Be impeccable with your words. Itβs the first of the Four Agreements β a set of universal life principles outlined in the bestselling book by Don Miguel Ruiz. βBeing impeccable with your wordsβ is my favorite, and itβs no surprise. As a product marketer, I spend most of my daily existence casting about for the perfect word to use in web copy, a webinar, or video script.
Words can connect us, as well as divide us. In helping to develop the message that Cisco takes to the market about zero trust, I try to be as impeccable as I can with each word. After all, cybersecurity is too important to be cavalier about what is possible β within a particular use case, product, or service.
Clarifying what zero trust means to you comes first. The zero trust principles reflect another of the four agreements: βDonβt make assumptionsβ. Donβt assume that a user or device is trusted based on their presence on the network, their type of device, or any other aspect of the connection request. Instead, verify it.
At the same time, donβt assume that everyone in your organization is in accord with, or clear on the goals of a zero trust initiative. Confirm goals and clearly communicate them. Over the past year, Iβve met with several customers keen to embark on zero trust and generally those goals involve one or more of the following:
The phrase zero trust does not inspire trust, clarity, or transparency. No name is perfect, but the challenge with calling an architecture that is consistent with a βnever assume trust, always verify it, and enforce the principle of least-privilegeβ policy βzero trustβ is that it sends the message that βone cannot ever be trustedβ.
Changing the mindset of anyone is already a complex undertaking, but
starting off with a lack of trust (even if itβs only a word) doesnβt help.
Zero trust is simply good security. Zero trust is a conversation about the totality of the security stack, and how to bring it to bear in ways that allow teams toβ¦
Simply put, make sure that one only has access to resources they need and that any violations of this policy are investigated.
Relationships build trust β an essential ingredient for zero trust momentum. In the Harvard Business Reviewβs βBegin with Trustβ, Frances Frei and Anne Morriss describe three key drivers for trust: authenticity, logic, and empathy. Perhaps we can apply these drivers within the context of zero trust security:
Β
Weβd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
In todayβs security climate, NetOps and SecOps teams are witnessing increased attack surface area as applications and workloads move far beyond the boundaries of their data center. These applications/workloads move to, and reside in multi-cloud architecture, adding complexity to connectivity, visibility, and control. In the multi-cloud world, the SecOps teams use a distributed security model that is expensive, difficult to deploy, and complex to manage.
Cisco has partnered with Alkira to help secure your multi-cloud environment. Combining Alkiraβs simplified cloud connection through their cloud network-as-a-service platform (SaaS-like model) with Ciscoβs industry-leading security controls, we can deliver a centralized security model for multi-cloud architecture that is easy to deploy, manage, and increases visibility and control.
Cisco Secure Firewall Threat Defense Virtual provides unmatched security controls such as stateful firewalling, Snort3 IPS, URL filtering, malware defense, application visibility and control, and more. Additionally, with the purchase of Secure Firewall Threat Defense Virtual, you will receive license entitlement to Cisco SecureX, our open XDR and orchestration platform, helping you accelerate threat detection, investigation, and remediation.
Cisco Secure Firewall Management Center (FMC) is required for managing Secure Firewall Threat Defense Virtual, helping administrators enforce consistent access policies, rapidly troubleshoot security events, and view summarized reports across the deployment.
Secure Firewall Threat Defense Virtual is available on Alkiraβs service marketplace through Bring-Your-Own-License (BYOL) and Pay-As-You-Go licensing options. Customers can seamlessly deploy and insert Secure Firewall in their Alkira Cloud Exchange Points (CXP).
Benefits of this integrated architecture include:
The Cisco Secure Firewall Threat Defense brings the following capabilities to the environment:
Figure 1 shows a multi-cloud environment inter-connected using Alkira Cloud Exhange Platform (CXP). In the above architecture, Cisco provides seamless insertion of security controls and enables the following use cases for firewall insertion:
Using Alkiraβs customer portal, Cisco Secure Firewall Threat Defense Virtual can be easily inserted in the traffic path within minutes. Figure 2 shows how automation & orchestration eliminates additional configuration required in the legacy insertion model.
Cisco Secure Firewall Threat Defense Virtual is managed using Cisco Secure Firewall Management Center (FMC). Customers can use on-premises FMC or build a virtual FMC instance in the cloud. Cisco and Alkira support both models of deployment.
Cisco Secure Firewall Threat Defense Virtual protects the following traffic flows in Alkira CXP:
Alkira and Ciscoβs partnership simplifies the deployment of enterprise-grade security in the cloud while enabling multi-cloud visibility and end-to-end threat defense for customers.
Additional Resources:
Cisco Secure Firewall Threat Defense
Cisco Secure Firewall Data Sheet
Cisco Secure Firewall Management Center
Alkira blog on Cisco Secure Firewall Threat Defense
Weβd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
I discuss an interesting attack vector which not many people do to possibly bypass 2 factor authentication in a web application.
For Cisco engineers working on Duo, having a remote-first workplace has helped them reach life goals, connect with colleagues around the world, and be intentional communicators. We understand that working remotely can be an adjustment β thatβs why weβve compiled the 10 parts of remote work that surprised our team members most and their advice for navigating the nuances. If youβre interested in being part of a remote-first workplace, check out our open positions.
Senior Engineering Leader David Rines has worked remotely for the past seven years. Heβs found that Ciscoβs approach to distributed teams has βenabled us to pick up the right talent, and not necessarily local talent. We are moving towards a global, follow the sun environment,β he said.
One of the aspects Rines appreciates most of this structure is getting βa widely varied set of perspectives and experiences that help build a more reliable, more robust product, which is why weβre here.β
Another benefit to having colleagues across the globe is the sharing of recipes, a perk Senior Site Reliability Engineer Bernard Ting particularly enjoys. Proactively communicating with colleagues virtually βhelps you to form bonds with people from other teams. You can always learn something new about cultures elsewhere. I talk to people about food and so Iβm always gathering recipes from people from all over the world,β Ting shared.
While some may fear that working remotely could lead to feelings of isolation and loneliness, a different camaraderie can flourish in the structure of our distributed teams. With colleagues across time zones, βthereβs always someone there who you can reach out to help solve your problem,β Rines said.
Collaboration hours are another way Site Reliability Engineering Manager Jaya Sistla has cultivated virtual community and problem-solving. These hours are blocked off for team members to talk about what theyβre working on. βThe main thing is being able to ask for help so you donβt go into the rabbit hole debugging things,β Sistla said.
Ting points out that working in a distributed model allows you to really engage in virtual events and conversations. Given that the team mainly communicates through online chat, Ting has found that βforces you to see everyone as equally approachable, which has made me more comfortable reaching out to people from anywhere in the world.β
For folks sharing an office, collaboration can happen through casual chats over coffee. When facing a challenge, you can ask your neighbor for support. While ideally virtual communication could have a similar cadence and spontaneity, the logistics of remote and distributed work require intentionality and being proactive in connecting with colleagues as people and as co-workers.
When Ting first started working remotely, he felt that every meeting needed to be formal and have a business objective. By sharing his feelings with his manager, he was reassured that βsocializing is a very important part of teamwork, because if you donβt have a good relationship with your colleagues youβre not going to be able to have healthy discussions, healthy conflict or be able to critique each other when the situation arises.β
Since that conversation, Ting has been more proactive about catching up with colleagues, which can include sharing a coffee over video chat. Duoβs βcoffee rouletteβ formalizes the process as every month, employees who opt in can be randomly paired up for a quick half-hour chat focused exclusively on socializing. Ting has found being proactive about socializing virtually helpful. βItβs made me more intentional with my time and really treasure the social experience you can get,β he said.
Some folks may be concerned that without a manager observing their efforts and work ethic day in and day out, it may be harder to recognize accomplishments and challenges. Ting found that within his team βwhen you work on projects and in your one-on-ones with your managers, theyβre always very intentional about learning what youβve been doing and seeing what your progress is like on certain projects. Iβve been asked, βHow do you think you can improve? What are some of the things youβve been doing outside of the team work?ββ
To cultivate cross-team collaboration and education, there are thoughtfully planned virtual lunch and learns. βWe schedule training sessions and common meetings at times that are flexible for everyone. If it has to be repeated, we do it so people can comfortably attend rather than stretching themselves and attending at odd hours,β Sistla said.
For Software Engineer Nick Aspinall, an important and fun part of working remotely is keeping in touch with virtual messaging. One unique perk has been getting to create and customize emojis with team members including a few of himself in βvarious ridiculous states,β he said.
Connecting with colleagues on themed channels focused on personal and professional interests from coffee to pets βmakes it really cool because you can meet people across different teams and still get some of the feeling of rubbing elbows that you get when youβre in the office,β Aspinall said. Participating in these virtual conversations boosts morale while also providing an endless supply of cute animal pics.
Given the multi-faceted nature of our work and the importance of consistent information sharing, having different communication channels and formats to communicate data with varying degrees of complexity is vital. Having information readily accessible, accurate and updated is particularly necessary in a field like cybersecurity.
Senior Software Engineer Mario Lopez finds that the variety of information sources contributes to an easeful remote working experience. For instance, for complex architecture decisions or detailing, Duoβs Wiki is the best source.
Software Engineer Hanna Fernandez has benefited from chat channels dedicated to design and engineering topics to βsee what everyoneβs up to and what thoughts people have,β she said. Sista pointed out these are great places to ask questions and open up dialogue to solve problems.
Our culture is βvideo-on,β meaning that it is preferred that during video meetings, as much as possible, attendees have their cameras on. Lopez loves this because βyou get a bit of that personal human element.β
βWeβre all people behind these screens. You definitely get some of peopleβs personality through text, but you get it more when you actually see them. Itβs infectious when you see someone smiling. Youβve got to smile back,β he shared (while we both smiled).
When Fernandez started at Cisco, she was advised to schedule individual meetings with everyone she would be working with on every team that she joined. That suggestion is one sheβs applied even virtually.
βItβs a great strategy because I already know that my team is super talented and very smart, but this way I also get to know them as humans beyond their roles,β Fernandez said. Fernandez also finds it important to check in with co-workers and ask how theyβre feeling and how their time off was. βI know a lot of people hate small talk, but itβs not just small talk. Iβm genuinely interested in how my co-workers are doing.β
One of Tingβs biggest goals was buying his first house in the countryside outside of London. By working remotely, Ting has flexibility in his location which allowed him to achieve his goal of buying a house and settling down with his partner, while giving their dogs the space they need to be dogs.
When transitioning from fully remote to hybrid, itβs important to recognize that there will be some shifts to get accustomed to. As the structures of remote, distributed and hybrid work evolve, itβs important to stay flexible and notice whatβs possible through multiple modalities of team building. Many teams have enjoyed in-person gatherings and connecting through virtual lunches and team games when remote.
Fernandez has had multiple roles with multiple structures at Cisco. As an intern, she was fully in person and shared desk space with other interns who collaborated on full stack engineering. While working in finance IT, Fernandez was hybrid and many of her colleagues were distributed among multiple offices. The pandemic began while she was in a DevOps role, forcing her to maintain boundaries around her work time while working fully remotely. In her current role working on Duo, Fernandez is completely remote but advocates for in-person events if possible, because βhumans are social creatures who want to see each otherβs faces in real life once in a while.β
For Aspinall, βwhen we did come back to the office, there was a bit of an adjustment period where you were overstimulated from the office.β He also wanted to ensure team members who were 100% remote were fully included. Now he sees that while half his team is fully remote and the other half is hybrid, βthat doesnβt stop anyone from doing anything. All of our meetings feel the same. Theyβre all seamless.β
If youβre interested in joining our team from wherever you are in the world, check out our open roles.
Β
Weβd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Imagine this: Your CEO sends you an email asking for your help transferring $5,000 to a new vendor for an urgent project. You make the transfer, only to find out later that the email was actually from an imposter, and that money is now in the hands of cybercriminals. Oops, right? crickets
Business Email Compromise (BEC) is a type of cybercrime that involves compromising or imitating legitimate business email accounts to carry out fraudulent transactions or steal sensitive information. The goal of a BEC attack is typically to trick the victim into transferring money, clicking on a malicious link, or disclosing sensitive information such as login credentials. BEC attacks can have a devastating impact on organizations of all sizes and in all industries, making it essential for businesses to be aware of the threat, understand the business risk, and take the necessary steps to protect themselves.
According to the latest FBI IC3 report, BEC is βone of the most financially damaging online crimesβ and in 2021 was accountable for $2.4 Billion in adjusted losses for businesses and consumers.
One of the most common types of BEC attacks is called impersonating or email spoofing. By pretending to be a trusted colleague or business partner to gain the victimβs trust, the attacker uses social engineering techniques to trick the victim into clicking on a link or attachment in an email that contains malware, takes the victim to a malicious website, and has them transfer funds or change payment information.
BEC attacks can be very sophisticated and are difficult to detect. Many times, what the end-user sees on their email client does not represent the true email address of that sender, or it shows one that has been spoofed.
Typically, the attacker tries to impersonate someone in the organization with enough authority to not be questioned about what he/she is asking to be done.
As with everything in security, to be able to succeed in stopping BEC attacks, additional security layers & techniques should be implemented. There are several options to mitigate or reduce the number of successful BEC attacks. Creating a list of the people who will be likely to be impersonated will provide the best results. Usually, with names from the CxO level, this is known as a High Impact Personnel list. It will be used along with other security analysis engines to make sure any impersonated/spoof emails, along with other threats, get stopped and will not reach the end user.
The Cisco Secure Email Threat Defense solution leverages hundreds of detection engines that utilize state-of-the-art artificial intelligence/machine learning and natural language processing to convict messages from the most creative attackers! On top of this, our customers can define their High Impact Personnel list, and together with the other detection engines, will be able to not only block malicious messages but also understand the reasons and categories of why a message is being convicted as malicious.
In summary, Business Email Compromise (BEC) is a serious threat to organizations of all sizes and in all industries. To protect against BEC attacks, businesses should implement multiple techniques including identifying their High Impact Personnel for their organization, educating employees about the threat, and relying on reporting to understand who is being targeted most frequently so their security policies can be adjusted.
See how Secure Email Threat Defense identifies specific business risk factors to protect your organization.
Weβd love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Discussing a under rated sub bug class of Buisness Logic Flaws in web apps that deserves more attention.
Overview
If you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.
We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.
Please reserve top level comments for those posting open positions.
Rules & Guidelines
Include the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.
You can see an example of acceptable posts by perusing past hiring threads.
Feedback
Feedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)