Cisco: Just Because You’re Paranoid…
Apr19

Cisco: Just Because You’re Paranoid…

“Just because you’re paranoid doesn’t mean they aren’t after you.” Joseph Heller, Catch-22   With most of the cybersecurity world gathered in San Francisco for this week’s RSA Conference 2018, the timing was impeccable: on Monday Cisco made significant endpoint and email protection announcements; that was also the day the U.S. Computer Emergency Readiness Team issued a warning that ‘Russian hackers are attacking networking devices, network management protocols and the Cisco Smart Install Client that belong to governments, infrastructure providers and businesses.’ According to the networking giant, more than 168,000 systems are potentially exposed via that client. “Russian state-sponsored cyber actors have conducted both broad-scale and targeted scanning of Internet address spaces. Such scanning allows these actors to identify enabled Internet-facing ports and services, conduct device fingerprinting, and discover vulnerable network infrastructure devices,” said the April 16 alert, which was based on results of analytic efforts between the Department of Homeland Security, the FBI and the United Kingdom’s National Cyber Security Centre. Cisco noted several incidents in a release on April 5. “We are taking an active stance, and are urging customers, again, of the elevated risk and available remediation paths.” While Cisco might rue the timing of the hacker alert, it is generally a good time to be in the cybersecurity business: -the data protection market is expected to grow from $57.22 billion in 2017 to $119.95 billion by 2022, at a Compound Annual Growth Rate of 16%, and, -the total cybersecurity market will grow at a CAGR of 11%, from last year’s $137.85 billion to $231.94 billion by 2022. The reason this market is so hot, is because the threats are escalating even faster: – malware attacks increased 18.4% year-over-year to 9.32 billion in 2017; -while ransomware attacks dropped from 638 million to 184 million between 2016 and 2017, ransomware variants increased 101.2%; -the average organization will see almost 900 file-based attacks per year hidden by SSL/TLS encryption; -32% of breaches affected more than half of respondents’ systems, compared with 15% in 2016; -more than half of all attacks resulted in financial damages of more than $500,000, including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs; -complexity is growing: in 2017, 25% of security professionals said they used products from 11 to 20 vendors, compared with 18% in 2016; and, -time to detection has improved from the 39-hour median TTD reported in November 2015, and the 14-hour median reported in 2017. To add injury to insult: -only 66% of organizations are investigating security alerts, and businesses are mitigating less than 50% of attacks they know are legitimate; and, -in almost all breaches (93%), it...

Read More

Handicapping Enterprise Security Vendors

In the course of my average work day, I try to read all the cybersecurity news I can. I came across a very good article in Forbes that looks at the cybersecurity opportunities for companies like IBM, Cisco, Dell, and others. The article points out that the market for cybersecurity products and services is estimated at $77b today, growing to $120b by 2020. That’s a lot of firewalls, AV software, and identity tokens! Since I agree with some of the author’s points and disagree with others, I decided to post my own thoughts on my list of leading enterprise security vendors: To read the complete article, CLICK...

Read More

Trend Micro for Enterprise Security

Ask a security professional in North America to describe Trend Micro and you will likely hear about antivirus software and a grouping of vendors that also includes McAfee and Symantec.  Funny, but you’d get a completely different answer if you asked the same question in Brazil, Germany, or Japan.  In these geographies, you’d hear about a billion dollar-plus enterprise-class security leader with a full portfolio of products, partnerships, and managed services. Why the disconnect?  Trend is an Asian company that hasn’t pushed too hard into the North American market until recently (other than the consumer sector).  Furthermore, Trend isn’t known for guerilla marketing tactics, cybersecurity exposés, or expensive marketing campaigns at Black Hat and RSA. In fact, Trend is really the antithesis of today’s boastful Sand Hill Road-funded startups.  Rather than hype, the company tends to let its resources and security offerings do its talking.  Unfortunately, too many people dismiss this “aw-shucks” image and still equate Trend with AV software alone. To read the complete article, CLICK...

Read More

Enterprise[s]… Establishing a “Cybersecurity Cavalry”

Based upon numerous discussions I’ve had with CISOs, the cybersecurity cavalry [highly-skilled and well-armed troops that establish security outposts to encounter adversaries out on the frontier] isn’t a passing fad but rather a major organizational shift that is gaining momentum. Indeed, large organizations are rapidly adding headcount and increasing budgets for this group. I’ve also seen financial services, defense contractors, and retail organizations giving CISOs the cybersecurity equivalent of eminent domain, allowing them to commandeer IT segments, sound alarm bells, and establish active network policy enforcement actions to improve threat response, even if these actions may temporarily disrupt business operations. This type of authority was unheard of in the past. To read the complete article, CLICK...

Read More

…Security Professionals Speak Out on SDN Use Cases…

At this week’s VMworld shin dig in San Francisco, many networking and security vendors will crow about software-defined security and software use cases for SDN. Some of this rhetoric will be nothing more than industry hype while other banter may prove to be extremely useful in the near future. Yes, there are many interesting ways that SDN could work to enhance network security. That said, which SDN/network security use cases are really compelling and which could be considered second-tier? ESG research asked this specific question to security professionals working at enterprise organizations (i.e., more than 1,000 employees) as part of a recent ESG research report, Network Security Trends in the Era of Cloud and Mobile Computing. Here are the top 5 SDN use cases for network security: To read the complete article, CLICK...

Read More