security
A New Model to Protect the Endpoint, Part 3: Automated Advanced Analytics
In my final post in this series, I wanted to focus on another powerful innovation made possible by combining a big data architecture and a continuous approach for more effective protection: automated, advanced analytics. Today’s advanced malware compromises environments from an array of attack vecto…
Threat Spotlight: “A String of Paerls”, Part 2, Deep Dive
This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas Goddard In part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described…
The Expanding Burden of Security
[ed. Note: This post was updated 7/9/2014 to include new information not available to the author at the time of original publishing] I just returned from the Gartner Security Summit at the Gaylord Resort in National Harbor Maryland. Each morning I took my run along the Potomac River and passed this…
Summary: Governing the World of Many Clouds with Cisco Cloud Consumption Optimization Service
CIOs face a scary reality. They only know about 5-10% of the cloud applications that are being used within their organization. This shadow IT is ripping holes in their security strategies. In fact, a recent Forrester study cited that 43% of respondents said they believed shadow IT practices were maj…
HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments
The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and…
A New Model to Protect the Endpoint, Part 2: Attack Chain Weaving
In my last post, I talked about the need for a paradigm shift from point-in-time detection technologies to a new model that combines a continuous approach with a big data architecture. This new model lets Cisco deliver a range of other innovations that enhance the entire advanced malware protection…
Before, During and After: How to Think About Complex Threats
I’m often asked how to deal with the security threat landscape within the context of running a business. The security threat landscape can seem like a highly complex challenge, yet as I’ve looked at it through my work with Cisco and the broader industry, it can actually be boiled down in…
Security and Collaboration – Top of mind for IT and OT (Operational Technologies) professionals
During the past ENTELEC event held in Houston, I had the opportunity to chat with Shawn Birch – Partner Development Consultant At Tait Communications to ask him about his impressions of the shows and what would be the key care-abouts of IT people during this Oil and Gas event. Tait Communications is…
Is Your Team Prepared for a Cyber Attack? Get Ready with CyberRange Training
The fire alarm went off in my building again, but fortunately, it was only a drill. By now, we are all used to the periodic fire drills for emergency preparedness in our workplaces. But have you ever wondered if there is a similar exercise possible for a cyber attack? The same logic applies. Your te…