Cisco Blogs


Cisco Blog > Financial Services

Live #Ciscochat Feb 23rd: Cyber attacks ahead. Are you ready?

As Mike Riegel pointed out in his recent blog, ‘Financial services is the prime example of an IT-intensive industry.’ Financial institutions rely on consistent technology and innovation to compete and to ensure compliance with regulatory requirements. Customers put a lot of trust in their financial services provider to secure their data and privacy.

On the other hand, cyber criminals put financial institutions in their sights in efforts that, when successful, can damage customer trust and an institution’s reputation. Financial institutions around the world are targets for malware, phishing, ransomware, and ATM skimming. The most serious losses come from targeted attacks. According to the Cisco 2016 Annual Security Report, malware is becoming increasingly sophisticated and cyber criminals are launching attacks through a variety of attack vectors, including tools that users trust or view as benign. Furthermore, targeted attacks are on the rise and the cyber criminals are unrelenting in the execution their mission.

AS89975

Read More »

Tags: , , , , , , , , , , ,

Join us at Distributech 2016!

DistribuTECH 2016

We’ll be at DistribuTECH for the seventh year in a row on February 9-11 at the Orlando Convention Center. Meet us in Booth #2047 to learn how we are working with our partners to help utility companies worldwide lower costs and deliver more services on a single, intelligent, and secure platform.

Visit our booth to demo our expanded portfolio:

We'll be ready for you in Florida

A preview of our booth demo

Industrial Cybersecurity: Detect and prevent both internal and external attacks on process control systems, and remediate cybersecurity incidents.

Collaborative Solutions: Reduce the impact of natural disasters on the grid with incident response and workforce enablement solutions. Help first responders collaborate by unifying command and control communications.

Substation Gridblock: Securely manage millions of endpoints over multi-vendor, multi-technology, and multi-service utility communication networks.

Field Area Networks: Address advanced metering infrastructure, distribution automation, and remote workforce management over a single multi-service IP network platform.

Cisco IOx: Develop your own smart applications to capitalize on the power of fog computing. We are enabling developers to create IoT applications such as data aggregation, control systems, and access control – and have them run on edge network devices. Our industry-leading networking operating system Cisco IOS makes this possible together with Linux, the leading open source platform.

In addition to our demos, Read More »

Tags: , , , , , , , ,

Forewarned Is Forearmed: Announcing the 2016 Cisco Annual Security Report

Our just-released 2016 Cisco Annual Security Report (ASR) presents a challenging cybersecurity landscape: cyber defense teams are fighting to keep up with rapid global digitization while trying to integrate dozens of vendor solutions, speed up detection, and educate their organizations from top to bottom. Meanwhile attackers grow more bold, flexible, and resilient by the day, setting up professional infrastructures that look a lot like what we’d find in legitimate businesses. On the global front, we see fluctuations in cyber Internet governance across regions, which inhibits collaboration and the ability to respond to attacks.

Security threats, attacks, and challenges are not new—Cisco released our first ASR in 2007. While the major trends remain essentially constant, the cumulative intelligence in the reports demonstrates how quickly attackers—with the luxury of working outside the law—innovate to exploit new security gaps.

This years’ ASR reveals that attackers increasingly use legitimate online resources to launch their malicious campaigns. Though the news might speak to zero-day attacks, hackers also continue to deploy age-old malware to take advantage of weak spots such as unpatched servers. Aging infrastructure opens up green-field attack surfaces while uneven or inconsistent security practices remain a challenge.

Other key insights from the 2016 ASR include a growing encryption trend (particularly HTTPS) for web traffic, which often provides a false sense of security to users—and for companies, potentially cloaks suspicious activity. We are also seeing more use of compromised WordPress servers to support ransomware, bank fraud, and phishing attacks. Alarmingly, between February and October 2015, the number of compromised WordPress installations used by cybercriminals grew by more than 221%.

The picture we see is disturbing:

Given this backdrop, the ability to recognize and respond to security threats in near real time is no less than a business imperative. We simply cannot continue to create technical debt, leaving systems unpatched, critical services exposed, and application services open to attack. These are what we can control, and yet the data shows we aren’t succeeding. This means fortifying the weakest links, such as older networking software, taking a proactive approach to patches and upgrades, and taking control of critical infrastructure. It also means working toward a cohesive security landscape, where companies, industries, and governments communicate and collaborate to thwart cyber criminals, taking an integrated approached to threat defense that operates in near real time on our behalf. What are we waiting for?

Here’s my take on what we can all do now:

  • Senior leaders across organizations of all types must acknowledge, embrace, and own security as their strategy, not a CISO’s, and not just in IT.
  • Vendors that embed IT in their offerings must produce solutions that customers can trust and are designed with security in mind. We have to slow the vulnerability being introduced.
  • Adding “yet another vendor” cannot continue to be our answer. This just adds to the complexity of the security challenge and leaves companies more vulnerable to attacks.  For cost, return on investment, efficacy, and to remain nimble, security efforts must be business led, architecturally delivered, and provably integrated and effective.

Increased attention, measurable results, added resilience, and focusing on what we can control are all possible now – so let’s capitalize on the moment before it’s too late.

The 2016 Cisco Annual Security Report analyzes the most compelling trends and issues in cybersecurity from Cisco security experts, providing insight on advancements made by both the security industry and the criminals hoping to breach defenses. Geopolitical trends, perceptions of cybersecurity risk and trustworthiness, and the tenets of an integrated threat defense are also discussed.

 

Additional Links

Cisco Annual Security Report 2016

ASR Conversation with Cisco CEO Chuck Robbins and Chief Security & Trust Officer John N. Stewart

Cisco Trust and Transparency Center

Tags: , , , ,

Utility and Energy Security: Responding to Evolving Threats

With the increased interest in cybersecurity and the recent news that utilities are being targeted around the world I’m making sure our readers have seen the latest white paper to come out of the Cisco ‘Brain-Trust’ on security in utilities and the energy industry.

As the white paper announces, “Utilities and energy organizations are part of the critical infrastructure of any nation, which makes them a high-profile target for cyber terrorists and hackers alike. Modernization brings gains in efficiency, but it also increases the attack surface through which threat agents can target utility infrastructure.”

It’s tough being a utility. Constant regulations, standards compliance, security and safety issues. Our security experts analyzed the IT security capabilities of the utilities sector in general, using specific data from the Cisco Capabilities Benchmark Study. They looked at the views of both chief information security officers (CISOs) and security operations (SecOps) managers and, different to other industries, seem closely aligned. What are the differences then, versus other industries? Here are some findings:

  • 73% percent of IT security professionals at utilities say they’ve suffered a public security breach, compared with 55% in other industries.
  • 56% percent of the IT security professionals in utilities say they use cloud-based web security, compared with 36% of the respondents in other industries.
  • 64% percent of CISOs and SecOps managers in the utilities sector say they make use of mobile security tools, compared with 50% of security professionals in other industries.

One important note: The study focused primarily on IT security capabilities, not on the state of operational technology (OT) security. There is a growing trend of convergence between IT and OT, and I and others in Cisco have talked about the ramifications of that trend.

Utility and Energy Security small

Click the image to download the whitepaper

Despite my earlier claim that the data supports a similarity of views between CISOs and SecOps managers, interestingly the opinions of CISOs and SecOps managers diverge somewhat when the conversation turns to IT security controls. For example, 67% of CISOs say that their organizations have adequate systems for verifying that security incidents have actually occurred, but only 46% of SecOps managers say they have such systems in place. Also, 73% of CISOs say they have well-documented processes for incident response and tracking, while just 54% of SecOps managers say they have such systems. That’s worrying to me.

The white paper has lots of charts and supporting documentation, and discusses the differences between the utility industry and other industries, especially the readiness of using tools and the availability of funds focused on security. One things for sure: utilities are frequently a target of cyber attacks because of their high public profile and the potentially damaging effects of a data breach or service disruption. That explains the figures in my first bullet above (73% versus 55%). This vulnerability further highlights the security challenges that utilities are facing. In many countries, utilities have to report breaches by law, a requirement that may have contributed to the high number of recorded breaches. Perhaps due to their tightly regulated environment, utilities are also slightly more likely than other industries to use internal security incident teams.

At any rate, utilities seem, in many cases, to learn the hard way. What do I mean? Well, publicly breached utility companies lean more heavily on tools such as network security, firewalls, and intrusion prevention systems (IPS), instead of distributed denial-of-service (DDoS) defenses or VPN security tools. For example:

  • 76% of utilities that have dealt with a public breach say they use firewalls and IPS tools, but only 53% of utilities that have not dealt with a public breach use them.
  • 64% of publicly breached utilities use vulnerability scanning tools, compared with 44% of non-publicly-breached utilities.

Breach Status

The figure above illustrates the point. Utilities’ Use of Various Security Threat Defenses (in %)

Interesting, eh? Also, public breaches appear to encourage utilities to more closely examine their security processes. For example: Read More »

Tags: , , , , , ,

The Importance of Security Skills in Today’s Workplace

Information technology and its use have transformed every aspect of society. In today’s digital economy, every company requires effective security to protect their information. Security breaches mean lost intellectual property, compromised customer information, and reduced customer confidence. These are critical considerations as organizations become more agile and try to grow their business models to leverage evolving trends of mobility, cloud and digitization.

The number of connected devices alone is expected to grow to 50 billion sensors, objects, and other connected “things” by the year 2020. With this, the number and type of attack vectors will increase, as will the amount of data, creating a daunting challenge for companies and those responsible for defending the infrastructure.

Cybersecurity has expanded from just focusing on building secure technology perimeters, to now also working with business management to reduce security risks – as well as detecting, responding to, investigating and handling security events when they occur. As a result, security is not a point-in-time component, but rather, it must be a part of every deployment, every development and every decision.

Read More »

Tags: , , , , ,