Security

Once an organization has deployed technology infrastructure that enables visibility into the network (discussed in the first part of this blog), that organization now requires the properly trained security personnel to bring that time to detection (TTD) down to acceptable levels and to respond appro…

This blog is the first in a 3 part series that will provide an in-depth technical analysis on the H1N1 malware. I’ll be looking at how H1N1 has evolved, its obfuscation, analyzing its execution including new information stealing and user account control bypass capabilities, and finally exploring how…

A soccer ball without a player is useless. A violin without its musician is just a bit of wood and wire. And a beautiful new security deployment, no matter how advanced, needs skilled people to configure and operate it properly. That deployment must be operating at maximum effectiveness. It also mus…

In the race to detect and contain ransomware on their networks, many organizations fail before they are out of the gate.  The reason has very little to do with technology, and more so a great deal to do with process. “But we bought all the good tools!”, such organizations protest. Good security tech…

I fly quite a bit for my job as a Security Services consultant for Cisco. I’m one of billions of passengers traveling annually: according to the International Air Transport Association (IATA), passenger numbers are expected to reach 3.8 billion in 2016. The number of unique city pairs connected by a…

While no one has yet built a general purpose Quantum Computer (QC) capable of breaking the public key cryptography in use on the Internet, that possibility is now considered a realistic threat to long-term security.  As research into the design of a QC has intensified (including public access to a s…

Today, thousands of Cisco customers are using the Identity Services Engine for guest and BYOD access. Naturally they want their users to have a great experience with great looking portals that’s consistent with their company brand. Custom portal creation typically requires technical and design exper…

The Cisco 2016 Midyear Cybersecurity Report has been released, and just like the Cisco Annual Security Report and many other security reports the news isn’t encouraging. The very first sentence in the midyear report explains that as defenders, we simply aren’t getting the job done: “Attackers curren…

UPDATE April 20, 2017 Cisco continues to evaluate potential implications of the activities and information posted publicly by the Shadow Brokers Group.  We launched an investigation to analyze the new files posted on April 14th, 2017, and so far have not found any new vulnerabilities or exploits tha…