infosec
Disk Image Deception
Cisco’s Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tacti…
Infosec Fun, Fear, and Fables with Denise Fishburne a Cisco Champion Radio Podcast (S5|Ep.19)
#CiscoChampion Radio is a podcast series by technologists for technologists. In this episode, Cisco Champion Tony Cuevas and Steve Kostyk interview Fish Fishburne on InfoSec topics at Cisco Live in Orlando. Get the Podcast Listen to this episode in SoundCloud SUBSCRIBE on iTunes and listen to all…
DevSecOps: Lessons Learned
This is Part 4 in our Four Part DevSecOps Blog Series In Part 3 of our blog series DevSecOps: Automation for Assurance, we covered our automation journey to help us scale security across hundreds of development teams via our Continuous Security Buddy (CSB) capabilities. In the final blog of this ser…
Join our IoT System Security Webinar
Connecting more things in more places creates new security challenges. Please join us on November 17, 2015 at 8:00AM (PST) for the IoT System Security webinar and learn how to secure and control IoT with the Cisco IoT System Security. In this webinar you will hear how the IoT System Security product…
IE Zero Day – Managed Services Protection
As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog. Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exp…
Security Blog Story – Part 4: Lessons Learned
Editor’s Note: This is the final installment of a four-part series featuring an in-depth overview of InfoSec’s (Information Security) Unified Security Metrics Program (USM). In this blog entry, we discuss some of the lessons learned during the program’s first year. Winter weather i…
Bring Your Own Service: Why It Needs to be on InfoSec’s Radar
Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of thi…
Making Your Metrics Program Effective Beyond Just Charts and Numbers
Editor’s Note: This is the third part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program (USM). In this installment, we discuss the effectiveness of the USM program at Cisco. Information security is all about risk red…
Security Metrics Starting Point: Where to Begin?
Editor’s Note: This is the second part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program. In this second installment, we discuss where to begin measuring. H. James Harrington, noted author of Business Process Improve…