Year: 2017

September 24, 2017 1 Comment
Avatar

7 Reasons to Zip Over to WebEx

No business is an island. With apologies to John Donne, it’s a sentiment even truer today than in his 17th-century writings. We all rely on others for survival. The ability to connect for a quick chat was much simpler in Donne’s era. Or was it?

Even if most of your employees are one place, it’s unlikely that all your partners, suppliers, and customers are within walking distance of your office. The ability to connect and collaborate, across town or across time zones, is becoming a standard business need.

The best online meetings mean you can meet with anyone, anywhere, anytime. Success depends on connections. But it’s not enough just to have the ability to connect. The right connections matter. 

collaboration icon

When it’s your business success is on the line, “good enough” tech isn’t enough. And let’s face it, all conferencing tools are not created equal. But does it really matter? Aren’t they close enough? Consider some of the most basic risks of choosing the wrong tool – reduced productivity, security risks, limited scalability, user dissatisfaction, complex management, your organization’s reputation…

So who do you trust? Rely on secure, scalable meetings with Cisco WebEx — the trusted industry leader in video and web conferencing. See the Gartner Magic Quadrant for Meeting Solutions.

 But we’re not sitting still. Just like you need to innovate to stay ahead of your competitors, so do we. Our engineering teams are like sharks – they never stop moving. They’re constantly innovating with a central focus on simplifying the meeting experience while augmenting and improving it.

7 Reasons to Trust Your Meetings to Cisco WebEx

#1 113 million professionals aren’t wrong

There are a lot of collaboration solutions from which to choose. But there’s only one proven leader. Cisco has twice the share of any competitor in video and web conferencing. And 95% of Fortune 500 companies are using video-enabled Cisco Collaboration solutions.1

Consider a single month in the life of WebEx:

  • 27+ million meetings hosted per month
  • 5+ billion global meeting minutes per month
  • 113+ million meeting attendees per month

conference icon

Numbers tell a good story (a really good one), but there are more dimensions to the whole story. Here’s another one: Gartner has positioned Cisco as a leader in the latest Gartner Magic Quadrant for Meeting Solutions, released last week. Gartner evaluated a variety of criteria for each of the 14 vendors in the report, positioning Cisco highest and furthest for “Ability to Execute” and “Completeness of Vision” for meeting solutions. Download the full report.

#2 No one knows security better than Cisco

security iconNo matter your industry, no matter the size of your business, security has to be a top technology priority. Conferencing services are no different. In fact, they must provide multiple layers of security—from scheduling to participant authentication to content sharing.

This is another big advantage of Cisco products – we know the network, at every layer and in every aspect. We don’t rely on someone else to figure out security for us. As a leader in both collaboration services and network security, we don’t take this lightly anywhere – including for your meetings. It’s a huge part of our business and our commitment to our customers.

WebEx meetings happen in the Cisco Collaboration Cloud, a global, enterprise-scale network designed specifically for highly secure delivery of on-demand applications. It offers a scalable architecture, consistent availability, and multilayer tenant security validated by rigorous independent audits.

#3 WebEx doesn’t limit you

Not all conferencing providers offer a global, full-service meeting experience. Some support only certain countries or regions—leading to patchwork solutions that don’t always integrate well.

Cisco WebEx offers online meetings with high-definition, reliable video, plus:

  • 17 languages for connections worldwide
  • Enterprise-grade availability, speed, and performance
  • Support of global data centers
  • Bandwidth-management settings
  • A consistent, high-quality experience across devices
  • Deployment and solution flexibility

simplify icon

You’re a rare bird if all your meetings are identical – with the same number of people attending from the same locations using the same devices each time. I’ve attended meetings from my laptop at the office, an MX Series system in a conference room, my dad’s PC, and via my mobile phone from the back seat of a motorcycle in Death Valley. (I don’t sit still very well.)

Cisco WebEx can meet all your conferencing needs, from simple meetings to big events and training sessions.

  • Allow users to join with one touch from a browser, mobile device, or standards-based video system
  • Host online events for up to 3,000 attendees or offer a webinar to 40,000 participants
  • Train staff or partners with up to seven breakout rooms, and remotely support staff and customers

Think of it like this – instead of having to go to four stores to get the ingredients to make brownies, you can get everything in one place.

#4 People can focus on meetings – not the tech

personal meeting roomComplicated features or unreliable technology can get in the way of getting down to business. If the solution is hard to use or you have to learn a different process for every device you use, you’re wasting time. Not only your time but the time of your employees – and your customers and partners. It’s a productivity hit, but worse — when an experience leaves a bad impression on users, they’re not likely to use it again.

Usability features include:

  • Easy scheduling directly from Microsoft Outlook
  • Single-button join (a.k.a. “the green button”)
  • Consistent user experience on any device and
  • Easy to move from one device to another during a meeting
  • Reliable meeting quality

Cisco WebEx’s user experience makes it simple to focus on the reason for the meeting and the people in it, not the technology.

#5 Get comprehensive, integrated solutions

If you’re like most organizations, you’ve felt the frustration of piecing together disparate technologies to solve a challenge. Another advantage of working with Cisco is that WebEx is part of the broad collaboration portfolio. Get a better video experience and stronger integration by using Cisco web conferencing and video endpoints together.

If you just need a basic meeting solution, WebEx has you covered. If you need more – today, or in the future, you’re covered. For example:

  • Team collaboration tools like Cisco Spark provide workspaces where teams can centralize projects, conversations, and content. Cisco Spark also features group messaging, in-app calling, file sharing, and virtual whiteboarding.
  • High-quality, innovative meeting room devices like Cisco Spark Board provide an all-in-one solution for wireless sharing, digital whiteboarding, and high-definition video conferencing.
  • Our unified communications technology connects business communication systems and customer care solutions under one, integrated solution.

Cisco lets you define what you need based on your needs with flexible deployment models—on premises, cloud-based, or hybrid models—that you can shift as your needs shift.

#6 Attendee experience reflects your reputation

training iconThe quality of your video conferencing experience makes an impression on attendees – clients, business partners, and even employees. You want to not only use the technology you choose to run the business but leverage it in your strategy to stay ahead of competitors. While lower-cost solutions look good on the shelf, there’s usually a reason for the reduced price tag. (Like tequila in a plastic bottle…)

Don’t risk the way others perceive your company in return for small, up-front cost savings. It could cost you far more in terms of clients and business limitations.

Best-in-class capabilities allow you to put your organization’s best foot (and face) forward. For example, WebEx offers:

  • Dedicated, always-on personal meeting rooms
  • Intelligent noise detection to reduce background noise
  • Instant connect, whether for impromptu or scheduled meetings
  • Host ability to automatically lock a meeting room, preview who is in the lobby, easily admit guests or choose an alternate host
  • Meeting room options that let you brand or personalize rooms with avatars, images, and names at no extra cost

 

#7 Competitors can’t match WebEx

Don’t let the vendor checklists fool you. Anyone can create a checklist that makes their product look the best, whether for web conferencing or tequila.  If you look at feature lists alone, you’ll see will miss the richness of the true product experience and capabilities. It’s not our checklists that are important – yours are. We can complete your checklist and actually deliver on it.

Learn more about Cisco WebEx.

Download the Gartner Magic Quadrant and Critical Capabilities for Meeting Solutions.

 

 

  1. IDC MarketScape: Worldwide Enterprise Videoconferencing Equipment 2016 Vendor Assessment, Doc # US41304916, Jun 2016

 

Authors

Avatar

Kim Austin

No Longer with Cisco

September 22, 2017 2 Comments
Avatar

Cisco and Splunk Demonstrate the Power of Integration

You already know that insights from data are the foundation for digital business. Much of this data comes directly from your data center, network and security infrastructures. But let’s face it, using custom-built or disparate tools to analyze each system is challenging at best. This is where Cisco and Splunk can help.

Cisco and Splunk have worked closely to integrate Splunk Enterprise with Cisco UCS, Networking, and Security portfolios, to provide real-time IT Operations and Security Analytics. These capabilities will be on full display at Splunk .conf2017, where the Cisco team will be showcasing the industry’s most comprehensive set of Splunk integrations that enable you to derive real-time insights from your data, accelerate troubleshooting and provide holistic security.

If you’ll be in Washington, DC, for Splunk .conf2017, make the Cisco booth your first stop for an action-paced agenda of demos and theater sessions covering

  • Cisco Data Center – Next generation Cisco UCS for Splunk Enterprise
  • Cisco Security – Cisco Firepower 6, Umbrella and Cloudlock integrations with Splunk
  • Cisco Meraki – Developer platform to build apps on top of the Cisco Meraki Cloud

For the deep dive, don’t miss the Cisco breakout session, Innovation through the Power of Integration, on Thursday, September 28 |1:20 p.m. | Ballroom C. You’ll hear from three Cisco teams whose technologies feature Splunk integrations.

If you can’t join us in Washington, DC, join the conversation and interact with us on Twitter using #CiscoatSplunkConf. For more information on Cisco and Splunk solutions visit cisco.com/go/bigdata or download the eBook.

Authors

Avatar

Gary Serda

Senior Strategic Partner Marketing Manager

Global Partner Marketing

Leave a Comment
Avatar

Cisco Named a Leader in Gartner Magic Quadrant for Meeting Solutions

Gartner has positioned Cisco as a leader in the latest Gartner Magic Quadrant for Meeting Solutions.

Just released, the 2017 Gartner evaluation brings together web conferencing and group video system markets under a single grouping. Gartner’s definition is clear but comprehensive: “Meeting solutions blend communications, collaboration and content to enable real-time group work from anywhere.”

We agree. Integrating meeting technologies to remove complexity and be more intuitive is a key focus area for Cisco. And that’s exactly how we intend to continue to evolve our meeting solutions, including Cisco WebEx, Cisco Spark, and Cisco Meeting Server. We’re committed to providing you with the solutions you need, whether for cloud, on-premises, or hybrid deployments, along with a portfolio of endpoints you can tailor to your needs.

We believe our solutions deliver a powerful feature set and provide a consistent user experience across platforms, from mobile to desktop to meeting-room systems. Support for standards contributes to our strong partnerships with system integrators. These companies rely on the quality and dependability of our products to give their own customers the best results.

Gartner evaluated a variety of criteria for each of the 14 vendors in the report. Cisco is positioned highest and furthest for its “Ability to Execute” and “Completeness of Vision” for meeting solutions.

Delivering intuitive, easy-to-use meeting solutions is a top priority for Cisco. And we are seeing great traction with customers with over 50 billion annual meeting minutes and double-digit growth in mobile meeting users.

The technology all around us is constantly changing, so your experience and expectations are too. We appreciate the partnership with our customers because your feedback and insights are a big part of how we continually enhance our meeting solutions.Gartner MQ for Meeting SolutionsOur engineering and operations teams focus on constant improvement. Over the last few months, we’ve done a lot of work to enhance the user experience, including:

And we’re not done yet. We’ve been sharing how we’ll deliver even more value to meetings. Our meeting strategy includes:

 

If you are evaluating meeting solutions for your organization, download the Gartner report for more insights.

 

 

Disclaimer
Gartner, Magic Quadrant for Meeting Solutions, Adam Preset, Mike Fasciani, Tom Eagle, 18 September 2017.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

 

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Cisco.

 

Authors

Avatar

Angie Mistretta

Chief Marketing Officer, AppDynamics

AppDynamics

18 Comments
Avatar

Cisco CCNA Cyber Ops Scholarship: The Ins and Outs!

Tim Harmon is a Cisco Champion, an elite group of technical experts who are passionate about IT and enjoy sharing their knowledge, expertise, and thoughts across the social web and with Cisco. The program has been running for over four years and has earned two industry awards as an industry best practice. Learn more about the program at http://cs.co/ciscochampion.

==========================================

Cisco had developed a new certification in order to reduce the global cybersecurity skills gap that has been reported throughout various sources. This certification is called the CCNA Cyber Ops and it is along the lines of what a Security Analyst in a Security Operations Center (SOC) does. There are two exams associated with this certification: the SECFND 210-250 and the SECOPS 210-255. Cisco introduced the Global Cybersecurity Scholarship program where they invest $10 million into the program to increase the talent pool with cybersecurity proficiency.

Cisco Cybersecurity Scholarship

The scholarship is a self-paced e-learning path consisting of three courses and the two exams. The first course is the “Introduction to Cybersecurity” that is done on the Cisco Networking Academy platform and easy to complete. The other two courses are done on the Lumicybersecurity platform. The second course is the “Understanding Cisco Cybersecurity Fundamentals” (SECFND) and the third course is the “Implementing Cisco Cybersecurity Operations” (SECOPS).

Recipients of the scholarship can attempt each exam after the respective course or they can wait until they finish the entire program. There is mentoring and coaching for all courses from key Cisco Authorized Learning Partners, such as Global Knowledge, Fast Lane, etc. The cost of everything (training, mentoring and the exam fees) is all included in the scholarship and the recipients will not have to pay anything out of pocket.

There are some qualifications requirements that recipients of the scholarship need to have in order to be accepted. This includes having a basic technical competency where they must possess one or more of the following:

  • Cisco certification, relevant industry certification
  • Cisco Networking Academy letter of completion
  • 3 years of combined experience in approved U.S. military job roles
  • Windows or Linux expertise

They also need to be planning a career in IT cybersecurity, prepared to complete the training in three months (90 days) and willing to share a success story.

I decided to give this scholarship a shot and applied. I was given a chance to complete the assessment exam in order to be accepted into the program. I was fortunate to be one of the 10,000 people selected for the scholarship program but I was placed into the last cohort that was to start on July 6, 2018. That changed when I found out that some other people had requested to be moved to an earlier cohort, as I had requested to be moved to Cohort 3 with the start date being June 20, 2017. The Lumicybersecurity support team allowed me to be in Cohort 3.

They allowed everyone in that cohort to complete the “Introduction to Cybersecurity” course before the actual cohort start date, which gave us more time to complete the two main courses for the program. The day before our cohort started, we received an email with the Welcome Packet and a FAQ document that explains what the scholarship training entails.

Scholarship Welcome Email

Global Knowledge was the Cisco Authorized Learning Partner that I had for my mentoring and coaching during this cohort. Kris Bilbrey and the other mentors were great at making the material interesting and helped all students to understand what the material was talking about. The SECFND online material was more about the foundation of cyber security and introduced the concepts that students need to understand. This is so that they can not only pass the exam, but also to gain the skills to become a security analyst in a security operations center (SOC).

I was surprised at the new knowledge and skills I gained through the SECFND course. There were some things in the course that I had not known as I only had a little bit of experience, even though I gained a Master of Science in Cyber Security and Information Assurance from National University.

SECFND Course Introduction

The mentoring sessions were a big help in the cohort as Kris Bilbrey was excellent in his style of conveying the material and answering everyone’s questions with enthusiasm. The sessions were two hours long and consisted of chapter reviews and any questions the students needed an answer to. Not only did I get some things out of these sessions, but I also helped other students with getting the answers they needed. The links provided in the mentoring sessions were useful in preparing for the exams.

The mentoring sessions for Global Knowledge use Adobe Connect while other Partners use Cisco’s WebEx for their sessions. The students mainly use the chat window to communicate with the instructor and other students but the instructor may allow them to communicate using the microphone. Before I went for my SECFND exam, I had let everyone know in my mentoring session that I was attempting the exam. Some students gave me some insight into the exam as they had already attempted it.

SECFND mentoring session

My exam day came and I was pretty nervous. I scheduled to take my exam at Coleman University in San Diego, CA USA and showed up to my exam a little early so I could be prepared. The testing center and Cisco do not allow you to take in anything (except tissue in case you need to blow your nose). That means you have to empty out all of your pockets into a box and place that box in a locker. Then you show the proctor your empty pockets and he/she will lead you to your workstation.

I completed the exam within 35 minutes of starting and I found out what my score was at the end of the exam. The exam was decently worded but there were some questions where it felt confusing as to what the question was asking. I was relieved to know that I had passed and felt ready to start going through the SECOPS course. With passing the SECFND, my CCNA R&S certification was renewed and I did not have to worry about it expiring anymore (at least for three more years).

Coleman University

I was behind in the SECOPS course material but thankfully, I caught up and finished the course material and labs on Saturday September 9, 2017 (11 days before the end of Cohort 3). The course material for the SECOPS was more of a technical nature and discussed topics surround the National Institute of Standards and Technology (NIST). This course was more on the SOC and what tools a Security Analyst in a SOC uses to “hunt” for threats and about incident response. It also talked about the Common Vulnerability Scoring System (CVSS).

I had requested my exam voucher the same day I completed the SECOPS course and then scheduled my SECOPS exam for Friday September 15, 2017. I took the SECOPS exam and it was a little harder and more technical than the SECFND exam. I was happy to have passed the second and final exam needed to become CCNA Cyber Ops certified.

SECOPS CVSS

The CCNA Cyber Ops certification will become one of the foundational certifications that the security industry will endorse and require for employment. The scholarship is definitely a great way to learn the concepts and technologies needed for a successful career in the world of cyber security. It was a great pleasure to have gone through the application process and the scholarship program as it has given me the confidence to know that Cisco wants to help the security industry by the training and certification of security professionals. I highly recommend the scholarship and the CCNA Cyber Ops certification as it is helping to bridge the skills gap. Information about the scholarship can be found here. Information about the CCNA Cyber Ops is here.

Authors

Avatar

Tim Harmon

Cyber Security & Network Professional

Cisco Champion

8 Comments
Avatar

Women in Technology: Knowing Yourself & Owning Your Authenticity

You heard in my last blog post that, I was named the 2017 Women in Cable Telecommunications (WICT) Woman to Watch for their newly established Technology category.  A truly incredible honor that I share with so many people who have helped shape me as both a professional woman in tech, but also as a decent global citizen.  This award represents so much to me personally and professionally, and I figured I couldn’t give it justice without being authentic to all the fears and doubts that I have battled over the past 12 years to get to the point where I can only now, truly own my authenticity.  Here, I share a snippet of my journey, hoping that it will help inspire others to reclaim their power and own their path, as I have found that showing vulnerability is the key to building confidence.

I got my start at Cisco in 2006, being hired into an accelerator program called CSAP directly out of Undergrad.  For so long I was unsure of myself: a young, millennial female filled with wanderlust working in an industry that was at the time, starkly contrasted to who I was.  Surrounded by men who were far more technical (many of whom had worked in Cable & Media longer than I had been alive!) naturally made me feel inferior.  I struggled to find commonalty of culture, style, or cause.

In my first customer engagement role within Cable, I truly battled with “Imposter Syndrome.”  I was plagued by self-doubt that I was inadequate and concerned that others didn’t view me as competent or capable enough to hold my position.  Several instances fed into my fear, one of which, was a mean-spirited bet organized by a colleague, that I wouldn’t make it past my first year in the role. When a peer of mine clued me into the bet, I was completely defeated.  A woman who had graduated Summa Cum Laude in Finance in her MBA, amassed countless certifications in tech platforms, and ranked in the top 10% of all Cisco hires, was surmounted to “not able to cut it.”

Ladies Who Lead: Cisco’s Media 2017/2018 Team

Devastated, I considering resigning from technology all together.  Fortunately for me, two things happened:

  • A mentor on my team, as well as an executive sponsor of mine, encouraged me to persevere. They saw the potential of a 24-year-old girl, and rallied behind me. I immediately realized the influence mentors, sponsors, and confidants can make, and thus I made it my mission to always fight for the underdog and surround myself with a support system.
  • I reclaimed my power. I have never been, nor will I ever be a victim—I’m a fighter.  So, I put my head down, determined to prove everyone I would succeed, and focused intently on being the most prepared, technically acute, and capable business partner to my clients as possible.  The hard work paid off, as I was awarded some of Cisco’s highest distinctions, and began to pave the way to the role I currently hold.

It comes down to this: Be Your Authentic Self.  The moment you stop trying to compare yourself: your age, your style, your appearance to others, the easier it will become for you to become grounded in the tasks you need to accomplish.  So much of our energy is wasted trying to assimilate or worse; worry about what others think!  We all need to embrace our individuality, and realize that it is our merit which propels us.  The moment we stop giving our power away, is the moment we stand sturdy and steadfast in our ability to move, lead, and inspire.

Build the Team You Always Wished You Could Be Apart Of…

As evidenced by my story, I didn’t have the easiest on-boarding experience into this industry. Yet, what I have realized in the decade-plus that I have been in the industry, is that we have the power to lead, inspire, and most importantly, build the teams we always wished we could have been a part of!  To be the change you want to see is the single most powerful thing anyone can do, and in an industry, that is rapidly changing in demographic and skill set, it is more important than ever that each of paves the way for others.

In my capacity, I have used my influence to create a collaborative, diverse, dynamic, and frankly, entrepreneurial environment within a $50B Fortune 30 company.  By leading by example, and supporting the talent around me, I have realized we are able to build bridges to the talent the industry needs to survive and thrive.  You don’t need to be a people leader to do this—all of us are capable of Standing for each other, and as demonstrated in the aforementioned story, the power of mentors and sponsors serves to instill a sense of community and courage into our team mates.

Authors

Avatar

Samira Panah Bakhtiar

Director, Cisco's Media Operation

Global Service Provider Organization

Leave a Comment
Avatar

Why network security is like a beehive

Effective threat protection means thinking about security before, during and after an attack

Network security involves cutting edge technology. But it also follows principles that have long existed in nature. In fact, we can learn a lot about effective security by looking at the way bees defend their hive against bears.

The worker bees use a sophisticated and multi-layered system to protect the queen bee. It starts before an attack happens. As the bees buzz around the hive making honey for the queen, they’re also keeping an eye out for threats. That means they’re able to spot a bear approaching.

And when he begins pawing at the hive to get at its precious contents, the bees swarm around him to try and drive him away. When the bear gives up and the worker bees know that their queen is safe, it’s time to begin the recovery.

The bees assess any damage and start repairing the hive, to strengthen it against a future attack.

In short, the bees protect their hive by reinforcing its security before, during and after an attack.

The challenge for service providers

Service providers are facing a challenging security situation. Our 2017 Annual Cybersecurity Report   found that the changing nature of networks was leading to an expansion in the number of ways that hackers can access them – making it increasingly hard to block threats. The key challenges highlighted by security professionals were mobile devices, the cloud and user behaviour (like people clicking on malicious links).

Over the last 18 months we’ve seen high profile breaches experienced by all types of service providers, including those offering wireline, mobile, video, cloud and managed services.

And our research suggests that they’re more likely than other organisations to suffer reputation-damaging attacks. In our Security Capabilities Benchmark Study 2015, 57% of telcos reported a security breach that led to public scrutiny

Combating threats before, during and after an attack

The answer for service providers is much the same as it is for bees. They need to think about threats at every stage – and not just when they enter the system. Best of breed solutions are still important of course, to fight attacks as they take place. But even with first class technology, it’s inevitable that defences will be breached at some point.

So service providers also need to think about how they can identify breaches quickly, and recover effectively after an attack. And the third key element of effective security is planning for cyber attacks before they happen. Service providers should know what threats to look out for, and which parts of their network might be targeted.

Cisco’s comprehensive solutions

Cisco’s integrated security architecture can help service providers make sure they’re taking a comprehensive approach that is simple, open, automated – and leads to effective protection against threats.

Before an incident happens, intelligence from our global team of experts, Talos, keeps you aware of the latest risks and enables us to keep our products bang up to date.

And during an attack, our best of breed solutions enable you to combat and block threats effectively. A strong firewall is essential, of course. But for the most effective defence, it should be used alongside other technology , (like Cisco’s Next-Generation Intrusion Prevention System, Advanced Malware Protection, Stealthwatch ), and intelligent automation. And it’s important to monitor network traffic too, so you can spot suspicious activity as it happens.

And after an attack has occurred, we help you contain it to limit the damage, and improve your defences to prevent a repeat.

Our technology can detect security breaches fast. It takes an average of 13 hours, compared to the industry standard of 100-200 days. When you can react quickly, breaches are less damaging, and you can get back on your feet as soon as possible.

Delivering best of breed security to Exaprobe

One business that has used Cisco technology to offer comprehensive security is Exaprobe, a subsidiary of the French cloud service provider Econocom. Exaprobe used our Hosted Security as a Service solution to deliver their STARC (Security Threat Assessment and Response Centre) cloud-based security services .

Cyril Azambre, Exaprobe’s deputy general manager, says that thanks to Cisco’s support, “our customers can benefit from a huge security database and real threat intelligence, in a very secure and confident manner.”

The cyber security environment is always getting tougher, and it will continue to do so. In the future, we may see techniques like automation and machine learning playing a bigger role as threats become ever more sophisticated.

At Cisco, we’ll always be at the forefront of developments like this. But we don’t innovate for the sake of it. We understand that some of the fundamental principles of security have been long-established for a reason.

That’s why we take inspiration from the ways in which bees protect their hive. Their example helps us make sure we’re providing your network with comprehensive protection before, during and after an attack.

Find out how Cisco’s security expertise can help you combat cyber threats before, during and after an attack – and have a look at this video.

Authors

Avatar

Yves Padrines

Vice President, EMEAR Sales

Global Service Provider

2 Comments
Avatar

Incident Response Fundamentals – Communication

While there are a number of ways to err during the course of responding to an incident, it never seems to fail that the number one misstep I have continued to see comes down to internal communications among those working on the incident and communications to stakeholders. To that point, it’s astonishing that something seemingly as basic as communication can be the downfall of an otherwise great response to any incident. However, if you consider the number of stakeholders normally involved during an incident, let alone the leadership concern and focus that comes along with one, it shouldn’t come as a surprise that communication is perhaps one of the most important, and yet, most overlooked aspects.

Communications Rhythm

First and foremost, you need to establish and follow a communications rhythm. Generally speaking, that should map back to the overall severity of an incident and be agreed upon ahead of time.

As an example, the chart below details an organization with three severity levels and an associated communication rhythm, and intended audience, and method of communication for each.

As also demonstrated by the example chart above, communication during an incident should not be confined to just written communication nor should it end when the situation is under control. Having both conference calls for the team to sync up and leadership to ask questions and provide guidance can be critical; additionally, having a read-out of the incident along with reviews of failures and recommendations for moving forward is an important step at the tail end of an incident.

Cisco Security Incident Response Services Template

For the purpose of this blog post, we’ll focus on daily (or routine) communications only. While some organizations may have systems that assist with the workflow of an incident and have the ability to track and record actions taken, generally leadership is not going to be in those systems or want to log into a system they would use maybe once a year. It’s important to elevate your communication level and consider communication from a leader’s perspective, to include the fact that most leaders are mobile and are keeping up to date via their mobile technology. The template I’ll walk through (see below or download here for your own use) has been used and refined for a number of years now in both Fortune 100 companies as well as with all of our Cisco Security Incident Response Services customers.

https://www.slideshare.net/CiscoSecurity/incident-response-services-template-cisco-security-80053198

 

Key Elements

At the very top of the communication are housekeeping items. These should include when the incident was reported/began, who is working the issue, and perhaps most importantly when the next update can be expected.

In keeping with the concept that leadership “shouldn’t need to scroll”, we want to keep as much of the executive level information at the top as possible to create a one-pager. Having an evergreen Latest Update and Current Impact section at the top will generally provide leadership with the key elements they need to know about to stay informed and make business decisions. Latest Update should be pretty straightforward and give a current state of affairs. Current Impact can be tougher for responders, as I tend to see some responders looking at low-level detail such as number of machines impacted or staying in the weeds for impact. Impact should be directly tied to the business and convey the actual impact the incident is having. For example, is manufacturing down? Are sections of the organization unable to authenticate and login to get their work done?

Areas of Concern should be the location where you communicate any help or assistance needed from leadership. It’s not an area for commentary such as, “we have a malware outbreak”- that should be a given. Perhaps budget is needed to procure a solution to segment the network, or the team is having a difficult time interfacing with a business unit to assist in responding.

As we move toward (typically) the bottom of the first page, we have Action Items. Action Items are perhaps my favorite part of the report as a leader, because it is a mechanism to understand what the team is actually working on, what has been done so far, and when the expectation is they will be completed.

As you can also see by the template, we begin to color code items and leverage formats such as strike-through font. I’m a fan of leaving the items that have been completed, crossed off, as it shows progress. Additionally, throughout the template, we use the color green to indicate new information from the previous update. Again, given that time is always the most precious resource anyone has, allowing recipients the ability to quickly focus their attention on the green sections and read only new information, can save up to 80% of their time versus reading each update in its entirety.

While the Intelligence Summary is a little lower in the order of the template, the template is designed to be modular in nature and can flex depending on the issue at hand. For example, the intelligence pertaining to a Qakbot outbreak may not be that relevant or exciting to leadership, but a nation state adversary who has just exfiltrated the company’s intellectual property should be moved to the first page, as it may influence leadership to make different business decisions.

Finally, but again critically important, is the Recommendations section. We consider this a parking lot for things that are discovered and discussed along the way, but perhaps do not have time to focus on given the other priorities. Per the above commentary around a final debrief following an incident, the Recommendations section is usually the top item discussed in the debrief and rather than try and recall what happened a week or two ago, documenting these along the way is invaluable.

Conveying Doubt

Incidents are always fluid situations, and as such it can be very difficult to definitely state findings with 100% confidence. As such, when communicating throughout the incident, we use phrases and terms that allow us to provide a certain level of speculation based on our years of experience and knowledge. We provide this as an appendix, so that readers can reference it along the way and feel more confident in the findings being presented along the way. We have recently synced this language with our Talos brethren, which they recently blogged about here: http://blog.talosintelligence.com/2017/08/on-conveying-doubt.html

Final Thoughts

Clear, crisp, consistent, and constant communication is critical and calming. Leadership tends to get antsy when there are issues ongoing and they aren’t sure of the current status. Assigning an Incident Coordinator/Commander to take point on communications and running meetings will help to ensure they know what is going on, and will empower them to know when they can next expect an update, what the current situation is, and what has been done. This will then allow leadership to worry about other matters and perhaps more importantly, allow the response team the ability to focus on the incident at hand.

As every organization is different, feel free to use the template and modify it as you see fit. I’d also love to hear back about other areas you think are critical for these routine communications, so please drop a note if you have something to add.

Authors

Avatar

Sean Mason

Director, Threat Management & Incident Response

Cisco Security Advisory Services

1 Comment
Avatar

Function-as-a-Service 301: New Frontiers

At some point in this series, either Function-as-a-Service 101: What is It? or Function-as-a-Services 201: Common Architectures, you might have said to yourself, “Wait a minute, Cisco sells servers so why are you talking about serverless technologies?”  Even keeping in mind the oxymoronic details discussed in the 101 post that there are actually servers still present in serverless computing, it is a fair question.

And the answer is, because we are close to an intersection of two technologies that has the potential to make a profound impact on how applications get created.  As we’ve seen in this series, pieces of application functionality are getting smaller and smaller:

At the same time, there is a proliferation of networking and other edge devices that all amount to being fancy Linux boxes that are all around you wherever you go:

So what if you could place a FaaS runtime on every Cisco router in every building in the world?  What if you also had an inventory of those routers and other similar edge devices and an inventory of functions capable of running on them?

If you had all that information, instead of a mobile client application using a static API endpoint that maps back to a datacenter several hundred miles away, the application could instead call some sort of lookup service to run the function on an edge device in the same building.  That eliminates latency and leads to a much better user experience.

What would a lookup service like that be called?

Introducing: Cisco Function Router

Launched in preview in August, the Cisco Function Router allows a system administrator to track inventories of execution endpoints, functions, and clients and the clients to do location-based lookups.

A traditional hard-coded API call is subject to latency across the public Internet.  Using Function Router, the client application instead gets a URL to execute a function on a much physically closer device and avoids that latency for subsequent requests.  The result is similar to a Content Delivery Network, but for serverless functions.

Early use cases are scenarios like retail or entertainment where you know where your customers are going to be and what data they will be interested in.  Imagine caching inventory data and the functions to operate on it on the router inside your favorite retail store or storing game scores that happened earlier in the day at a popular sports venue.

We would love to hear your thoughts on this exciting new concept.  You can get started at: http://functionrouter.com.

There, you can sign up quickly, see a concept video, and learn more about this new offering from Cisco.

 

Authors

Avatar

Pete Johnson

Principal Architect

Global Partner Organization

September 21, 2017 2 Comments
Avatar

Blockchain in retail: Cisco launches new IoT alliance

You’ve probably been hearing a lot about blockchain in recent months. The technology offers new opportunities for better security for retailers, but so far it does not have a clearly defined roadmap or protocols.

As of September 19, Cisco has co-founded the Trusted IoT Alliance, a consortium of 17 companies to help establish a protocol for a blockchain-based Internet of Things (IoT). The mission of this new alliance is to set the standard for an open source blockchain protocol in major industries worldwide.

In retail, IoT simply describes the network of systems, sensors, wireless, software, and other technologies that enable digitization of the store. In practical terms, it’s the network that you already have, but better connected to help you take the next step in growing your business. The alliance will also work to create a roadmap powered by the IoT ecosystem.

What is blockchain and why should you care?

So, what is blockchain? Blockchain is an encrypted digital ledger in which transactions are recorded chronologically and publicly. Each blockchain is typically managed by a peer-to-peer network (i.e., your employees and partners’ employees). Once recorded, the data in any given block cannot be altered without also changing all subsequent blocks, which requires agreement from most of these people. Blockchain also lends itself readily to cloud-based solutions and software as a service (SaaS)–in other words, blockchain as a service. Information from all your digital devices (the IoT) helps to supply the information that feeds into the blockchain ledger.

The reason for so much focus on blockchain these days is because it has the potential to provide much more secure transactions. (It’s hard to hack a process that requires so much scrutiny from so many people.) For cardholder data, medical records, and other critical transactions, blockchain holds high potential for better security.

How is blockchain used in retail?

We all know that security is a critical issue for stores. Currently, three major use cases stand out for blockchain in retail:

  1. Blockchain supports today’s highly flexible mobile payment systems, similar to Amazon’s “walk out the door and you’ve paid for it” model. This concept not only makes payment easier for the customer, but assures far better loss prevention for your store.
  2. Traceability is a major benefit provided by blockchain. Across the supply chain, parts and products are vulnerable throughout the processing of multiple transactions–from design to development to manufacturing to shipping. By unifying every transaction down to the store, retailers can provide far better security for every step of the production process.
  3. Transactions recorded by blockchain help to authenticate high-end luxury goods (jewels, art, etc.) and identify possible counterfeits (“blood diamonds,” stolen art, etc). Where individuals or businesses are buying globally, authentication can also include sensitive items such as pharmaceuticals, assuring that any product is produced sustainably and compliantly.

Other retail use cases:

  1. Blockchain contracts used to support loyalty programs to track accrual and management of points.
  2. Stores must provide a great deal of content for all sorts of sales purposes, much of which is produced by the retailer or manufacturer. Blockchain helps to secure intellectual property, including creative digital media.
  3. Many other horizontal applications apply across industries into B2C transactions, such as smart contracts for car leases.

Blockchain is a revolutionary protocol that may well parallel TCP/IP in the early days of the internet. Just as multiple systems of networks make up the internet, we will increasingly see a multitude of blockchain networks to help keep our information secure. Interoperability and interworking is critical to this new technology and are key enablers to broad-scale adoption.

With the announcement of the Trusted IoT Alliance, major industry players have begun efforts to monitor and selectively steer this industry in a direction that will yield highly competitive results. To learn more, please read the Trusted IoT Alliance press release.

To learn more about how digital technology is driving customer interaction, take a look at Consumer 2020, a new Cisco and PSFK report.

Authors

Avatar

Mary Freeman

No Longer with Cisco