

Connected cities and the clear opportunities they offer service providers was another hot topic. These cities are so opportune for providers because they tend to have great connections with local governments and a strong grasp of what they need.

The shift in focus at the show was to ask how platforms can change these smart cities from grand one-offs to easily scalable plans. The view of the future is that
service providers need to be able to roll-out these smart communities in a few months rather than spending years bringing high profile, and sometimes loss-making, projects to market.

Virtualization

Service providers know that virtualization can make their businesses faster and more cost effective. But there was a fresh way of thinking at MWC. Instead of virtualizing one or two functions, do it to the whole workflow!

The task is to move the process from a tech capability to a business deliverable. It’s all about the shift from the technical idea of orchestration to the deliverable of automation and simplicity. Make the whole thing more operator friendly.

Applications

All of the background innovations that speed up networks and offer easy operability are of course great. But they don’t draw the eye like the wow factor of a real world application. With exhibitors showing off connected cars, virtual reality trips and new drones, there was plenty of razzmatazz.

Among all of the flying objects, new realities and clever cars, the truth below the surface was the vital role 5G will play in their evolution. High bandwidth will let virtual reality bloom. Drones and connected cars need total reliability to stay connected at all times. ¬With the new network, all of this will be possible.

Security

In the words of one wise sage at MWC: “A network with high bandwidth but no security is like a two-legged stool!” People must be assured that the data they put over the network is secure. Ditto for the apps they use to do it. The networks have to offer security to deliver the revenue we all expect and make the investment worthwhile.

Tech developers now focus on putting security into the build. Today it’s thought of as a vital building block rather than an added extra. With that in place, new tech is free to fly. The future’s bright, the future’s secure.

Find out more

To discover more about the power of mobile solutions and how they could enhance your service provision, click here.

Authors

Avatar

David Yates

as Director of Service Provider Video Marketing at Cisco

SP360

Leave a Comment
Avatar

Ransomware: Because OpSec Is Hard?

This blog was authored by Edmund Brumaghin and Warren Mercer

Summary

Talos recently published research regarding a new variant of destructive ransomware, which we dubbed Ranscam. During further analysis of Ranscam samples, we discovered several indicators of compromise (IOCs) that piqued our curiosity as to which malware this threat actor might be involved in or responsible for besides Ranscam. We began to expand the scope of our research into other destructive “ranscamware” in an effort to determine if they had any shared characteristics that might indicate the same threat actor or group might be responsible for multiple variants. We found several interesting ties between known destructive ransomware variants such as Jigsaw and AnonPop which correlated with the threat actor we believe to be responsible for Ranscam.

Read More >>

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

Leave a Comment
Avatar

Cisco Simplifies Business Transformation

There has been a revolutionary change in the conversation over IT’s role within your business.  Once centered on reducing costs, today’s conversation centers on how IT can move with greater speed and flexibility.  Why the change?

The answer is simple– the digitization of business.   You don’t have to live in Silicon Valley to notice that our technical acuity has increased and our patience for multiple week service delivery has decreased.  Your customers expect self-service access to services that get delivered within minutes.

To meet these expecations your need to transform your technology, tools and processes.   The centerpiece to this transformation is automation, which translates manual tasks into automated workflows permitting IT to become proactive and a key contributor to your business acceleration.

Cisco’s solution for enterprise transformation is the self-service hybrid cloud.  Hybrid cloud management is a way of transforming the consumption, delivery and management of IT and application resources.   Cisco’s goal is to provide your IT organization with the ability to say “we have the technology and tools to meet your service expectations both on premise and off.”

The cornerstone to Cisco’s hybrid strategy includes two solutions, Cisco ONE Enterprise Cloud Suite and Cisco CloudCenter; both of which are 2016 award-winning solutions.  Enterprise Cloud Suite simplifies the data center by providing a foundational layer of infrastructure automation.  Cloud Center delivers hybrid cloud management to approximately 20 different data center, private and public platforms.

TechWise TV has released their latest episodeTechWise which explains Cisco’s self-service hybrid strategy and includes a demo of CloudCenter’s ability to model, deploy and manage applications across multiple cloud platforms.

But wait there’s more. Register now for a follow-on workshop that includes a live conversation and deep dive demo with TechWise Robb Boyd and Cisco’s Zack Kielich on Thursday August 18th.

The pace of today’s business is relentless and IT is working hard to keep up.   Expectations from your customers are higher while application and business teams expect hybrid access to data center, private or public platforms. Provide your organization with the speed and agility it needs and workload platform choice so you can take advantage of new revenue opportunities faster.   Watch the latest TechWise TV episode and then attend our live workshop on August 18th and investigate Cisco’s hybrid cloud solution.

Authors

Avatar

Joann Starke

No Longer with Cisco