NCSAM: Diversity, Consistency, and Security Intelligence

October 1, 2012 - 0 Comments

The security community at Cisco is very diverse. It extends beyond the typical researcher or analyst roles to include customer-facing engineers and marketing, public relations, and legal teams. The community is comprised of individuals with greatly varied backgrounds, skill sets, and charters and contains a wealth of knowledge on just about any topic. This diversity allows Cisco Security Intelligence Operations to understand and react appropriately to today’s threats as well as those that we may face in the future.

If we think about security intelligence—which I define as raw information enhanced through correlation, processing or perspective—having an established variety of inputs is key. Our people are certainly one of those inputs.

The trick, however, is utilizing that diversity in such a way that you can create consistent and predictable outputs that can be easily absorbed and acted on.

This Security Blog is Cisco’s most informal and unstructured security-specific output. Authors are encouraged to share well-framed opinions, data or tools in a personal way. This is in contrast to our more operationally-focused outputs such as IntelliShield Alerts, Threat Outbreak Alerts, Security Advisories, and Applied Mitigation Bulletins where consistency is absolutely critical.

Grasping unfamiliar security issues can be difficult enough without having to decipher a document’s purpose or format. Instead, it is vital that you be able to readily find the information you require. Whether you’re looking for a CVSS Score or fixed-software information, you should be able to find it in exactly the same location as you did previously. Without such consistency, the delivery of our operational messages would be slowed, confused or lost entirely.

There will be times, however, where we must update the format of our outputs or even create entirely new outputs. As a customer-focused organization we’re constantly working to evolve our work to changes in customer expectations or the security landscape. The release of OVAL and CVRF documents for the recent Cisco IOS Software Security Advisory bundle is an example of us doing exactly that. When we do make changes we will communicate them to you so that you can understand and plan for them going forward.

October is National Cyber Security Awareness Month (NCSAM). If you regularly follow this blog you’ll know that our content is as diverse as the community I’ve described above. We have asked individuals from around Cisco to share their security views during October here on the blog. Some of these individuals might be familiar to you, but many of them will be unfamiliar. All of this month’s NCSAM posts can be found using the “cyber-security-month-2012” tag just as we did in 2011.

I encourage you to comment and share your opinions as you read the posts on this blog. Your perspective and feedback is important to us.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.