information security

October 24, 2022


Ensuring Security in M&A: An Evolution, Not Revolution

6 min read

Through decades of acquisitions, Cisco has gained the expertise and experience to make M&A seamless and successful by making cybersecurity a priority throughout the integration process.

May 21, 2018


The Importance of an Information Security Strategy in Mergers and Acquisitions

3 min read

Organizations that engage in M&A should include an information security strategy as part of the process.

April 3, 2018


Cisco Spark Achieves HIPAA Compliance

1 min read

Cisco Spark is now ready for use in healthcare consistent with customer needs for HIPAA, a U.S. healthcare law that establishes requirements for the use, disclosure, and safeguarding of individually identifiable health information.

May 11, 2016


Cybersecurity for Defense: Network Segmentation

2 min read

Classifying and compartmentalizing information has been around within the Department of Defense before it was even called the Department of Defense. However, as DOD information that was once secured in vaults and safes has become digital data, many new regulations have been introduced that mandate how this data should be processed and handled. These regulations […]

October 26, 2015


Active Threat Analytics: Easing the Burden of Threat Management

2 min read

In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he would begin again. […]

January 6, 2015


Responsive Security in Action

4 min read

In 2013, our internal Information Security team carried out a series of controlled anti-phishing exercises. The purpose was to raise employees' awareness of potential spear phishing attacks through emails. Spear phishing has been a common first step for Advanced Persistent Threat (APT) attacks to gain access to a user's system before launching further attacks at internal targets. As such, if employees are vigilant against such attack patterns, we should effectively reduce the risk of successful APT attacks involving email phishing.

December 30, 2014


Getting More Responsive Security by Learning From Disaster Responses

5 min read

Editor’s Note: In the two previous blogs, we discussed some of the issues and dilemmas found within information security knowledge and practice domains. Those challenges arise fundamentally from the traditional approach that many organizations have adopted to address information security requirements. In this fourth installment, we look at how good preparation can improve security outcomes, […]

December 23, 2014


Issues and Dilemmas in Information Security Practices

5 min read

Editor’s note: In A Circular Problem in Current Information Security Principles, we highlighted one of the challenges in our knowledge domain that contributes to the ineffectiveness of today’s information security practices. In this third installment, we review the issues and dilemmas that are common in our practice environment. One of the challenges information security management teams […]

December 9, 2014


Understanding and Addressing the Challenges of Managing Information Security – A More Responsive Approach

2 min read

Just like bad weather conditions found in nature, such as typhoons, hurricanes, or snowstorms, technology system defects and vulnerabilities are inherent characteristics found in a cyber system environment. Regardless of whether it’s a fair comparison, weather changes are part of the natural environment that we have little direct control over, whereas the cyber environment is […]