security
On Cisco.com password changes
Last week I published a brief blog about the OpenSSL heartbeat extension vulnerability, also known as the Heartbleed bug. One commenter asked, “What about the Cisco.com website? Is it safe to change our passwords on the site?” We received a handful of similar questions from customers today, so I wou…
Not If, but When: The case for Advanced Malware Protection Everywhere
A recent Bloor Research Market Update on Advanced Threat Protection reminds us of something that many security vendors have long been loath to acknowledge: traditional, point-in-time technologies, like anti-virus or sandboxes, are not entirely effective when defending against complex, sophisticated…
Bring Your Own Service: Why It Needs to be on InfoSec’s Radar
Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of thi…
Making Your Metrics Program Effective Beyond Just Charts and Numbers
Editor’s Note: This is the third part of a four-part series featuring an in-depth overview of Infosec’s (Information Security) Unified Security Metrics Program (USM). In this installment, we discuss the effectiveness of the USM program at Cisco. Information security is all about risk red…
Cisco Live 2014 San Francisco: Security Technology Track
Cisco Live, May 18-24, 2014, is quickly approaching and registration is open. This is the 25th anniversary of Cisco Live and we return to the Bay Area at San Francisco’s Moscone Center. Educational sessions are organized into technology tracks to make it easy to find the topics that most inter…
Year-Long Exploit Pack Traffic Campaign Surges After Leveraging CDN
This post is coauthored by Andrew Tsonchev. Anyone can purchase an exploit pack (EP) license or rent time on an existing EP server. The challenge for threat actors is to redirect unsuspecting web browsing victims by force to the exploit landing page with sustained frequency. Naturally, like most cri…
Heartbleed: Transparency for our Customers
We know that communicating quickly and openly about security vulnerabilities can result in a little extra public attention for Cisco. As a trustworthy vendor, this is something we’re happy to accept. It’s recently been said that there is only one thing being discussed by IT security people rig…
Ferguson Group Ltd keeps an Eye on Operations with Cisco Physical Security
I remember growing up in the UK years ago during the UK’s ‘North Sea Oil Boom’. It was a time of great excitement and opportunity for the nation. A whole industry was developed to deal with offshore exploration to ‘bring the energy home’. It was Aberdeen’s local…
March 2014 Threat Metrics
The median rate of web malware encounters in March 2014 was 1:260, compared to a median rate of 1:341 requests in February. At least some of this increased risk appears to have been a result of interest in the NCAA tournaments (aka March Madness), which kicked off during the second week of March in…