2017 - Page 65 of 223

September 15, 2017 5 Comments

Get 10 years from 9 volts: The power of LoRaWAN

Here it is, my second blog post.

I think I’m slowly getting the hang of this blogging thing, surveying the state of the Internet of Things and making bold predictions about the future. To recap, I’m an engineer for Cisco in our federal group, working on the architectures for IoT. I live in the Washington, DC, area, with a wife, a kid, and a dog.

Corgi standing in water dish. — Remember Frisky?

In my first blog post I introduced our family dog, Frisky the Corgi. I mentioned Frisky because he is really awesome, but also to talk about the Whistle, a product that lets us track activity of the dog, see how much exercise he gets day by day, and where to find him if he gets out. It has 4G, Bluetooth, and Wifi connections.

The Whistle is great, but it has to be charged every few days. This is the big problem with most wireless devices – battery life. My idea of the killer app is anything extends the battery life of these things — not just Whistle, but all of the things that we connect to the network these days.

So let me introduce a technology called LoRaWAN – a specification that applies to battery-powered objects in a Low Power Wide Area Networks. This is a new protocol built from the ground up for battery-operated things that have a low data rate. Want to be amazed? A single nine-volt battery can power a LoRa sensor for up to 10 years, broadcasting its signal up to 10 miles.

One more time: 10-year battery, 10-mile range.

The obvious use cases for this are things like smart water meters and smart gas meters. They are often located far from reliable network coverage.

But that’s not all they can do. At a military show in June, Cisco Federal did a quick demo of the technology with Intel Corp. that showed how the sensors could be used for troop protection from chemical agents. (Read more about that here.) There is really no limit to what the LoRa technology can be used for, but the sweet spot leverages the range and battery life advantages.

There are several layers of encryption to keep the data secure, so federal and defense agencies can deploy LoRa with confidence.

Cisco is a sponsoring member of the LoRa Alliance, an open, non-profit organization, and is promoting the standard throughout the industry. The LoRa Alliance has established a certification process for device manufacturers to ensure devices adhere to security and capability standards.

The LoRa Alliance has more than 500 members, and is involved in about 400 trials and deployments around the world.

There are many, many more benefits to this new technology. Here are just two: First, the sensors themselves are really cheap, and the infrastructure is inexpensive since you don’t need high density on the gateways. Secondly, you can get fairly accurate geolocation using triangulation, with no need to use the GPS network.

As you can tell, I’m pretty excited about what LoRaWAN could mean for my customers, and the IoT space in general. As LoRaWAN prices go down and the technology becomes commonplace, we will see it used more and more for locators like Whistle.

The promised bold prediction: In the very near future, you won’t lose dogs or other things of value anymore.

Find out more about the Cisco LoRaWAN solution.

Authors

Michael Harttree

Vertical Solutions Architect

US PS - Federal Area SSED

6 Comments

Introducing the First Benchmark Standard for IoT

Raghunath Nambiar

We have reached a point where virtually every electronic device can be connected to the internet and interact with its surrounding environment. The explosive growth of the Internet of Things shows no signs of slowing down, and in fact, may actually be speeding up. We have already seen new businesses created, existing ones destroyed, and new insights derived from analytics, creating a competitive advantage for organizations which can collect large datasets and parse them, to glean actionable insights. This process is transforming every industry.

The unique qualities of the IoT introduce new challenges, in particular, how to characterize performance and total cost of ownership (TCO). Critical to the success of IoT deployments are the IoT gateway systems. These systems are positioned between the devices at the edge of the network and the back-end data center. They perform functions such as data aggregation, real-time analytics and persistent storage.

The Transaction Processing Performance Council (TPC) is announcing the TPC Express Benchmark^TMIoT (TPCx-IoT), the industry’s first benchmark for measuring the performance of IoT gateway systems. TPCx-IoT was developed to provide the industry with an objective measure of the hardware, operating system, data storage and data management systems for IoT gateway systems. TPCx-IoT was specifically designed to provide verifiable performance, price-performance and availability metrics for commercially available systems that typically ingest massive amounts of data from large numbers of devices.

The TPCx-IoT benchmark models a continuous system availability of 24 hours a day, 7 days a week. TPCx-IoT can be used to assess a broad range of system topologies and implementation methodologies in a technically rigorous, directly comparable, and vendor-neutral manner.

Developing an industry standard benchmark for a new environment like IoT required the dedicated effort of experts from many companies. I would like to express my appreciation for the contributions of: Andy Bond (Red Hat), Bhaskar Gowda (Intel), Chaitanya Kundety (Huawei), Chinmayi Narasimhadevara (Cisco), Da Qi Ren (Huawei), David Grimes (Dell), Hamesh Patel (Intel), Jamie Reding (Microsoft), John Poelman (IBM), Karthik Kulkarni (Cisco), Ken Rule (Intel), Meikel Poess (Oracle), Nicholas Wakou (Dell), Matthew Emmerton (IBM), Mike Brey (Oracle), Paul Cao (HPE), Reza Taheri (VMware), and Tariq Magdon-Ismail (VMWare).

I envision TPCx-IoT will be a useful benchmark standard for buyers in terms of performance, price/performance and energy efficiency as they evaluate new systems for Hadoop deployments. Vendors will find it equally useful as a way to demonstrate the competitiveness of their products. The specification and kit are publicly available for download via the TPC’s Web site at the following URL: http://www.tpc.org/tpcx-iot/.

TPC Press Release

Sincerely

Raghu Nambiar, Chairman TPC IoT

Authors

Raghunath Nambiar

No Longer with Cisco

Open Up the Pipeline for Future Workers

Kate O'Keeffe

We can’t talk about the future of work without considering the worker of the future. Who will that worker be? What kinds of skills will she or he need to thrive in an era of artificial intelligence (AI) and automation? And how will companies find, recruit, and train the workers they will need to compete in the 21^st century and beyond?

These are some of the questions we’ll be exploring in the next Cisco Hyperinnovation Living Labs (CHILL) event, where a cross-section of industry leaders—previous labs have included the likes of GE, Intel, and Visa—will come together to work shoulder-to-shoulder to help shape the future of work.

There’s no doubt that emerging technologies will dramatically change work as we know it. We’re just not sure what all the ripple effects might be. A McKinsey study showed that 45 percent of individual work activities could be automated using existing technologies. That doesn’t mean that 45 percent of jobs are going away, just that some elements of most jobs could be automated—including up to a third of a CEO’s job activities. Imagine the strategic work a CEO could do with an extra two or three hours a day!

Some jobs are certainly more susceptible to automation than others—the potential for disruption looms especially large in accommodation and food service, manufacturing, agriculture, transportation, warehousing, and even retail. Like other inflection points, technology will create new opportunities for workers even as it eliminates some traditional jobs.

Look back 100 years. The widespread adoption of automotive technology killed jobs for blacksmiths and carriage drivers, but lifted millions of people into the middle class with new, well-paying jobs as autoworkers, mechanics, and truck drivers. Now think back just 30 years. The World Wide Web did not exist. Nor did Amazon, Google, Facebook, Uber, or Tesla. The entire technology landscape has changed since then, transforming job requirements and creating amazing new opportunities.

So, what will the new opportunities for the worker of the future be? More and more, they will be in science, technology, engineering, and math. According to a study by the World Economic Forum, jobs in STEM occupations in the United States will grow 12 percent from 2014 to 2024—faster than the average of all occupations.

As manufacturing, mining, construction, and other blue-collar jobs lose ground to automation, many people see technical jobs filling the gap. In fact, a recent article in Wired wondered if coding could be “the next big blue-collar job… the equivalent of skilled work at a Chrysler plant.”

The big question is how to train these workers with the skills they’ll need for 21^st century jobs. It’s a question ripe for innovation. For example, LRNG is a startup we met during our CHILL Future of Work Learning Journey. LRNG is focused on using digital learning to transform underserved communities. It challenges teaching teams to go “beyond bells and walls” to reimagine learning experiences that engage and inspire—and rewards the best ideas in its annual Innovators Challenge.

Many of the workers who will fill the new “blue collar” technical jobs won’t come through the traditional route of four-year colleges and universities. As I alluded to in my last visual blog, many of the technical workers of the future will come through community colleges, apprenticeships, and other non-traditional training programs. Some tech companies are now partnering with community colleges to combine classroom learning with real-world apprenticeships in areas where the companies need more skilled workers. Other organizations are looking to engage younger students to put them on a path to technical competency. Code TN is a Tennessee-based nonprofit that brings together schools and developers to teach high school students how to code. The program gives kids from all backgrounds hands-on experience in software development and gives them the satisfaction of creating their own apps. And it goes beyond technical skills to expose them to the creative, collaborative thinking they’ll need in the new world of work.

The possibilities for innovation are boundless. The CHILL team is currently assembling a cohort of leading companies to create industry-shifting disruptive innovation around the future of work—and the worker of the future.

What do you think? Would you like to be part of designing the future? Let’s talk. Join the conversation on Twitter @katecokeeffe to get started.

Authors

Kate O'Keeffe

Senior Director

Customer and Partner Innovation

3 Comments

Cisco Named Sustainability Leader by Dow Jones Sustainability Index

Kathy Mulvany

Cisco is proud to be named to the Dow Jones Sustainability (DJSI) World index. We’ve been on the World Index 10 of the last 13 years. The DJSI series, a globally recognized benchmark, rates companies based on their economic, environmental, and social dimensions. The indices serve as a resource for investors who factor sustainability into their investment decisions.

The DJSI’s methodology converts an average of 600 data points per company into one overall score – and only the top 10 percent of the largest 2500 companies in the S&P Global BMI (Broad Market Index) make the World Index. The DJSI criteria include—in addition to classic sustainability measures—management practices and performance measures such as corporate governance, human capital development, and risk and crisis management.

For the IT industry, 2017 DJSI criteria included cybersecurity solutions, the ability to manage disruptive innovations with the right people and skill mix, environmental standards, supplier compliance—especially as it relates to fair working conditions in emerging economies, energy efficiency, product life cycle, and cloud-based solutions that enable customers to achieve operational efficiency gains.

In our industry, key 2017 DJSI criteria included cybersecurity solutions, the ability to manage disruptive innovations with the right people and skill mix, environmental standards, supplier compliance, especially as it relates to fair working conditions in emerging economies, energy efficiency, product life cycle, and cloud-based solutions that enable customers to achieve operational efficiency gains.

Cisco led or tied for the best score in the Communications, Media & Technology (CMT) industry in the following topics:

Code of business conduct
Corporate governance
Materiality
Climate strategy
Environmental policy and management systems
Hazardous substances management
Operational eco-efficiency
Corporate citizenship and philanthropy
Human rights
Talent attraction and retention

Cisco is honored to again be included on the World DJSI index. We understand that stakeholder expectations continue to rise, and we will need to stay focused on continuous improvement in both performance and transparency to maintain our leadership on the World index.

At Cisco, our CSR strategy focuses on people, society, and the planet, prioritizing issues most important to our business and stakeholders in areas where we can make a positive impact.

Through the DJSI we are able to benchmark our performance in many of our CSR priority areas, such as ethical conduct, human capital, responsible sourcing and manufacturing, human rights, energy and greenhouse gas reduction, and our work to benefit millions in underserved communities.

This November, Cisco will release our annual CSR Report with updates on our CSR progress in fiscal year 2017, which ended in July.

Until then, you can stay informed of our commitment to sustainability and corporate social responsibility, by subscribing to our CSR email list.

Authors

Kathy Mulvany

VP Corporate Affairs

Corporate Affairs

How to Evolve Media Infrastructure, and Sleep Well at Night

Michal Brenner

Imagine you’ve made a decision to move out of your house—the one that’s faithfully served your needs in the past years—to a new one. You want your new house to be part of the digital world around you, and to enjoy all the benefits of modern technology, so you make it connected, smart, automated.

But then, you also think of the possible implications of this change. New risks that weren’t relevant to you before. What if someone uses a flaw in the smart front door lock to break in, undetected, and steal your valuables? What if someone accesses feeds from IP cameras in your home to gather private information about your family?

These scenarios are unsettling to contemplate, but they are real. When you hear about your new neighbors being attacked, that reality drives home even further!

This digital home example carries many parallels to the digital transformation happening in the media industry. It’s impossible to ignore the growth of cyber-attacks and online piracy faced by content creators and service providers. The ongoing flow of coverage about data breaches and content leaks not only serves as a reminder, but also as a beacon. The potential for new ‘firsts’—attacks with unprecedented scale or level of impact—to mirror similar realities in other adjacent industries, is eerie, at best.

Now, to the good news: It really is possible to achieve a sound security footing in the “open IP and cloud” era. I’m not saying it’s easy. It requires authentically deep visibility, and control, throughout all points in the infrastructure. And now, right now, is exactly the time for content and service providers to ensure that they inherently integrate security into their evolving infrastructures.

At Cisco, we’ve adopted an integrated, best-of-breed architectural approach to make security simple, open, and automated. Our product designers are continually enhancing our security solutions to interact seamlessly with each other, to close security gaps and enable automation. And, just as important, we’re integrating security with the underlying data center, cloud, and network infrastructure. Working together, our solutions help our customers to detect and respond to more threats, faster.

And we’re making some real progress.

Here’s a good example of that: We recently integrated Cisco’s Tetration with Cisco’s Stealthwatch to give our customers complete visibility and control over network traffic, application components and workloads in data centers as well as multi-cloud environments. The two products complement each other: Tetration provides analysis and policy enforcement for all applications running in the data center. Stealthwatch tracks and analyzes network traffic behavior.

To get visibility, both Tetration and Stealthwatch rely on sensors for comprehensive network telemetry data. The sensors provide a real-time view of incoming and outgoing traffic from corporate and production networks, as well as across them—which is to say, any lateral movement of traffic within the network. The rich telemetry data produced by these sensors is key, because it enables our customers to see and act upon any suspicious behavior that may indicate an attack. It also enables forensics and evidence gathering after an attack has occurred, for investigation and incident response purposes.

Tetration contributes another key security capability: application segmentation. Segmentation is key to security, as it prevents hackers from moving laterally east-west across the network. This limits the ability to maneuver through systems and data after an attacker successfully penetrates the network, thereby containing the threat. Tetration analyzes application behavior and dependencies, and uses unsupervised machine learning to group and segment applications autonomously. The result? Applications that aren’t meant to talk to each other, don’t.

To see how our solutions could help the video industry, consider a major data exfiltration attack used to steal premium video content, scripts, sensitive emails, personal data, you name it—we’ve seen a number of cases of such attacks affecting media companies and service providers in the recent past. With visibility, security staff could be alerted of suspiciously heavy traffic loads to a particular device or external IP address, and equipped with detailed information to quickly analyze the problem. Segmentation would enable the company to disable transfer of video content, for example, from media storage or playout to an unauthorized file transfer application. In addition, security technologies such as firewalls, intrusion prevention systems, identity & access management, and email and web security solutions—all in Cisco’s portfolio–can prevent many attack methods from happening in the first place, and stop ones that occur.

As the infrastructure transforms, protecting the business, its valuable assets and people necessitates innate security. The media industry owes it to itself to enjoy the benefits of cloud and IP — while remaining focused on what it does best; producing and delivering content that entertains, touches, and connects people.

Security can be a disquieting issue that can keep us up at night. But it doesn’t have to be that way if we address it properly.

You can bet your house on it.

Let’s talk security. We’ll be at IBC, booth #1.A71, and look forward to seeing you there!

Authors

Michal Brenner

Marketing Manager

Service Provider Video Marketing

1 Comment

Video Aware Networking – A Performance in Four Acts

Yoav Schreiber

This is a story with two protagonists: Low latency “ABR” encoding (where “ABR” stands for “Adaptive Bit Rate”) and the hot ticket that is “Video Aware Networking.” And believe it or not, it will keep you at the edge of your seat. (Stick with me here.)

It goes like this.

Act 1: As broadcasters, “traditional” content providers and distributors, re-tool their shops to reap the benefits of the online, IP video streaming world, a big design goal is to match the (previously) unparalleled video quality of, well, the traditional broadcast. Video streams, distributed in every direction, tightly time-synchronized. So that every TV in the house — my house, your house, your cousin Jimmy’s house — gets the same high quality pictures and the same audio, at the same time.

Enter “latency,” defined here as the number of seconds that elapse, on average, from the time a TV show is broadcasted (again, traditional sense), to the time you’re watching it on TV.

Turns out the number is around six. Six seconds. That’s the bar, for anybody aiming to deliver live video on par with “how it ever was,” since the beginning of television.

Act 2: Over-the-top video, IP-streaming video, call it what you will — the way we consume video is changing, and part of it impacts that six second latency target. Turns out that IP delivery introduces additional latencies, because, the video is processed multiple times and delivered in fragments. (Those same fragments are what get “adapted” in “adaptive bit rate” encoding, by the way.)

Early on in IP-streaming video, the fragments were pooled into buffers, waiting to play out. Most of them were sized into 10-second segments. Client devices (connected TVs, smart phones, tablets) would buffer about three segments — resulting in roughly 30 additional seconds (10 x 3) of latency at the client.

As a result, if you and I were watching the same show, delivered “over-the-top,” you might see it a half a minute (or more) before I do.

Apple’s latest HLS spec has recommended a lower six seconds segment, but clients were still adding at least 18 seconds of latency (6 x 3). Not to mention the video processing latency added to encode, package and distribute content.

Act 3: Clearly, something was (is) needed to accelerate the process, from the time it leaves the ABR encoder, to the time it reaches the client device. One way is known as “Chunked Transfer Encoding,” which also goes by “HTTP 1.1.” Essentially, it breaks video segments into smaller chunks, of a specific duration. As soon as a chunk is processed, the segment can be published (like a file being transferred) – even before the remaining chunks of that segment are processed. As a result, segments can be sent in near real-time, through the pipeline, chunk by chunk.

Another way to reduce latency is coming from the Common Media Application Format (CMAF), a new media streaming format that provides visibility into the chunks, as they’re being created. That way, every component in the pipeline can know that the chunk they’re receiving and forwarding belongs to a specific segment, to be published.

One caveat — or, opportunity, really — is that Chunk Transfer Encoding and CMAF streaming capabilities need to be added to the entire pipeline. As in, every component (encoder, packager, CDN) needs to be made aware of the chunks. (Which is where “Video Aware Networking” ties in.)

Act 4: At IBC 2017, we demonstrated our work to squeeze more latency out of IP-streaming video transmissions. And guess what, we’re at end-to-end latency of 5 seconds as opposed to more than 30 seconds (what!) in our proof of concept. Here’s how it breaks out:

Encoder latency reduced to 3 seconds for real-time transcoding and the creation of 10-second segments, comprised of 0.5 second chunks
Packager latency of 1 chunk at 0.5 second duration
CDN latency of 1 second
Client latency of 1 chunk buffer of 0.5 second duration

There’s end-to-end awareness of CMAF chunks, too — every component in the pipeline is aware of the HTTP chunks, and participates to reduce overall latency. It’s an open standards-based implementation (HTTP 1.1 and CMAF) that takes advantage of the underlying, “video aware” network, to squeeze down latencies, and more closely align with the “gold standard” that is traditional broadcast television.

So: As dry-as-a-bone tech stories go, I think this one carries a remarkable amount of sizzle. Don’t you?

Authors

Yoav Schreiber

Marketing Manager

Service Provider Video Marketing

September 14, 2017 Leave a Comment

Deep Dive in MarkLogic Exploitation Process via Argus PDF Converter

Talos Group

This post authored by Marcin Noga with contributions from William Largent

Introduction

Talos discovers and responsibly discloses software vulnerabilities on a regular basis. Occasionally we publish a deep technical analysis of how the vulnerability was discovered or its potential impact. In a previous post Talos took a deep dive into Lexmark Perceptive Document Filters, in this post we are going to focus on another converter used by MarkLogic located in `Converters/cvtpdf` folder, which is responsible for converting pdf to XML-based formats – Argus PDF. This blog will cover the technical aspects including discovery and exploitation process via the Argus PDF converter.

Talos Group

Talos Security Intelligence & Research Group

1 Comment

DevNet Sandbox Part 2: Making it Easy to Learn and Innovate

Tom Davies

This blog is the second in a series of two, focussing on DevNet Sandbox and the awesome free access to Cisco and Open Source tech it provides all our DevNet users.

In my Part 1 blog I explained how DevNet Sandbox provides great fast, on-demand access to a whole host of Cisco technology, third party solutions and developer tools – completely FREE – and how DevNet Sandbox provides super-fast hands on access to this tech, before you commit to them. In this post, I’m going to go through some more of the details that will help you when working with Sandbox and advanced features you can leverage along the way.

So, let’s say you’ve signed up and you’ve taken a look at the Sandbox Catalog. You now want more information on what that sandbox provides and how you get started. Simply click on the center of the tile and we’ll open up the details view of that Sandbox.

On the left, we’ll give you information about the Sandbox. An overview of the sandbox itself, details about the tech that is in there, links to other goodies like documentation and associated DevNet Learning Labs and a topology of the sandbox that we’ll spin up for you.

We also provide details of the DevBox – a VM that you can SSH into, containing a bunch of great developer tools to help you out which we add to all the time:

Example software available:

Gnome Desktop
Docker Daemon and Engine
git tools
pyenv
Python 2.7
pip
virtualenv
drone command line tool
PyCharm Community
node version manager (nvm)
node v6.9.2 (LTS)

You’ll also get instructions around a simple ‘hello world’ example that you can play with to start to understand just what you can do with the Sandbox tech you have chosen and get that first win under your belt fast. There’s a good example here based on our CI/CD Sandbox.

When you’ve decided the sandbox has the right technology, functions, and environment you need, you can reserve it using the ‘reserve’ button in the top right corner, which brings up an embedded interactive reservation UI. You’ve got a few options at this point…

You can choose the length of time you want to reserve the sandbox for (up to a week as default). Click the pencil icon next to ‘schedule’ and then select the calendar icon or timings drop downs next to the ‘For (Duration)’ option.

Using the ‘Start From’ option, you can schedule the sandbox for some time in the future, too.

If you click the top right button on the reserve menu, you can also select from advanced options. Here, you can specify other permitted users that can use the Sandbox, too – so that you can team work in the same Sandbox! Handy.

Around this time, you’ll be good for reserving and eager to get straight into matters, no doubt. So, hit reserve!

From there, we take care of the rest and provide you email updates all along the way.

We’ll send you an email update detailing:

Confirmation of your reservation
Confirmation when active with VPN connection details, if prudent
Notification that the reservation will be ending, close to the end time
Notification that we’ve ended the reservation.

This way, you’re constantly informed of the status of the sandbox and the lifecycle we’re running.

Once you’ve completed the hello world, there’s absolutely nothing stopping you going totally free form and playing away – but you might be interested in learning in a more step-by-step approach and that’s why we also flag and link any related learning labs that could help you with the details of the Sandbox, too.

So, we’re hoping from information to instructions, step-by-step guides to hello world examples, developer tools to lifecycle management…we’ve got you covered. You just need to focus on learning and the next great thing you’re going to build using the tech you chose to run with!

Our goal at DevNet Sandbox is to make innovation easy and learning for developers, simple. We’ll keep striving to help you get the results you’re looking for and the solutions you want.

Go ahead and get stuck into something new! And don’t hesitate to send me a comment or question on this blog. The DevNet Sandbox team is here to help you develop and innovate.

We’d love to hear what you think. Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!

Twitter @CiscoDevNet | Facebook | LinkedIn

Visit the new Developer Video Channel

Authors

Tom Davies

Manager, DevNet Sandbox

Developer Experience

1 Comment

Get Ready, Get Certified: Early Adoption of CBPR Makes Doing Business with Asia Easier

Michelle Dennedy

While the EU General Data Protection Regulation (GDPR) enforcement deadline is less than a year away and it’s “all systems go” to get ready, privacy – like all other fundamental human rights – is not just a European issue. The specific rules and requirements might differ between jurisdictions, but the principles of protecting and respecting personal data and being transparent, fair, and accountable, apply worldwide.

With 21 member economies, APEC (Asia Pacific Economic Cooperation) is an important region for Cisco. Over 60 percent of our revenue is generated from an APEC economy, which includes the United States.

The APEC member economies have adopted the APEC Privacy Framework with its nine privacy principles:

Preventing Harm
Notice
Collection Limitation
Uses of Personal Information
Choice
Integrity of Personal Information
Security Safeguards
Access and Correction
Accountability

These principles align to internationally recognized privacy guidelines, frameworks, and laws such as the OECD Guidelines, EU/Swiss-US Privacy Shield, EU Binding Corporate Rules, GDPR, Japan’s Act on the Protection of Personal Information, Singapore’s Personal Data Protection Act, Korea’s Personal Information Protection Act, and others. To ensure a consistent baseline of privacy protection when data processing crosses borders, APEC created the Cross-Border Privacy Rules system (CBPRs). Like the EU’s BCRs and Privacy Shield, companies can certify under the CBPRs and publicly commit to honoring the CBPRs principles no matter where data processing takes place. An APEC-approved, independent third party, called an Accountability Agent, reviews the company’s policies and practices to verify compliance and issues the certification. A CBPRs-certified company is permitted to transfer and receive personal data collected in an APEC member economy across borders (i.e., the certification satisfies Japan’s new cross-border restrictions).

The CBPRs is a relatively new certification that is beginning to gain traction. Japan and South Korea recently joined the system, and Canada, Mexico, and the United States are full participating economies. Singapore submitted its formal “notice of intent to participate” in July of this year and we are seeing strong interest from other APEC economies, including Australia, Chinese Taipei, Hong Kong, the Philippines, and Vietnam. Cisco was an early adopter and has been CBPRs certified since 2016. We are actively working with APEC in “capacity-building” efforts to expand the adoption of the framework among member economies and companies doing business in Asia. As more economies and countries join the CBPRs, we will see a strong network effect and greater benefits of participation.For more information about Cisco data protection and privacy, visit trust.cisco.com.