Blog 1 of the CISO Experience series
This year Cisco hosted the first CISO Experience at Cisco Live Barcelona, on 29 and 30 January. The event attracted over 60 Chief Information Security Officers (CISOs) and other senior security leaders, who discussed the topics that are shaping cybersecurity in 2018. In this first blog of the CISO Experience series, we covered their insights on why companies need to take a more proactive approach to cybersecurity.
Imagine being locked out of your hotel room with all your belongings still inside?
Dave Justice, SVP of Global Security and Enterprise Networking Sales at Cisco, recalled a news story from December 2017, of a small hotel in Austria that was hit by ransomware not once, but four times in a year. Hackers took control of the electronic doors, and card keys simply stopped working.
To try to minimise the damage to their reputation and inconvenience to their guests, the hotel management ended up paying the ransom and has now reverted to traditional metal keys.
The hotel admitted that they did not believe they were a likely target. They did not invest a lot in security before the attack, which happened after a member of staff clicked on a malicious link in a phishing email.
Stories like this are becoming more common. Lack of security awareness is a recurring reason why many attacks happen, but it is not the only one. The cost and complexity of investing in security, as well as the shortage of security professionals, are also making companies more vulnerable.
Justice says that many companies are still looking at security from the wrong angle. He argues that security is not as simple as just buying more products. Instead, companies should consider how to consolidate their security vendors and solutions and adopt a stronger security posture. In today’s complex environment, it is not realistic to try to stop every threat; therefore, companies should think about how they can detect and remediate threats faster.
Detection and remediation are exactly the areas where Cisco has been focusing its investments. Every Cisco product receives leading threat intelligence from Talos, automatically and for free, which helps it see more threats and react faster. Cisco also invests in threat visibility, whether it is on the network, endpoints or cloud.
Cisco Circle Security Award Winners
Cisco announced the winners of the first Cisco Circle Security Awards, selected for their innovative use of Cisco Security solutions. Congratulations to:
- BBVA – Winner of the Innovative Secure Cloud category
- Marcegaglia Group – Winner of the Innovative Secure Datacentre category
- Irdeto – Winner of the Innovative Security Operations category
- John Lewis Partnership – Winner of the Innovative Security Operations for Retail category
- AE Architects for Business & ICT – Winner of the Innovative Secure Mobile Workforce category
Next on the CISO Experience series:
In the next blog, we will cover how hackers are developing advanced threats that exploit not only gaps in technology but also the weaknesses in processes and user behaviour. Read it here.