encryption

March 4, 2016

SECURITY

Walking the Tightrope of Security and Usability

3 min read

Here at the RSA Conference 2016, the theme this year is Connect to Protect. It is a fitting theme for a gathering of security professionals, given the widespread adoption of...

February 29, 2016

SECURITY

RSA Conference Brings Privacy out of the Shadows

2 min read

As RSA Conference 2016 draws near, I’m excited to see that privacy is at last getting its day in the sun. This topic has often seemed like an after-market...

January 25, 2016

SECURITY

Hiding in Plain Sight: Malware’s Use of TLS and Encryption

4 min read

Introduction TLS (Transport Layer Security) is a cryptographic protocol that provides privacy for applications. TLS is usually implemented on top of common protocols such as HTTP for web browsing or SMTP for email. HTTPS is the usage of TLS over HTTP, which is the most popular way of securing communication between a web server and […]

October 19, 2015

SECURITY

Cisco Next Generation Encryption and Postquantum Cryptography

3 min read

Cisco developed Next Generation Encryption (NGE) in 2011. NGE was created to define a widely accepted and consistent set of cryptographic algorithms that provide strong security and good performance for our customers. These are the best standards that can be implemented today to meet the security and scalability requirements for network security in the years […]

October 28, 2014

SECURITY

File Security With the Click of a Button

3 min read

Securing our digital lives used to be simpler. Up until a few years ago, we primarily used email as a means for transferring or exchanging files between two parties. A handful of companies emerged to provide email encryption for those who needed it. Most other people did not worry about it. Today, file exchange has […]

June 20, 2014

SECURITY

Open Sourcing FNR an Experimental Block Cipher

1 min read

Traditional block ciphers work on fixed blocks of data—as an example, AES is well-defined for 128/192/256 bits. But one of the issues is the need for padding—so if you need to encrypt small amounts of data you may end with a huge difference in input vs. output size. As an example, using AES/128 on ECB […]

April 30, 2014

SECURITY

Taking Encryption to the Next Level: Enrollment Over Secure Transport Strengthens Adoption of Elliptic Curve Cryptograph …

3 min read

Enrollment over Secure Transport (EST) is a new standard (RFC7030) designed to improve the lifecycle management of digital certificates, a key element for secure communications. Cisco Engineer Max Pritikin coauthored the EST standard. We’re very excited about the potential use cases of EST, which are, as we’ll discuss in a moment, pretty versatile. To understand […]

February 14, 2014

SECURITY

Safety first, business second, security none?

5 min read

Based on 25 years of professional experience in various businesses around the globe, I can say that many industry verticals have a pretty good state of safety culture as it relates to the health and safety of their employees.  This is especially true for companies involved in high-risk businesses such as oil and gas, (nuclear) […]

January 13, 2014

SECURITY

Detecting Payment Card Data Breaches Today to Avoid Becoming Tomorrow’s Headline

6 min read

A few months ago we discussed the various ways that consumer PII is compromised. The recent attacks against Target and Neiman Marcus illustrate the constant threat that payment card accepting retailers of all sizes face. Yesterday Reuters reported that similar breaches over the holidays affected “at least three other well-known U.S. retailers”. Given the current […]