security
NSS Labs Report on Cyber Resilience Highlights the Need for a New Approach to Security
2 min read
A few years ago, a point-product security vendor proudly declared their technology was the silver bullet that stopped ALL security threats from penetrating the corporate network. Many of us in the industry raised our collective eyebrows in surprise at such a bold claim. While the naive or inexperienced might have believed such an outrageous claim, […]
Cisco 2014 Midyear Security Report: Security Services and Risk Management
2 min read
More organizations are starting to view cybersecurity as a strategic risk. They have to—it’s becoming unavoidable. Technology and the business are so intertwined. Regulators are issuing more compliance measures that include information security directives. And all the while, adversaries are relentless in their campaigns to compromise defenses to steal information, money, or otherwise create disruption.
Putting a Damper on ‘Lateral Movement’ due to Cyber-Intrusion
2 min read
Analysis of high-profile cyber breaches often reveals how intruders gain their initial footprint in the targeted organizations and bypass perimeter defenses to establish a backdoor for persistent activities. Such stealthy activities may continue until intruders complete their ultimate mission—claiming the “crown jewels” of the victim organization. “Lateral movement” is a term increasingly used to describe […]
Cisco 2014 Midyear Security Report: Threats – Inside and Out
2 min read
Through our ongoing “Inside Out” project at Cisco, our threat researchers have the opportunity to closely examine select networks—with our customers’ permission—to identify evidence of malicious traffic. We use Domain Name System (DNS) lookups emanating from enterprise networks to create a snapshot of possible data compromises and vulnerabilities. This research yielded a significant finding that […]
Summary: Mitigating Business Risks
1 min read
Organizations are rapidly moving critical data into the cloud, yet they still have serious concerns about security and other business risks. Read Bob Dimicco’s blog to learn several important steps companies can take to mitigate the risks of cloud services, such as uncovering shadow IT, assessing data security, and instituting cloud-specific employee policies.
Far East Targeted by Drive by Download Attack
4 min read
This blog was co-authored by Kevin Brooks, Alex Chiu, Joel Esler, Martin Lee, Emmanuel Tacheau, Andrew Tsonchev, and Craig Williams. On the 21st of July, 2014, Cisco TRAC became aware that the website dwnews.com was serving malicious Adobe Flash content. This site is a Chinese language news website covering events in East Asia from a […]
Cyber Threat Management from the Boardroom Risk: Lost in Translation
5 min read
I was at the Gartner Security and Risk Management Summit at the Gaylord National Harbor and had the opportunity to attend the session, “Finding the Sweet Spot to Balance Cyber Risk,” which Tammie Leith was facilitating. During the session, the panel had been discussing how the senior leadership teams address the problem of putting their […]
Securing Mobile Data: What’s Your Plan?
1 min read
As a business or technical leader, you know you need to protect your company in a rapidly evolving mobile ecosystem. However, threats are not always obvious. As malware and attacks become more sophisticated over time, business decision makers must work with technical decision makers to navigate security threats in a mobile world. This blog series, […]
Your Network: Well-Kept Secret for Your Protection?
1 min read
In my discussions with security executives who gathered at the recent Gartner Security Summit they recognized that unsecured access to the network is a critical threat vector. However, when leveraged properly, the network itself also provides a significant platform that offers comprehensive protection to close those gaps. What does this mean?
1