As we continue to observe National Cyber Security Awareness Month, it’s time this week to think about integrity verification and what it means for your network and your organization.

As today’s network threats increase in sophistication, the resulting risks to a business’s or government agency’s network may go undetected for days, months or even years. According to the Ponemon Institute’s 2015 Cost of Data Breach Study, malicious attacks take an average of 256 days to identify.

The same network that is also at the heart of nearly every business today is also the critical foothold for IT teams to deal with those threats before, during and after the attack. Ensuring the integrity of network hardware and software is a critical first step in ensuring that IT systems are built with a foundation of trust. Non-genuine or suspect networking hardware and software are serious threats to network robustness, its role as a critical piece of the security of your organization and ultimately, your business.

The realities of today show that the network infrastructure itself is also a target of the increased sophistication of threat actors. We’ve talked about both the evolution of those threats and the important role modern technologies have in providing robust defenses to the infrastructure itself. The ability to confirm the trustworthiness of the backbone of your business – the network – is a critical component to verifying the trust you place in it, and is based on explicit facts.

Identifying Integrity of the Network

Verifying the integrity of the network hardware and software is a critical first step in maintaining the health of any network. In light of the increased potential for cybercrime, the role of trust is more important than ever before. However, non-genuine or suspect networking hardware and software are a serious threat to network performance and cybersecurity. It is therefore important to identify and mitigate three key types of threats:

  1. Counterfeit risks – This includes hardware and/or software that was not built by the manufacturer or was altered post-manufacture without consent with the intent to imitate a genuine product, as well as devices containing pirated, tampered or malicious software.
  2. Unauthorized channel risks – Name-brand equipment procured through an unauthorized distribution channel may be stolen or second-hand. Equipment from unauthorized channels poses a higher risk for pirated, tampered or malicious software. Unauthorized third-party components can also compromise the quality of existing equipment.
  3. Non-genuine software risks – Software that has been modified by an unauthorized entity can compromise the operation of the device. Malicious software can provide an attacker with the ability to monitor and exfiltrate information. Non-genuine software could also disable or “brick” hardware while attempting to perform platform maintenance or software upgrades.

As cyber threats against organizations continue to grow in number and sophistication, your ability to gain visibility into the integrity of your network is critical. To reduce operational risks and improve your overall network infrastructure security posture, you must verify the integrity of the people, processes, technologies and policies that are in place. The Integrity Verification Service enables you to build the critical element of trust into relationships with your suppliers and your customers or constituents.

For more information, read the Cisco Integrity Verification Service overview.



Anthony Grieco

SVP & Chief Security & Trust Officer

Security and Trust Organization