March 2013 Cisco IOS Software Security Advisories: T-7 and Counting!
On Wednesday of next week, the Cisco Product Security Incident Response Team (PSIRT) will release the first Cisco IOS Software Security Advisory Bundled Publication of 2013. As a reminder, Cisco releases bundles of Cisco IOS Software Security Advisories on the fourth Wednesday of March and September each calendar year. As is the case with the vast majority of our Security Advisories, vulnerabilities scheduled for disclosure in the upcoming bundle will normally have a Common Vulnerability Scoring System (CVSS) Base Score from 7.0 to 10.0.
Addressing Ongoing Security and Compliance Requirements
Organizations continue to face threats to their brands, reputations, and profits from attacks on their information systems. The Payment Card Industry Data Security Standard (PCI DSS) is designed to protect credit card information. During my five-year tenure at Cisco, I’ve been focused on PCI. The challenge that we have faced when deploying a solution to help customers become compliant and maintain a secure enterprise is the complexity. At the various trade shows that I have attended to discuss PCI, I have encountered a lot of head-shaking and looks of disgust as I bring up the topic of PCI. To help simplify PCI compliance, Cisco has released the latest Cisco Compliance Solution for PCI DSS 2.0 to make it easier for organizations to maintain a secure, compliant network.
Tools of the Trade: cvrfparse
In this article, you will be provided a thorough treatise on an in-house developed tool for parsing and validating CVRF documents aptly named "cvrfparse". The article is split into two parts. The first part, intended for CVRF document producers and consumers, is a hands-on manual detailing how to use cvrfparse. The second part, intended for burgeoning Python programmers, explores some of the inner workings of the tool.
PCI-related Observations from RSA 2013
The author expresses concern over the apparent fear or lack of knowledge exhibited by attendees of the recently concluded RSA 2013 Conference.
Becoming PCI certified…is this within reach?
Anyone who has been involved with compliance knows that simplifying complexity is the key to maintaining a secure and compliant organization. It’s become quite apparent that sustaining compliance is a marathon, and the journey must be travelled with vigilance. This is not something that is an endpoint or a task, that once accomplished, can be […]
Securing Your Company’s Data in a Mobile World
This post highlights the growing concern amongst companies with trying to reign in control of BYOD solutions with data security policies and technologies. Cisco’s Secure Access solution is available to help these companies build a foundation that connects people anytime, anywhere, using any device. To learn about Cisco’s Secure Access, visit: http://www.cisco.com/en/US/netsol/ns1204/index.html#~Overview.
Why the Cisco SIO Portal Doesn’t Give Out Candy
This blog post highlights the most recent changes, several of which based on direct Cisco customer feedback, made to the Cisco Security Intelligence Operations (SIO) Portal. Thanks to this customer feedback, Cisco SIO is armed with the data necessary to evolve the Portal to ensure that relevant security content is where you need it, when you need it.