infosec

January 15, 2020

SECURITY

Disk Image Deception

Cisco’s Computer Security Incident Response Team (CSIRT) detected a large and ongoing malspam campaign leveraging the .IMG file extension to bypass automated malware analysis tools and infect machines with a variety of Remote Access Trojans. During our investigation, we observed multiple tacti…

August 16, 2018

PERSPECTIVES

Infosec Fun, Fear, and Fables with Denise Fishburne a Cisco Champion Radio Podcast (S5|Ep.19)

#CiscoChampion Radio is a podcast series by technologists for technologists. In this episode, Cisco Champion Tony Cuevas and Steve Kostyk interview Fish Fishburne on InfoSec topics at Cisco Live in Orlando. Get the Podcast Listen to this episode in SoundCloud SUBSCRIBE on iTunes and listen to all…

April 30, 2018

SECURITY

DevSecOps: Lessons Learned

This is Part 4 in our Four Part DevSecOps Blog Series In Part 3 of our blog series DevSecOps: Automation for Assurance, we covered our automation journey to help us scale security across hundreds of development teams via our Continuous Security Buddy (CSB) capabilities. In the final blog of this ser…

November 10, 2015

DIGITAL TRANSFORMATION

Join our IoT System Security Webinar

Connecting more things in more places creates new security challenges. Please join us on November 17, 2015 at 8:00AM (PST) for the IoT System Security webinar and learn how to secure and control IoT with the Cisco IoT System Security. In this webinar you will hear how the IoT System Security product…

May 5, 2014

SECURITY

IE Zero Day – Managed Services Protection

As of May 1, 2014, we can confirm Cisco customers have been targets of this attack. For the latest coverage information and additional details see our new post on the VRT blog. Protecting company critical assets is a continuing challenge under normal threat conditions. The disclosure of zero-day exp…

April 29, 2014

SECURITY

Security Blog Story – Part 4: Lessons Learned

Editor’s Note: This is the final installment of a four-part series featuring an in-depth overview of InfoSec’s (Information Security) Unified Security Metrics Program (USM). In this blog entry, we discuss some of the lessons learned during the program’s first year. Winter weather i…

April 17, 2014

DATA CENTER

Bring Your Own Service: Why It Needs to be on InfoSec’s Radar

Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of thi…

April 16, 2014

SECURITY

Making Your Metrics Program Effective Beyond Just Charts and Numbers

Editor’s Note: This is the third part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program (USM). In this installment, we discuss the effectiveness of the USM program at Cisco. Information security is all about risk red…

March 28, 2014

SECURITY

Security Metrics Starting Point: Where to Begin?

Editor’s Note: This is the second part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program. In this second installment, we discuss where to begin measuring. H. James Harrington, noted author of Business Process Improve…