information security
The Importance of an Information Security Strategy in Mergers and Acquisitions
Organizations have many options when it comes to growing. Many grow by hiring additional staff when it comes time to expand. Others grow through mergers and acquisitions with related companies, or companies that represent an entryway into a desired new vertical or territory. Organizations that engag…
Cisco Spark Achieves HIPAA Compliance
Today marks another big step in the forward progress of Cisco Spark for its adoption in enterprises worldwide. Cisco Spark is now ready for use in healthcare consistent with customer needs for HIPAA compliance! The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. healthcare law…
Cybersecurity for Defense: Network Segmentation
Classifying and compartmentalizing information has been around within the Department of Defense before it was even called the Department of Defense. However, as DOD information that was once secured in vaults and safes has become digital data, many new regulations have been introduced that mandate h…
Active Threat Analytics: Easing the Burden of Threat Management
In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he w…
Responsive Security in Action
In 2013, our internal Information Security team carried out a series of controlled anti-phishing exercises. The purpose was to raise employees’ awareness of potential spear phishing attacks through emails. Spear phishing has been a common first step for Advanced Persistent Threat (APT) attacks…
Getting More Responsive Security by Learning From Disaster Responses
Editor’s Note: In the two previous blogs, we discussed some of the issues and dilemmas found within information security knowledge and practice domains. Those challenges arise fundamentally from the traditional approach that many organizations have adopted to address information security requi…
Issues and Dilemmas in Information Security Practices
Editor’s note: In A Circular Problem in Current Information Security Principles, we highlighted one of the challenges in our knowledge domain that contributes to the ineffectiveness of today’s information security practices. In this third installment, we review the issues and dilemmas that are commo…
Understanding and Addressing the Challenges of Managing Information Security – A More Responsive Approach
Just like bad weather conditions found in nature, such as typhoons, hurricanes, or snowstorms, technology system defects and vulnerabilities are inherent characteristics found in a cyber system environment. Regardless of whether it’s a fair comparison, weather changes are part of the natural environ…
Unified Security Metrics Program—Live at RSA Singapore
Noted business management author Peter Drucker famously said, “What’s measured is improved.” When applied to the world of security, meaningful security metrics can literally transform an organization and solve real business problems. At Cisco, Unified Security Metrics (USM) combine…
2