Cisco SIO

October 3, 2013

SECURITY

Big Security—Mining Mountains of Log Data to Find Bad Stuff

Your network, servers, and a horde of laptops have been hacked. You might suspect it, or you might think it’s not possible, but it’s happened already. What’s your next move? The dilemma of the “next move” is that you can only discover an attack either as it’s happening, or after it’s already happened. In most […]

October 3, 2013

SECURITY

Ten Simple Ways to Enhance Cyber Security for You and Others

Hi there and welcome to today's U.S. National Cyber Security Awareness Month tip, courtesy of those of us involved in administering and/or contributing to Cisco Security Intelligence Operations!! For...

October 2, 2013

SECURITY

Using DNS RPZ to Block Malicious DNS Requests

After delivering several presentations at Cisco Live and Cisco Connect this year, I received a few questions regarding DNS Response Policy Zones (RPZ) and how can they be used to block DNS resolution to known malicious hosts and sites. I decided to write this short post to explain what it is and provide several pointers. […]

October 2, 2013

SECURITY

A Weekly Dose of Cyber Security Awareness

In any given week, one doesn't need to look very far to be reminded of the events and issues that can surface anytime, anywhere, and to anyone. Given their modes...

October 1, 2013

SECURITY

Cisco Security Intelligence Operations NCSAM 2013

For the last couple of years, Cisco Security Intelligence Operations has released a series of blog posts for National Cybersecurity Awareness Month. The theme for this month from the National Cyber Security Alliance is “Our Shared Responsibility.” The Department of Homeland Security is running a series on this theme, as are many other private organizations. Our action and inaction […]

August 13, 2013

SECURITY

Summary of Microsoft Security Bulletin for August 2013

That’s right folks, today is Patch Tuesday and Microsoft has published its monthly security bulletin for August 2013. The bulletins address a total of 23 vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, and Microsoft Exchange. These vulnerabilities could allow an attacker to execute arbitrary code, cause a denial of service condition, or gain elevated privileges. […]

July 8, 2013

SECURITY

Cisco Live USA 2013: Recap from a Network Security Engineer

Having just returned home to New Jersey from Cisco Live US in Orlando, Florida, I thought I’d share my experiences as a Network Security Engineer both attending and presenting at this year’s conference. There were approximately 20,000 attendees at this year’s conference, which I believe set a new Cisco Live attendance record! Considering the huge size […]

June 24, 2013

SECURITY

BYOD: Many Call It Bring Your Own Malware (BYOM)

It is not new that people are referring to Bring Your Own Device (BYOD) as Bring Your Own Malware (BYOM). In 2012 alone, Android malware encounters grew 2,577 percent (for details, see Cisco’s Annual Security Report). Many organizations are struggling to keep up with the BYOD trend by allowing employees to bring their favorite gadgets […]

June 17, 2013

SECURITY

Miscreants and the Principle of Least Effort

Back in the old days, when security was much more of an afterthought, it was obvious that miscreants were familiar with the principle of least effort. Information security was still in its Wild West days. Managed disclosure and patching did not really exist. Most companies were just coming to realize they would need to put […]