ncsam-2013

October 31, 2013

SECURITY

NCSAM 2013 Wrap-Up: Cisco Thought Leadership Regarding a Different Ghost in the Machine

1 min read

Is it the end of October already? As has been true for centuries, there is a tradition for children to wear costumes and disguise themselves while going door to door with a simple question: “Trick or treat?” While I am not sure there is a coincidence, but having National Cyber Security Awareness Month (NCSAM) end […]

October 30, 2013

SECURITY

Your Device Is Wide Open on the Internet!

3 min read

Stop-think-connect is not only for kids. Everyone, including nerds like me and network and security professionals, should pay more attention before connecting any device to the Internet. Routers...

October 28, 2013

SECURITY

Patch Management Overview, Challenges, and Recommendations

3 min read

Employees of every organization use a variety of computing devices such as desktops, servers, laptops, security appliances, and mobile devices to increase productivity in this ever-changing world of Information Technology. The confidentiality, integrity, and availability (CIA) of information has become essential to success and often a competitive advantage. A comprehensive patch management process should be […]

October 24, 2013

SECURITY

To SIEM or Not to SIEM? Part II

10 min read

The Great Correlate Debate SIEMs have been pitched in the past as "correlation engines" and their special algorithms can take in volumes of logs and filter everything down to just...

October 22, 2013

SECURITY

To SIEM or Not to SIEM? Part I

7 min read

Security information and event management systems (SIEM, or sometimes SEIM) are intended to be the glue between an organization's various security tools. Security and other event log sources export their...

October 21, 2013

SECURITY

Security Is Pervasive in the Cisco Blog Community

1 min read

As we pass the halfway point of National Cyber Security Awareness Month (NCSAM), I wanted to call attention to some of our colleagues over on the Cisco Government Blog.

October 21, 2013

SECURITY

Defensive Security: The 95/5 Approach

1 min read

Many organizations make the error of thinking that basic defensive software is sufficient to protect critical data and infrastructure. When in reality, in order for government and enterprise organizations to keep their data protected from increasingly advanced cyber threats, comprehensive defensive security approaches are critical. And even with advanced, comprehensive solutions, there are still risks. […]

October 18, 2013

SECURITY

Getting a Handle on Your Data

9 min read

When your incident response team gets access to a new log data source, chances are that the events may not only contain an entirely different type of data, but may also be formatted differently than any log data source you already have. Having a data collection and organization standard will ease management and analysis of […]

October 18, 2013

SECURITY

DNS Knows. So Why Not Ask?

3 min read

DNS is like the town gossip of the network infrastructure. Computers and apps ask DNS questions and you can ask DNS who has been asking to resolve malware domains. When internal trusted systems are using DNS to resolve the names of known malware sites, this can be an Indicator of Compromise and a warning to […]