Cisco: Just Because You’re Paranoid…
Apr19

Cisco: Just Because You’re Paranoid…

“Just because you’re paranoid doesn’t mean they aren’t after you.” Joseph Heller, Catch-22   With most of the cybersecurity world gathered in San Francisco for this week’s RSA Conference 2018, the timing was impeccable: on Monday Cisco made significant endpoint and email protection announcements; that was also the day the U.S. Computer Emergency Readiness Team issued a warning that ‘Russian hackers are attacking networking devices, network management protocols and the Cisco Smart Install Client that belong to governments, infrastructure providers and businesses.’ According to the networking giant, more than 168,000 systems are potentially exposed via that client. “Russian state-sponsored cyber actors have conducted both broad-scale and targeted scanning of Internet address spaces. Such scanning allows these actors to identify enabled Internet-facing ports and services, conduct device fingerprinting, and discover vulnerable network infrastructure devices,” said the April 16 alert, which was based on results of analytic efforts between the Department of Homeland Security, the FBI and the United Kingdom’s National Cyber Security Centre. Cisco noted several incidents in a release on April 5. “We are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.” While Cisco might rue the timing of the hacker alert, it is generally a good time to be in the cybersecurity business: -the data protection market is expected to grow from $57.22 billion in 2017 to $119.95 billion by 2022, at a Compound Annual Growth Rate of 16%, and, -the total cybersecurity market will grow at a CAGR of 11%, from last year’s $137.85 billion to $231.94 billion by 2022. The reason this market is so hot, is because the threats are escalating even faster: – malware attacks increased 18.4% year-over-year to 9.32 billion in 2017; -while ransomware attacks dropped from 638 million to 184 million between 2016 and 2017, ransomware variants increased 101.2%; -the average organization will see almost 900 file-based attacks per year hidden by SSL/TLS encryption; -32% of breaches affected more than half of respondents’ systems, compared with 15% in 2016; -more than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs; -complexity is growing: in 2017, 25% of security professionals said they used products from 11 to 20 vendors, compared with 18% in 2016; and, -time to detection has improved from the 39-hour median TTD reported in November 2015, and the 14-hour median reported in 2017. To add injury to insult: -only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate; and, -in almost all breaches (93%), it...

Read More

Enterprise[s]… Establishing a “Cybersecurity Cavalry”

Based upon numerous discussions I’ve had with CISOs, the cybersecurity cavalry [highly-skilled and well-armed troops that establish security outposts to encounter adversaries out on the frontier] isn’t a passing fad but rather a major organizational shift that is gaining momentum. Indeed, large organizations are rapidly adding headcount and increasing budgets for this group. I’ve also seen financial services, defense contractors, and retail organizations giving CISOs the cybersecurity equivalent of eminent domain, allowing them to commandeer IT segments, sound alarm bells, and establish active network policy enforcement actions to improve threat response, even if these actions may temporarily disrupt business operations. This type of authority was unheard of in the past. To read the complete article, CLICK...

Read More

Cisco, FireEye Announcements: A Microcosm of the …

The Cisco and FireEye announcements are a microcosm of what’s happening in cybersecurity. Large organizations are abandoning individual point tools in favor of integrated cybersecurity technology architectures – exactly why Cisco bought Sourcefire and is now bringing the best of both companies together. Aside from technology alone, CISOs also need to supplement internal infosec resources with the right skills. FireEye is now addressing this. These trends are not a secret – other vendors including HP, IBM, RSA, and Symantec have their own plans for integrated security technology architecture and managed/professional services. This may be the market direction but it’s important to note that the move toward integrated security architecture and managed services represents a major cybersecurity transition for enterprise organizations. Vendors who can guide customers through this evolution with the right project plans, reference architectures, and industry-specific implementation guidelines will put themselves in the best position. To read the complete article, CLICK...

Read More

…Security Professionals Speak Out on SDN Use Cases…

At this week’s VMworld shin dig in San Francisco, many networking and security vendors will crow about software-defined security and software use cases for SDN. Some of this rhetoric will be nothing more than industry hype while other banter may prove to be extremely useful in the near future. Yes, there are many interesting ways that SDN could work to enhance network security. That said, which SDN/network security use cases are really compelling and which could be considered second-tier? ESG research asked this specific question to security professionals working at enterprise organizations (i.e., more than 1,000 employees) as part of a recent ESG research report, Network Security Trends in the Era of Cloud and Mobile Computing. Here are the top 5 SDN use cases for network security: To read the complete article, CLICK...

Read More

Anticipating Black Hat

RSA 2014 seems like ancient history and the 2015 event isn’t until next April. No worries, however, the industry is set to gather in the Las Vegas heat next [THIS] week for cocktails, sushi bars, and oh yeah – Black Hat. Now Black Hat is an interesting blend of constituents consisting of government gumshoes, Sand Hill Rd. Merlot drinking VCs, cybersecurity business wonks, “beautiful mind” academics, and tattooed hackers – my kind of crowd! As such, we aren’t likely to hear much about NIST frameworks, GRC, or CISO strategies. Alternatively, I am looking forward to deep discussions on: To read the complete article, CLICK...

Read More