Year: 2017

September 29, 2017 Leave a Comment
Avatar

Threat Round Up for Sept 22 – Sept 29

Today, Talos is publishing a glimpse into the most prevalent threats we’ve observed between September 22 and September 29. As with previous round-ups, this post isn’t meant to be an in-depth analysis. Instead, this post will summarize the threats we’ve observed by highlighting key behavior characteristics, indicators of compromise, and how our customers are automatically protected from these threats.

As a reminder, the information provided for the following threats in this post is non-exhaustive and current as of date of publication. Detection and coverage for the following threats is subject to updates pending additional threat or vulnerability analysis. For the most current information, please refer to your Firepower Management Center, Snort.org, or ClamAV.net.

Read more »

Authors

Avatar

Talos Group

Talos Security Intelligence & Research Group

Leave a Comment
Avatar

Five to Thrive in an Amazon World

The retail landscape continues to see disruption from changing consumer behaviors, and online disruptors, such as Amazon. Over 3,500 stores are expected to close this year and we are seeing decrease in store foot traffic of close to 6 percent per year. Visits to shopping malls went down 50 percent. [Business Insider].

E-commerce was the main driver of this large drop, but changing demographics and consumer preferences were also contributing factors.

https://www.slideshare.net/Cisco/cisco-and-psfk-consumer-2020

However, it’s not all doom and gloom. Where there are competitive threats, there are also opportunities. Let’s dig deeper. Retail is definitely changing, but it’s not dead. Some sectors such as home-improvement retailers actually increased 5.9 percent  and food service and drinking places saw a modest increase of 3.2 percent, according to eMarketer. And while traditional department stores struggle, the number of “dollar stores” increased by 58% to 29,400, and many supercenters, like Walmart, saw 76 percent unit growth.

With all of this mind, I’d like to propose five ways that retailers can thrive in an Amazon world.

1. Create dynamic, personalized customer experiences. Customers shopping online are experiencing seamless, convenient, fast, and personalized shopping experiences. Retailers need to provide the same or better experiences at the store. 

Use real-time analytics generated from your network to understand and know who is at your store. Customer insights gives you the ability to be able to predict and personalize customer engagements. Let your customers guide their own shopping journey, just as they would online. Learn more.

2. Empower associates to be productive and customer-first. To deliver the best in-store customer experience, you need a workforce that’s ready and eager to deliver the experiences your customers demand. Over 50 percent of consumers believe that the amount of sales help they receive in stores has declined (Deloitte, 2016).

Mobile technology empowers associates to become trusted advisors —equipped to help customers with real-time inventory information, product specifications, and personalized recommendations. Digital capabilities, such as on-demand training, analytics, and collaboration tools yields better-trained, better-supported, and more-satisfied associates who remain on the job for longer. Learn more.

3. Optimize your retail operations.  To remain competitive in the modern digital marketplace, your retail infrastructure must balance customer demands for more personalized digital services with the operational requirements for unified commerce. Increasingly, stores need consistent information management combined with a consistent omnichannel experience to ensure rapid deployment of new business functions, services, and apps. Learn more.

4. Protect your brand and secure your operations. Cybersecurity attacks continue to make big headlines. For instance, the recent Equifax breach was said to have exposed the customer information of nearly 143 million people. Unfortunately, this is probably not the last cybersecurity attack we’ll read about.

Retailers need to build strong processes, IT networks and systems that secure their business from the store to the cloud to the data center. Learn more.

5. Build your store on the Cisco Digital Network Architecture (DNA). The essential strategy for digital transformation in this rapidly changing environment, is to invest in a technology foundation that is flexible, automated, and secure – a digital ready network.

With Cisco DNA, retailers can revolutionize how they design, build, and manage the network. Meaning, faster deployment and simpler, centralized management of an intelligent network, to get multiple stores up and running in days rather than months.

Cisco has built a comprehensive digital transformation assessment for retailers to learn where they are on their journey to becoming a digital business to survive in this digital era. Take your assessment today: Get Started!

 

 

Authors

Avatar

Brian McDonald

Global Retail & Hospitality Industries Marketing Lead

Private Sector Industry Marketing

Leave a Comment
Avatar

Are you ready for the Global Data Protection Regulation legislation?

Companies that don’t comply with the new GDPR rules could be hit with a huge bill.

Security breaches that lead to customer data being compromised are an increasing concern for service providers.

Last year, Yahoo announced two serious data breaches, one of which led to hackers accessing the personal data of over 1 billion customers.

Other recent attacks, like those on the UK service provider Three, and the professional social network LinkedIn, also breached the personal data of millions of customers.

The danger is clear – and as the internet of things grows, there will be ever more opportunities for hackers to access sensitive information.

This is a real worry for any responsible service provider. And there will be an extra challenge from May 2018, when the EU General Data Protection Regulation (GDPR) comes into effect.

The GDPR will affect every organisation that processes the personal information of European Union residents. So all service providers that work in the EU will need to think about new rights, duties and obligations regarding people’s personal data.

For example, the definition of personal data will be broader, and companies will be obliged to notify the relevant authorities within 72 hours when they have suffered a breach.

It’s worth noting that the UK will still be in the EU when the GDPR comes into force. And in any case, UK service providers may well still be processing the personal data of European citizens, especially since the legislation’s definition of personal data will include IP addresses and many cookies.

Organisations that don’t comply can be fined up to 4% of their annual turnover, or 20 million Euros – whichever is larger. So it makes sense to be prepared.

A comprehensive approach

The best way for businesses to be sure they are complying with GDPR is to take a comprehensive, holistic approach to data protection.

You should review all your policies and procedures, on everything from how data is protected to what your response would be in the event of a breach. And make sure your team is on board with them.

It’s equally important to focus on the technical side, making sure that your security solutions are up to the task and are working together effectively.

Making things simpler

Maintaining strong data security is a real challenge, and it’s getting harder all the time. Our Annual Cyber Security report this year found that two-thirds of companies (65%) are using more than five security products, and some are using more than 50.

With this level of complexity, it’s no surprise that 44% of security alerts aren’t investigated.

Cisco’s threat-centric security technology is designed to make things simpler, so it’s easier for you to fight back against hackers. We can bring together our comprehensive suite of best-of-breed solutions into an integrated architecture to deliver effective security that’s simple, open and automated.

Our security provides greater visibility, actionable insight through analytics, and enforcement. And network and context information is automated through shared telemetry and cloud-processing.

This unique approach enables us to keep on reducing the time it takes us to detect threats. As set out in our 2017 Annual Cybersecurity Report, we lowered the median time to detection (TTD) to 14 hours for the period from November 2015 to October 2016.

And for the second part of that period (between May and October), the median TTD was just nine hours (compared to the industry average of 100 days).

Reducing the TTD gives hackers even less time to work in. And it means you can respond to threats in a way that others simply can’t match.

Data security: a challenge and an opportunity

The GDPR presents a challenge. But it’s also a great opportunity for service providers to adopt a smart approach to data security.

Cisco can support you in updating your technology and architecture to make sure you’re less likely to experience a damaging data breach. And if you do, we’ll help you identify it quickly and react effectively.

We put trust at the heart of our products and services. That’s why we consider security at every stage of their design, production and implementation.

Security involves thinking defensively, to prevent harm to your data and assets. But for smart service providers, it’s also a huge opportunity to grow your reputation and your business.

Find out more about how Cisco Service Provider Security Solutions can help you get ready for GDPR.

 

Authors

Avatar

Yves Padrines

Vice President, EMEAR Sales

Global Service Provider

Leave a Comment
Avatar

The FlashStack Revolution

Modern companies need to move quick. And to do so, they need things to be streamlined. From hosting 40,000 people at a big game, to churning out thousands of newspapers hot-off-the-press, to delivering millions of pizzas right on time. To keep up, companies need an integrated solution powering their IT that’s fast…REALLY fast.

Learn how Cisco and Pure Storage came together to build the FlashStack converged infrastructure solution, combining the innovation and compute power of Cisco UCS and the all-flash arrays of Pure Storage, for a solution that can power anything.

FlashStack is a streamlined, flexible, transformative approach to IT infrastructure. It fully supports mission critical enterprise applications and provides a robust platform for cloud services. FlashStack combines the latest in computing, network, storage components into a single, integrated architecture that accelerates time to deployment, lowers overall IT costs, and reduces deployment risk.

FlashStack is validated with common workloads and applications to reduce deployment risk and help IT organizations quickly and easily deploy the right infrastructure. FlashStack architectures are comprehensively documented and defined in Cisco Validated Designs, which are available at cisco.com/go/flashstack.

So join the FlashStack revolution. To learn more, visit us at: flashstack.com or cisco.com/go/flashstack

Authors

Avatar

Reesha Dedhia

No Longer with Cisco

September 28, 2017 Leave a Comment
Avatar

Innovating and Winning Awards

The Best of Interop 2017 award winners were announced at the MGM Grand in Las Vegas.

As the innovator and leader of these technologies, I was asked by several media representatives for an interview. Here is a short interview by Information Week news desk.

Best of Interop Awards are like the Oscars of the Networking industry.

We were the finalists in 6 categories and won 3 awards!

It was a privilege to be featured on the front page of Information Week. Here is a link to the article.

Here are more details of these innovations:

Catena information

PLB information

iCAM information

 

Authors

Avatar

Samar Sharma

Intelligent Traffic Director for Nexus 9k/7k/6k/5k

Leave a Comment
Avatar

Developing Network Security in the DevNet Sandbox

A great part of working on the DevNet Sandbox team is the exposure to new Cisco technologies and integrations. Up until recently I had always worked with collaboration stuff. Call manager, Presence, Jabber, Contact Center etc. It’s always good to get out of your comfort zone though and that’s what I decided to do next.

A few months ago, I worked with Gregg Berson, an engineer from the security business unit, on a Firepower Cisco Live US workshop. Gregg’s goal was to show how to integrate Cisco Firepower Management Center (FMC) with Splunk using the eStreamer API and eNcore client. I had never worked on anything like this before and immediately found it really interesting. Gregg’s CLUS workshop went down extremely well and after the event, it came to mind that this workshop could form the basis for an excellent new security sandbox. We set to work!

One of the most important parts of network security is visualizing threats in real time. Splunk is a software platform capable of analyzing and visualizing large amounts of data gathered from applications, sensors; etc. FMC is already equipped with excellent threat visualization dashboard. However, a lot of customers may have a Splunk instance already installed and would like to receive Firepower events on that platform. Firepower provides the eStreamer API to stream events to external sources. eStreamer is built into the FMC GUI and takes a few moments to setup. The encore client is also installed on the Splunk server to receive and interpret these events.

This free sandbox can be found in our portal.  Just log in (or register) with Cisco DevNet and reserve the environment for a few days. You can extend if you wish. The lab will take a few minutes to spin up. After that, you’re all set!

The sandbox consists of an FMC server, FTD (firepower threat defense), and Splunk server. Once reserved and active, users have complete admin access to the environment. We have also created a command on the reservation page to generate 10,000 events on the FTD sensor. These are then picked up by the FMC. The FMC eStreamer API sends the events securely to the splunk server, where they can be visualized and mined as necessary. The beauty of the sandbox is that all of the integration is built out during setup, and the lab is ready to go when active. VPN access credentials are provided through the portal.  The screenshot below provides an overview of the sandbox environment.

This is what the DevNet Sandbox is all about. Providing access to real world security environments where one can see first-hand how these integrations work. This sandbox is an excellent resource for anyone who wants to learn more about FMC and Splunk. We have also provided a lab guide and quick start instructions. Also, if you are a completely new to FMC or Splunk, check out the DevNet learning lab here.

Working with the security team really opened my eyes as to how interesting and complex this area is. The DevNet sandbox makes it easy to play and experiment with the latest Cisco Security tech. That’s why we build this stuff and why we will continue to do so.

Happy Sandboxing!!!

We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!

Twitter @CiscoDevNet | Facebook | LinkedIn

Visit the new Developer Video Channel

Authors

Avatar

Joseph Kearns

Applications Engineer

Developer Experience

1 Comment
Avatar

IT Services Can Ensure Your Investment Isn’t Wasted

IT services have changed a lot since I first became involved with them, but then, so has networking.  We use to laugh about putting an IP address on a refrigerator and now the Internet of Things has made that a reality.

However, as technology evolves and becomes more sophisticated, it becomes increasingly easy to overlook the full range of capabilities it offers. This is a problem for all organizations, but federal agencies operating under tight budgets and accountable to the White House may be especially sensitive to it.

After all, what good is new technology if you don’t take advantage of all the embedded features and functionality? Just having the latest and greatest whiz-bang software or device is only half of the equation. Have you realized the full value of your investment?

All rights reserved to Sandra Cifo

Thankfully, as IT has become more complex, services have evolved to help C-Suite Executives and network administrators make smarter choices to support long-term strategy and day-to-day operations. Basic break-fix is fundamental, but adoption and proactive intelligence regarding your network is better.

Think about implementing the following best practices when it comes your IT investments:

  1. Assign someone — directly or via a valued and trusted partner — to proactively manage your network inventory. Be sure to agree on detailed processes to reconcile changes, including RMAs.
  2. Make sure all deployed hardware and software components have break-fix service contracts, either via subscription or purchase. This will ensure your operating systems and applications are up to date, provided your IT team has the bandwidth and necessary expertise to keep up with changes.
  3. Purchase Adoption Services to ensure your organization actually uses the technology once deployed. This is especially important with collaboration services.
  4. Consider purchasing the following to minimize lengthy and expensive outages, deployment delays and unnecessary expenditures:
    1. Proactive break-fix services, like Cisco Technical Services Advantage, to supplement your staff.
    2. Optimization Services to identify problem areas that may limit your ability to realize your overall strategy.
    3. Advisory Services to develop a fully vetted roadmap and achieve your business objectives.

No matter what stage you have reached in planning, designing, implementing or optimizing an IT network, Cisco can help ensure you realize the full value of your investment and your strategic goals.

Find out more about Cisco services here.

Authors

Avatar

Stacy Meadows

Sales Strategy, Planning & Operations

Public Sector HQ

2 Comments
Avatar

TechWiseTV LIVE: Introducing Cisco Intersight for UCS and HX and the New ACI Anywhere

It’s a long blog title, but there’s a lot of information packed into this show! We pulled it off, our second ever live TechWiseTV show and we’re back in the data center talking about all the new announcements surrounding Cisco Intersight and ACI 3.0. This show is packed with guests, customers, and technical demos. If you’re more familiar with either UCS or ACI, don’t worry, we’ll catch you up!

Robb interviews a lot of the heavy hitters starting off with Frank Palumbo.

Frank gives us the outlook of the Cisco data center moving forward. After a primer on both technologies, we jump into Intersight, and all things UCS and HyperFlex with Liz Centoni and Satinder Sethi.

Intersight is a brand new product, which as Chris Nichols explains in his demo is not just another management platform. It is allowing us to connect all sorts of UCS and HyperFlex devices, from all different geographies, using a cloud managed platform. Intersight will allow us to move toward an intent driven data center, while increasing security, providing us with Telemetry for ourselves and troubleshooting information for TAC, and of course still driving towards more automation with all the integration, zero-touch deployment, and open APIs.

 

We then get into ACI with Tom Edsall. ACI 3.0 was just released a few weeks ago and this is a major new release! While ACI has always embraced open APIs from the beginning, the programmability, automation, and integration with third parties is just getting better. Edsall mentioned the new Kubernetes integration specifically for folks moving towards more cloud native applications with containers. ACI Anywhere is also a huge play, providing customers with the ability to manage policy as they do in ACI, directly with public cloud partners. The main event was around ACI Multisite, though, which Lilian Quan showed us in her demos.

Just a jam-packed show with a lot of information, education, and even a polka band! Make sure to watch on YouTube or you can register here to watch and get more information.

Authors

Avatar

Lauren Malhoit

Leave a Comment
Avatar

Watch now: Top 5 business expansion strategies for system integrators

Earlier this month, I was involved in a webinar in partnership with CSIA and Panduit that focused on system integrators and expanding their business. The system integrator role is evolving from being project-centric into a long-term solutions partner who can help manufacturing clients in critical areas such as:

Additionally, manufacturers are increasingly working with system integrators as an extension of their internal teams. In this webinar, we discussed how the implementation of state-of-the-art technology is affecting this space, as well as best practices, architecture design, and key considerations for working with customers. Topics covered included:

The webinar included areas for system integrators to expand their training, as well as a promo code for classes with Industrial IP Advantage. The replay is available here.

 

Sneak peek of next month’s webinar

The next webinar in the series will be in October and is titled “Secure Cloud Networking Solutions for Complex Manufacturing Operations.”

Some of the topics touched upon will include how cloud networking offers greater reliability, easier management, and a lower total cost of ownership. We’ll explore the cloud managed networking solution, the ease of integration, performance and security.

Full details are coming soon and will be available here.

Authors

Avatar

Eric Ehlers

No Longer at Cisco