Cisco Blogs


Cisco Blog > Threat Research

Microsoft Patch Tuesday – June 2015

Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release sees a total of 8 bulletins being released which address 45 CVE. Two of the bulletins are listed as Critical and address vulnerabilities in Internet Explorer and Windows Media Player. The remaining six bulletins are marked as Important and address vulnerabilities in Microsoft Office, Windows Kernel, Active Directory, Microsoft Exchange Server, and Microsoft Common Controls.

Read More »

Tags: , , , ,

Hosted Identity Services: Scaling Security in the Age of Mobility

The rapid expansion of connected devices is a double-edged sword for businesses. On one hand, mobility, cloud, and BYOD innovations enable unprecedented flexibility, collaboration, and ease of access for employees. Fifty percent of employers will adopt BYOD policies by 2017, and 90 percent of American workers are already using their own smartphones for work.[1] But this flexibility comes with a cost: as endpoints multiply, controlling network access becomes increasingly difficult. The vast majority – 90 percent – of organizations lack full awareness of all of the devices accessing their network.[2] At the same time, insiders perpetrate 34 percent of all cybercrimes highlighting the key role of identity access management in maintaining a strong cybersecurity posture.[3]

Read More »

Tags: , , , ,

Security Everywhere Across the Extended Network

The digital economy and the Internet of Everything (IoE) are creating a host of new opportunities.  With as many as 50 billion connected devices by 2020, this wave of digitization will spell new opportunities for organizations and governments and the consumers and citizens they serve.

Yet, the more things become connected, the more opportunities exist for malicious actors as well. We are now dealing with a new world where more and more devices are creating a broader and more diverse attack surface that can be exploited.

Attackers are becoming stealthier, better organized, collaborating extensively, and are well resourced. According to the Cisco 2015 Annual Security Report, malware is becoming increasingly sophisticated and elusive. Since 2009, we have seen a 66 percent compound annual growth rate of detected security incidents.

In order to respond faster to threats and achieve better outcomes requires a tightly integrated security architecture that is as pervasive as the devices and services we are protecting. For this reason, we believe that the most effective way to confront these challenges is to evolve to an approach that extends security everywhere – both embedded into the intelligent network infrastructure and pervasive across the extended network – from the service provider to the enterprise network infrastructure, data center, IoT, cloud and endpoint. This is essential to protect today’s wide array of attack vectors while positioning security to act as a growth engine to enable companies to seize new business opportunities.

Read More »

Tags: , , ,

Leveraging the Network as a Security Sensor and Policy Enforcer

The topic of cybersecurity has become so ubiquitous that it’s almost a daily occurrence to read or hear about security breaches in the news. Cisco understands this paradigm shift within the nature of computing, that the Digital Economy and the Internet of Everything now requires what we are calling Security Everywhere. Security has to span the extended network in order to protect against an ever growing array of attack vectors. Scott Harrell, Vice President Product Management has written a more detailed blog about this specific topic here .

The key point to note about Security Everywhere is that organizations are under unrelenting attack and breaches are happening every day. Attackers have also created sophisticated malware that can be launched into the network, gather information to intelligently understand exactly what, when and how to attack and then launch an extremely surgical and devastating attack against the network. Our Cisco 2015 Annual Security Report is an excellent resource for detailed research about the nature and frequency of attacks against the enterprise.

Read More »

Tags: , , ,

ISE Ecosystem Expands to Drive Deeper Visibility and Control with Cisco Identity Services Engine

In one of my previous posts, I noted how Network Access Control (NAC) platforms have started evolving into more visibility-focused and context-aware platforms in the face of major business trends such as enterprise mobility, the migration of resources to the cloud, and the ubiquitous Internet of Everything. Consequently, “new NAC” technology has quietly transformed from a complicated set of controls – outdated in a more mobile world – into a powerful business enabler for enterprises.

The Cisco Visual Networking Index (VNI) forecasts that over fifty billion new connected devices will hit networks by the year 2020. With this massive proliferation of network-enabled devices firmly in mind, I am proud to announce that the latest version of the market-leading Cisco Identity Services Engine (ISE) is now available. Cisco Identity Services Engine builds upon the solid foundation of our last release to round out the current platform by focusing on expanding the ISE partner ecosystem with new, exciting categories for context-aware security as well as advancing endpoint security capabilities.

Read More »

Tags: , ,