incident response

April 16, 2015

SECURITY

#CiscoChat: Incident Response in a Complex Threat Environment

2 min read

Be sure to join us on Twitter for #CiscoChat: Incident Response in a Complex Threat Environment on Tuesday, April 21 from 2 to 3 p.m. PST/ 11am to Noon EST. Just search for the hashtag #CiscoChat to find the conversation.

April 15, 2015

SECURITY

Three Key Considerations When Evaluating Threat Intelligence Solutions

2 min read

To address today’s evolving threat landscape, there’s been a shift from traditional event-driven security to intelligence-led security. Threat intelligence plays an integral role in this shift. When you hear the term “Threat Intelligence,” it’s easy to have preconceived notions of what it means. Gartner defines threat intelligence as “evidence-based knowledge, including context, mechanisms, indicators, implications […]

April 9, 2015

SECURITY

Cisco Launches Security Incident Response Services

2 min read

In security, there’s a gap between perception and reality. According to the Cisco 2015 Annual Security Report, 90 percent of companies are confident about their security policies, processes, and procedures – yet 54% have had to manage public scrutiny following a security breach. Not only are there direct costs to a security breach – there […]

Incidence Response – Safety, Reliability and Recovery for Industry and Workers

1 min read

Dan O’Malley talks about Cisco Systems offerings that are resonating in the Energy Industry and elsewhere. Cisco helps customers pre-plan for storms and to respond to disasters with sophisticated collaboration and device connectivity enabling technologies. Many new technologies enable worker safety and visibility using 2-way radios, smart devices, and mobile broadband “connecting people and devices […]

January 21, 2015

SECURITY

Engaging All Layers of Defense: Incident Response in Action

4 min read

The Cisco 2015 Annual Security Report highlights many creative techniques that attackers are exploiting to conceal malicious activity, often taking advantage of gaps in security programs. They are continually refining and developing new techniques to gain a foothold in environments and, increasingly, they are relying on users and IT teams as enablers of attacks to […]

January 6, 2015

SECURITY

Responsive Security in Action

4 min read

In 2013, our internal Information Security team carried out a series of controlled anti-phishing exercises. The purpose was to raise employees' awareness of potential spear phishing attacks through emails. Spear phishing has been a common first step for Advanced Persistent Threat (APT) attacks to gain access to a user's system before launching further attacks at internal targets. As such, if employees are vigilant against such attack patterns, we should effectively reduce the risk of successful APT attacks involving email phishing.

December 30, 2014

SECURITY

Getting More Responsive Security by Learning From Disaster Responses

5 min read

Editor’s Note: In the two previous blogs, we discussed some of the issues and dilemmas found within information security knowledge and practice domains. Those challenges arise fundamentally from the traditional approach that many organizations have adopted to address information security requirements. In this fourth installment, we look at how good preparation can improve security outcomes, […]

December 23, 2014

SECURITY

Issues and Dilemmas in Information Security Practices

5 min read

Editor’s note: In A Circular Problem in Current Information Security Principles, we highlighted one of the challenges in our knowledge domain that contributes to the ineffectiveness of today’s information security practices. In this third installment, we review the issues and dilemmas that are common in our practice environment. One of the challenges information security management teams […]

July 21, 2014

SECURITY

Old and Persistent Malware

2 min read

Malware can find its way into the most unexpected of places. Certainly, no website can be assumed to be always completely free of malware. Typically, there are many ways that websites can be compromised to serve malware: