Risk Management

January 9, 2018

SECURITY

Security or Innovation?

I recently bought a house, and as many homeowners know, you should never buy a house without inspecting its foundation. A bad foundation can lead to cracks, instability, and an unsafe living environment. No matter how good the rest of the house looks, without a good foundation it’s unlivable. In ord…

June 12, 2017

GOVERNMENT

Take Seriously This Sentence in the Cybersecurity Executive Order

The Cybersecurity Executive Order that President Trump signed on May 11 shouldn’t tell you much that don’t already know about the importance of security to the Federal Government. However, there’s a sentence in it that should give every agency leader a fresh sense of urgency: “The President will hol…

April 14, 2016

GOVERNMENT

Cybersecurity for Defense: Cisco Supports the NIST Risk Management Framework

In our Cybersecurity for Defense Blog Series Kickoff, Peter Romness mentioned that we at Cisco are hard at work delivering advanced cybersecurity capabilities that support the Department of Defense Cyber Strategy. That’s certainly true, and each blog in our series will further that point. But it’s a…

September 30, 2015

EXECUTIVE PLATFORM

Cisco to Expand Security Consultancy Services with Acquisition of Portcullis

There’s no question that cybersecurity is top-of-mind for Fortune 500 companies. This, compounded by a significant global security talent shortage, contributes to the burgeoning need for security companies to deliver both a comprehensive technology portfolio and a strong security consultancy service…

January 6, 2015

SECURITY

Responsive Security in Action

In 2013, our internal Information Security team carried out a series of controlled anti-phishing exercises. The purpose was to raise employees’ awareness of potential spear phishing attacks through emails. Spear phishing has been a common first step for Advanced Persistent Threat (APT) attacks…

December 30, 2014

SECURITY

Getting More Responsive Security by Learning From Disaster Responses

Editor’s Note: In the two previous blogs, we discussed some of the issues and dilemmas found within information security knowledge and practice domains. Those challenges arise fundamentally from the traditional approach that many organizations have adopted to address information security requi…

December 23, 2014

SECURITY

Issues and Dilemmas in Information Security Practices

Editor’s note: In A Circular Problem in Current Information Security Principles, we highlighted one of the challenges in our knowledge domain that contributes to the ineffectiveness of today’s information security practices. In this third installment, we review the issues and dilemmas that are commo…

December 16, 2014

SECURITY

A Circular Problem in Current Information Security Principles

Editor’s Note: In this second installment of the blog series on more responsive security, we take a closer look at the circular problems associated with four common security principles in managing “weak link” risks in Information Technology organizations. Before discussing what con…

December 10, 2014

EXECUTIVE PLATFORM

Cisco Announces Intent to Acquire Neohapsis

Today, businesses are looking at security in a strategic, comprehensive way to protect mission critical processes and assets. There has never been a greater need to understand the impact that security threats can have on a company’s bottom line. For these reasons, experienced security advice is now…