On February 13, I attended the White House Summit on Cybersecurity and Consumer Protection at Stanford University. President Obama, along with senior leaders spanning federal government, industry and technology sectors, law enforcement, consumer privacy advocates, and others convened to collaborate and build partnerships within the public and private sectors to further improve cybersecurity practices.

The keynote, panels and workgroup sessions covered a range of preeminent topics but the resounding theme from each was simple – everyone is online, therefore everyone is vulnerable. A comprehensive and collaborative effort from private and public sectors will be necessary to address these challenges. Sharing information in a safe, secure, confidential and reliable way will be a major factor in this coordinated approach.

Throughout the Summit, the key challenges were consistent –

• The need for legislation to protect information sharing
• Eliminate cross-industry barriers and establish partnerships
• Liabilities created by the convergence of wireless & digital technology
• Need to raise the security baseline for digital products and controls
• Create stewardship for planning and management

This is a complex and changing environment, but it’s moving in the right direction. Several public-private partnerships exist today that are starting to address these challenges including the Electric Sub-sector Coordinating Council, Cyber Threat Alliance, Idaho National Laboratory and the Cyber Threat Intelligence Centre. Additionally, President Obama officially signed the Executive Order on Promoting Private Sector Cybersecurity Information Sharing while at the Summit and launched the BuySecure Initiative in November to help mitigate these risks.

Specifically within the utilities industry, there has been a consistent focus on reliability and safety, but modernizing the electric grid is an ongoing process. Cisco Secure Ops and Collaborative Operations are just a couple of the solutions addressing this industry evolution; click here to learn more. In my next blog, I’ll address some of these Cybersecurity exposures and how to leverage technology to reduce these risks.

Tags: Cisco, Cisco Secure Ops, cybersecurity, electric grid, Energy/Utilities

Each week, we’ll highlight the most important Cisco Partner Ecosystem news and stories, as well as point you to important, Cisco-related partner content you may have missed along the way. Here’s what you might have missed this week:

Off the Top

It was quite a busy week on the Partner Blog. Hopefully you had a chance to read Sherri Liebo’s blog on how digital marketing has transformed the traditional marketing landscape. If not, be sure to check it out and take a look back at her super heroes posts from 2014 and how those particular marketing team members can lead the way as digital marketing continues to shift how we all work.

As we are getting ever closer to this year’s Marketing Velocity event, this blog is a nice look at how all our marketing efforts tie together and what “digital” is doing to all of us.

Intelligent Cybersecurity

Raja Sundaram had some insight into cybersecurity and how it affects your customers. He looked at changing business models, dynamic threats, and complexity and fragmentation. Branching out from there he pointed out how Cisco is offering up the products you need for your customers to tackle these tough security situations. It’s a great overview on security. Read More »

Tags: arjun lahiri, business outcomes contest, Cisco, cloud, cloud services, cybersecurity, digital marketing, karin surber, lifecycle management, partner, raja sundaram, richard mcleod, SaaS, sales thought leadership, security, Sherri Liebo, software as a service, super heroes, traci soward, Weekly Rewind, xander Uyleman

News has not been kind to US headquartered technology companies over the past year.  From an erosion of faith because of a company’s geographic location, to a series of high profile breaches that are calling into question trust in your IT systems. Technology providers and governments have a vital role to play in rebuilding trust.  And so do customers—who need to demand more from their technology providers.

In my recent trip to Europe, and speaking to some balanced, thoughtful, and concerned public officials, it got me thinking.  Why do we trust the products we use? Is it because they work as advertised? Is it because the brand name is one we implicitly believe in for any number of reasons? Is it because the product was tested and passed the tests? Is it because everyone else is using it so it must be okay? Is it because when something goes wrong, the company that produced it fixes it? Is it because we asked how it was built, where it was built, and have proof?

That last question is the largest ingredient in product and service acquisition today, and that just has to change. Our customers are counting on us to do the right thing, and now we’re counting on them. It’s time for a market transition: where customers demand secure development lifecycles, testing, proof, a published remediation process, investment in product resilience, supply chain security, transparency, and ultimately – verifiable trustworthiness.

We saw some of this coming, and these are some of the principles I hear customers mention when they talk about what makes a trustworthy company and business partner. Starting in 2007, with a surge that began in 2009, we’ve systematically built these elements into our corporate strategy, very quietly, and now we want the dialogue to start.

I’m challenging customers to take the next step and require IT vendors to practice a secure development lifecycle, have a supply chain security program, and a public, verifiable vulnerability handling process.

I recently recorded the video blog above discussing what it means to be a trustworthy company.  I hope you will share your thoughts and experiences in the comment section.

Tags: 2014 annual security report, cybersecurity, security, trust, trustworthy

I recently received notice from my bank that they were changing my bank card number — again — due to suspicious activity on my account. This is the third such notification received in the past twelve months! Although it is an annoyance and a bit inconvenient, I do appreciate the bank’s attempt to protect my financial data. Moreover, it represents a much larger problem than mine but a major concern for businesses the world over. It is just one example of the pervasive issue of data security and attests to the sad fact that we are living in a time with a very dynamic threat landscape.

It is estimated that the annual cost of cyber-crime to the global economy ranges from $375 billion to as much as $575 billion, according to a 2014 study by the Center for Strategic and International Studies. In addition, the study reports that as many as 350,000 jobs in the US and EMEAR are lost because of malicious online activity.

In PricewaterhouseCooper’s 17^th Annual Global CEO Survey, half the top execs surveyed expressed concern about cyber threats to their organization. Their concern is certainly warranted, as Cisco’s 2014 Mid-Year Security Report disclosed that 100 percent of networks analyzed showed traffic going to sites hosting malware. This is a very expensive problem. According to the Ponemon Institute, the cost of an organizational data breach in the U.S. averages $5.85 million (up from $5.4 million in 2013). It not only affects a business financially but corrodes consumer confidence as well. Read More »

Tags: Cisco, cybersecurity, partner, raja sundaram, security

New year predictions generally take one of several forms: broad generalizations about multi-year trends, guesses about what might happen, or overviews of recent events disguised as predictions. The first is too easy, the second—going out on a limb—risks missing the mark so badly as to be useless. So I will go with the third choice in the hope that, by calling out some of the common threads running through major stories of 2014, we can take some cues for the future.

Read More »

Tags: cybersecurity, geopolitical, security, trends