Cisco Blogs


Cisco Blog > Security

#CiscoChat: Incident Response in a Complex Threat Environment

Though 2014 has come and gone, one trend that dominated its headlines has unfortunately continued to do the same this year. So, what happens to an organization’s cybersecurity readiness plan when there aren’t enough security professionals to protect the network? What are the tested security strategies that can help organizations prepare, manage, respond to and recover from incidents in a quick and effective manner?

During our next #CiscoChat, we’ll seek to answer these questions and invite you to share your thoughts and solutions with us.  #CiscoChat is a program where industry experts answer your questions and participate in an open discussion on a particular topic.  Everyone is welcome to join simply by searching the hashtag #CiscoChat on Twitter and including it in your tweets to be seen by others participating. Read More »

Tags: , , , , ,

What It Means to be a Woman of Influence

It was a wonderful honor to be named to Silicon Valley Business Journal 100 Women of Influence just over a week ago; one that will help greatly with accelerating my initiatives for cloud safety—not just for business, but also for us all.

And for the honor, I owe much thanks to many incredible mentors who have believed in me and for the immense opportunities they have provided me.

Read More »

Secure Access Control in the Internet of Everything

In my role leading the development of Cisco’s IoT Systems and Software, I spend a fair amount of time speaking at industry events and talking with customers and partners. There is a lot of excitement about the Internet of Everything (IoE) – the intelligent connection of people, processes, data and things to the Internet – as it continues to take hold, bringing unprecedented economic opportunities to both the private and public sectors.

Read More »

Tags: , , , , , ,

Three Key Considerations When Evaluating Threat Intelligence Solutions

To address today’s evolving threat landscape, there’s been a shift from traditional event-driven security to intelligence-led security. Threat intelligence plays an integral role in this shift.

When you hear the term “Threat Intelligence,” it’s easy to have preconceived notions of what it means. Gartner defines threat intelligence as “evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.” I like that Gartner’s definition does not include intent. Why? Intent implies that the “menace” is trying to target you, but we know that too often this isn’t the case. Pretty much any piece of malware out there will damage unintended targets. One example is Stuxnet. It targeted Iranian nuclear enrichment facilities. Unfortunately it escaped the purported air-gapped system and has been seen in at least 10 other countries. In more practical terms threat intelligence must be:

  • Tactical
  • Contextual
  • Automated

Read More »

Tags: , , ,

Microsoft Patch Tuesday for April 2015: 11 Bulletins Released

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products.  This month’s release sees a total of 11 bulletins being released which address 26 CVEs.  The first 4 bulletins are rated Critical and address vulnerabilities within Internet Explorer, Office, IIS, and Graphics Component. The remaining 7 bulletins are rated Important and cover vulnerabilities within SharePoint, Task Scheduler, Windows, XML Core Services, Active Directory, .NET, and Hyper-V. Read More »

Tags: , , , , ,