Security

Editor’s Note:  This is the first part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program. In this first installment, we discuss the value of security metrics at Cisco. What does the film Moneyball have in common with security me…

I recently contributed a chapter titled “Advanced Technologies/Tactics Techniques, Procedures (TTPs): Closing the Attack Window, and Thresholds for Reporting and Containment” that was published in an anthology Best Practices in Computer Network Defense: Incident Detection and Response, published by…

Is the combination of cloud computing and mobility a perfect storm of security threats? Actually, yes. And you should prepare for them as if there is a storm coming. As businesses become increasingly mobile, so does sensitive data. In fact, in a recent survey conducted by ESG, 31% of security profes…

Last week at RSA 2014, Chris Young and I joined a Live Social Broadcast from the Cisco Booth to discuss our announcements of Open Source Application Detection and Control and Advanced Malware Protection, as well as to answer questions from you, our partners and customers, about the trends, the chall…

January 2014 started with a bang, with one in every 191 web requests resulting in a web malware encounter. The Cisco Computer Security Incident Response Team (CSIRT) observed this same trend, witnessing a 200% increase in web malware encounters experienced by Cisco employees for the month. Overall,…

One of my passions is around PCI compliance. I know that sounds oxymoronic. How can someone actually be passionate about something as dry as compliance? Well, for the sake of argument, I prefer delusional rationalization. I think of myself as Batman! I don’t have his intelligence, money, car, or cap…

Information security is one of the largest business problems facing organisations. Log data generated from networks and computer systems can be aggregated, stored, and analysed to identify where misuse occurs. The enormous amount of data involved in these analyses is beyond the capability of traditi…

On Thursday, February 27, at the 2014 RSA Conference, Chris Young, senior vice president of Cisco’s Security Business Group, and Padmasree Warrior, Cisco’s chief technology and strategy officer, delivered a keynote address on “The New Model of Security.” If you missed the conference in person,…

“There is no silver bullet.”  That’s one of our favorite sayings at Cisco Security. We use it to convey the point that malware prevention is not 100%. As new attack vectors emerge and the threat landscape evolves, some malware will get through – regardless of which security vendor you choose. In fac…