Security

March 20, 2013

SECURITY

March 2013 Cisco IOS Software Security Advisories: T-7 and Counting!

On Wednesday of next week, the Cisco Product Security Incident Response Team (PSIRT) will release the first Cisco IOS Software Security Advisory Bundled Publication of 2013. As a reminder, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our Security Advisories, vulnerabilities scheduled for disclosure in the upcoming bundle will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.

March 19, 2013

SECURITY

Addressing Ongoing Security and Compliance Requirements

Organizations continue to face threats to their brands, reputations, and profits from attacks on their information systems. The Payment Card Industry Data Security Standard (PCI DSS) is designed to protect credit card information. During my five-year tenure at Cisco, I’ve been focused on PCI. The challenge that we have faced when deploying a solution to help customers become compliant and maintain a secure enterprise is the complexity. At the various trade shows that I have attended to discuss PCI, I have encountered a lot of head-shaking and looks of disgust as I bring up the topic of PCI. To help simplify PCI compliance, Cisco has released the latest Cisco Compliance Solution for PCI DSS 2.0 to make it easier for organizations to maintain a secure, compliant network.

March 18, 2013

SECURITY

Tools of the Trade: cvrfparse

In this article, you will be provided a thorough treatise on an in-house developed tool for parsing and validating CVRF documents aptly named "cvrfparse". The article is split into two parts. The first part, intended for CVRF document producers and consumers, is a hands-on manual detailing how to use cvrfparse. The second part, intended for burgeoning Python programmers, explores some of the inner workings of the tool.

March 14, 2013

SECURITY

PCI-related Observations from RSA 2013

The author expresses concern over the apparent fear or lack of knowledge exhibited by attendees of the recently concluded RSA 2013 Conference.

March 13, 2013

SECURITY

Becoming PCI certified…is this within reach?

Anyone who has been involved with compliance knows that simplifying complexity is the key to maintaining a secure and compliant organization. It’s become quite apparent that sustaining compliance is a marathon, and the journey must be travelled with vigilance. This is not something that is an endpoint or a task, that once accomplished, can be […]

March 13, 2013

SECURITY

Three Transitions Driving Net-Centric Security

Cisco Senior Vice President and Chief Security Officer, John Stewart, kicks off a series of video blogs focused on the topic of Net-Centric Security.

March 12, 2013

SECURITY

Securing Your Company’s Data in a Mobile World

This post highlights the growing concern amongst companies with trying to reign in control of BYOD solutions with data security policies and technologies. Cisco’s Secure Access solution is available to help these companies build a foundation that connects people anytime, anywhere, using any device. To learn about Cisco’s Secure Access, visit: http://www.cisco.com/en/US/netsol/ns1204/index.html#~Overview.

March 11, 2013

SECURITY

Why the Cisco SIO Portal Doesn’t Give Out Candy

This blog post highlights the most recent changes, several of which based on direct Cisco customer feedback, made to the Cisco Security Intelligence Operations (SIO) Portal. Thanks to this customer feedback, Cisco SIO is armed with the data necessary to evolve the Portal to ensure that relevant security content is where you need it, when you need it.

March 8, 2013

SECURITY

RSA 2013: That’s a Wrap

RSA 2013 ends and I both miss it and breathe a sigh of relief that it’s over. Let me explain. As a security guy, it’s nice to be around other...