I am excited to announce the release of Cisco’s annual flagship cybersecurity report, the Security Outcomes Report, Volume 3: Achieving Security Resilience. It’s about preparing, adapting, and overcoming security challenges and threats, and an organisation’s ability to respond and emerge stronger.It’s the organization’s ability to respond to the inevitable attacks and unexpected events that come our way. In a recent webinar on Security Trends for 2023, the team spoke about laying a good foundation, and when you do, good outcomes will come from that. The Security Outcomes Report, Vol.3 looks at the most important factors that will help you build that foundation and give you the most successful security outcomes.
When it came to the top priority security outcome for organisations, Europe, the Middle East and Africa (EMEA) were in line with global findings. Preventing major security incidents and losses, mitigating financial losses from security incidents, and adapting to unexpected external change events or trends, were the top three. Interestingly, security leaders prioritised mitigating financial losses whereas more technical and operational security respondents placed the highest importance on preventing major incidents. It’s of course understandable to have differing focuses at different levels but this highlights the importance of agreeing and communicating shared objectives and goals.
When asked to their rate overall resilience, respondents from France had the highest score in EMEA, closely followed by Italy and the Netherlands. Germany had the lowest score (significantly lower than the rest of region and the globe). Slightly contrary to this, when asked how confident they would be to remain resilient in a ‘worst case’ cybersecurity event, France came out second to last with only 27% saying they are strongly confident. The most confident country is the Netherlands with 54%.
Globally across all sizes of business the security outcome that organizations most struggle with is recruiting and retaining talented security personnel; the UK and Germany also noted this as top, reinforcing the ongoing battle against the security skills gap.
The report analyses the seven success factors that have shown to improve overall security resilience:
I’d encourage you to read the full report, there are some great takeaways on how organizations can improve their resilience with a focus on these areas.
The report is based on an anonymous survey 4,751 active cybersecurity experts from 26 countries. Analysis was done by the Cyentia Institute on behalf of Cisco. EMEA countries represented are France, Germany, Italy, Saudi Arabia, Spain, The Netherlands and the UK.
The report is available in English, German and French.
To learn more about the findings from this report and the Duo Trusted Access Report, join our webinar: Trust No One – Secure Everyone: EMEA insights into a Zero Trust approach
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Speaking to many CISOs, it’s clear that many security executives view zero trust as a journey that can be difficult to start, and one that even makes identifying successful outcomes a challenge. Simultaneously, the topic of security resilience has risen up the C-level agenda and is now another focus for security teams. So, are these complementary? Or will they present conflicting demands that will disrupt rather than assist the CISO in their role?
One of the most striking results coming from Cisco’s latest Security Outcomes Report is that organizations with a mature zero trust implementation – those with basic controls, constant validation and automated workflows – experience a 30% improvement in security resilience compared to those who have not started their zero trust journey. So, these two initiatives – implementing zero trust and working to achieve security resilience – appear to complement each other while supporting the CISO when a cyber black swan swims in.
Security resilience is the ability to withstand an incident and recover more strongly. In other words, ride out the storm and come back better. Meanwhile, zero trust is best known as a “never trust, always verify” principle. The idea is to check before you provide access, and authenticate identity based on a risk profile of assets and users. This starts to explain why the two are complementary.
The Security Outcomes Report summarizes the results of a survey of more than 4,700 security professionals. Among the insights that emerge are nine security resilience outcomes they consider most important. The top three outcomes for resilience are prevention, mitigation and adaptation. In other words, they prioritize first the ability to avoid an incident by having the right controls in place, then the ability to reduce and reverse the overall impact when an incident occurs, and then the ability to pivot rapidly without being bound by too rigid a set of systems. Zero trust will support these outcomes.
Preventing, or reducing the likelihood of a cybersecurity incident, is an obvious first step and no surprise as the most important outcome. Pursuing programs that identify users and monitor the health of devices is a crucial a preventative step. In fact, simply ensuring that multifactor authentication (MFA) is ubiquitous across the organization can bring an 11% improvement in security resilience.
When incidents occur, security teams will need a clear picture of the incident they are having to manage. This will help in them respond quickly, with a proactive determination of recovery requirements. Previous studies show that once a team achieves 80% coverage of critical systems, the ability to maintain continuity increases measurably. This knowledge will also help teams develop more focused incident response processes. A mature zero trust environment has also been found to almost double a team’s ability to streamline these processes when compared to a limited zero trust implementation.
When talking to CISOs about successful implementation programs, communication within the business emerges as a recurring theme. Security teams must inform and guide users through the phases of zero trust implementation, while emphasizing the benefits to them. When users are aware of their responsibility to keep the organization secure, they take a participatory role in an important aspect of the business. So, when an incident occurs, they can support the company’s response. This increases resilience. Research has shown that a mature program will more than double the effect of efforts to improve the security culture. Additionally, the same communication channels established to spread the word of zero trust now can be called upon when an incident requires immediate action.
Mature implementations have also been seen to help increase cost effectiveness and reduce unplanned work. This releases more resource to cope with the unexpected – another important driver of resilience surfaced in Volume 3 of the Security Outcomes Report. Having more efficient resources enables the security function to reallocate teams when needed. Reviewing and updating resource processes and procedures, along with all other important processes, is a vital part of any of any change initiative. Mature zero trust environments reflect this commitment continuous assessment and improvement.
Inherent in organizational resilience is the ability to adapt and innovate. The corporate landscape is littered with examples of those who failed to do those two things. A zero trust environment enables organizations to lower their risk of incidents while adapting their security posture to fit the ongoing changes of the business. Think of developing new partners, supporting new products remotely, securing a changing supply chain. The basic tenets of MFA – including continuous validation, segmentation and automation – sets a foundation that accommodates those changes without compromising security. The view that security makes change difficult is becoming obsolete. With zero trust and other keys to achieving security resilience, security now is a partner in business change. And for those CISOs who fear even starting this journey, understanding the benefits should help them take that first step.
Download the Security Outcomes Report, Vol. 3: Achieving Security Resilience today.
Learn more about cybersecurity research and security resilience:
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Give the gift of security resilience and receive instant savings from a secure choice enterprise agreement.
When it comes to the holidays, most thoughts turn towards shopping and spending time with friends and loved ones. In the business world, the holiday season often lands at the end of the quarter / fiscal year, and businesses start to make lists of things that need to be purchased in the coming years, and sometimes they find themselves wanting to purchase a gift – so to speak – for themselves.
The problem that many organizations face is that when it comes to purchasing products and services, balancing today’s needs and budget isn’t as easy as it sounds. Add to this the concern of unclear future security needs which can be stressful. But what if you could get exactly what you need, protect the budget and future-proof your investment at the same time?
We want to give a gift to you. That is right, you read that correctly. We want to make your holidays a little bit more special with the gift of security resilience. And we can offer that to you with instant savings.
Here are a few examples of how you can build the gift of security resilience that best fits your organization’s security needs today and is ready to grow with your tomorrow.
Provide edge to edge protection. Hold the first line of defense against cyberthreats for branch offices and remote users. Maintain the last line of defense, by protecting your endpoint devices with rapid incident detection, response, and remediation of advanced threats.
Provide protection for your users and devices with these essential Cisco Secure products.
Protect what matters, get cloud and application protection that secures internet access, safeguards cloud app usage, and identifies public cloud threats. Build out your cloud and application security with these essential Cisco Secure products.
Cisco Secure Zero Trust helps you transform your business with continuous verification of users and devices for secure access. These Cisco Secure products are part of the essential architecture towards building zero trust secure access.
Choose any of the two Cisco Secure products that you want to buy towards building out user and device security, cloud and application security, zero trust secure access, or any of our security solutions. You do not have to stop with two, you have the freedom to grow; add more, save more.
Cisco Secure products you can choose from:
Give the Gift of Security with a Cisco Secure Choice Enterprise Agreement
Choose, buy, and deploy Cisco Secure products through one easy-to-manage Cisco Secure Choice Enterprise Agreement; save more as you buy more for all of those on your holiday list. Protect your end users working remotely, in office only, or in a hybrid environment as with more devices on and off the network, cybersecurity risks are not slowing down anytime soon. Build the solution that best fits your organization through a single, flexible agreement that lets you pay annually, as you go, over 3 or 5 years, with 0% financing.
With Cisco’s Secure Choice Enterprise Agreements, you can add security resilience in 2023 and beyond, with exactly the security products and services you need, right when you need them the most.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Cybersecurity has changed dramatically since the dawn of firewalls in the 1980s. But despite all the upheaval and innovation, they have stood the test of time. The basic concept of allowing “good” traffic to flow and blocking the bad stuff remains essential. Of course, it looks much different now than in the era of Care Bears and Cabbage Patch Kids.
Today’s workers, data, and applications are everywhere, and firewalls must be as well. There’s no longer just one finite space to defend. With the recent explosion of hybrid work and the rapid transition to multi-cloud environments, it’s imperative that firewalls evolve alongside a business — and be ready for whatever’s next.
So, can your firewall grow with you? Or is it stuck in the age of Hair Bands and He-Man?
The past few years have brought about a keen focus on resilience — remaining strong, yet adaptable in the face of unexpected and even unfathomable challenges. But an organization cannot persevere without security being at the forefront of any resilience strategy.
96% of executives consider security resilience highly important to their business.
– Cisco Security Outcomes Report
Firewalls are a critical foundation for building powerful, resilient security infrastructure. Yet contemporary firewalls have to be and do more than one thing. Cisco Secure Firewall delivers world-class security controls wherever you need them, with unified visibility and consistent policy management and enforcement.
As a worldwide leader in networking and security, Cisco is better positioned than any other vendor to incorporate effective firewall controls into your infrastructure — anywhere your data and applications reside. According to a study conducted on behalf of Cisco by Forrester Research, Cisco Secure Firewall customers can:
Cisco Secure Firewall delivers on several key aspects necessary for security resilience: visibility, flexibility, intelligence, integration, and unified controls. Together, they enable organizations to close gaps, see and detect threats faster, and adapt quickly to change.
Watch video: Cisco Secure Firewall Overview
With most of today’s internet traffic being encrypted, security measures can become obsolete without the ability to see into all traffic, encrypted or not. While decryption is commonplace, it is simply not feasible in many cases, and can have serious impacts on network performance. With its Encrypted Visibility Engine, Cisco Secure Firewall leverages deep packet inspection (DPI) to identify potentially malicious applications in encrypted traffic without offloading to another appliance and degrading performance.
Due to a highly distributed network and workforce, as well as constantly maturing attacks, the ability to see into every corner of your ecosystem is crucial. Cisco Secure Firewall blends multiple technologies to detect and block more threats in more places. By combining traditional firewall capabilities with URL filtering, application visibility and control, malware defense, and Snort 3 intrusion prevention, organizations gain robust protection against even the most sophisticated threats.
Cisco offers a wide variety of firewalls for defending the different areas of your network — including physical, virtual, and cloud-native — as well as cloud-delivered. We can secure businesses and offices of all types and sizes, from the data center to the cloud.
Cisco Secure also provides flexible firewall management options, enabling you to deploy and operate your security architecture in a way that is tailored to the unique requirements of your NetOps, SecOps, and DevOps teams. No matter which firewall models you choose or environments you operate in (physical or virtual), you can use a single, simplified application to manage all your firewalls from one place.
The threat landscape changes every day, and our defenses must change with it. Cisco Talos is one of the largest and most trusted threat intelligence groups in the world. Its in-depth insight into global threats, and advanced research and analysis, enable us to quickly incorporate protections for new threats into our products via hourly updates. That way, Cisco customers are continuously safeguarded from both known and unknown threats.
“When the Log4j vulnerability was discovered, we were protected before we even completed our patching,” said Paul Smith, network administrator at Marian University. “As a result of automated hourly updates from Talos, Cisco Secure Firewall had an early detection signature, so it was already blocking the concerning traffic from infiltrating our network.”
Another differentiator for Cisco Secure Firewall is that it’s part of an integrated security ecosystem. With Cisco SecureX, organizations can correlate data from multiple technologies and unleash XDR capabilities for a centralized, automated response to threats.
“At the end of the day, it’s about protecting the data, and we do that with the integration of [Cisco] Secure Endpoint, Umbrella, and Secure Firewall, which combine to protect the networks, endpoints, workstations, and servers — and all of this can be correlated easily within SecureX.”
– Elliott Bujan, IT Security Manager, Marine Credit Union
The new Cloud-delivered Firewall Management Center leverages the cloud to facilitate agile, simplified operations for a distributed, hybrid network. It provides efficiency at scale by allowing security teams to swiftly deploy and update policies across their environment with just a few clicks, as well as take coordinated actions to prioritize, investigate, and remediate threats within a single pane of glass. And with a cloud-delivered management center, Cisco regularly updates its software behind the scenes, which reduces risk, maintains compliance, and gives your team more time to focus on other priorities.
Additionally, Cisco Secure Firewall dynamically shares policies driven by intelligence from Cisco Secure Workload, which uses microsegmentation to prevent lateral movement of attackers throughout a network. This allows security policies to be harmonized across both the network and application environments, boosting efficacy and fostering collaboration between teams.
These are just some examples of what makes up a comprehensive, modernized firewall. But Cisco is not stopping there. We continue to innovate to meet evolving business needs. For example, the new enterprise-class 3100 Series firewalls are specially designed for hybrid work, supporting more end users with high-performance remote access for increased organizational flexibility.
Additionally, Cisco Secure Firewall serves as a key component of advanced security strategies including XDR, SASE, and zero trust, helping businesses keep pace with accelerating digital transformation. According to Cisco’s most recent Security Outcomes Report, organizations with mature XDR, SASE, and zero trust implementations all boast significantly higher levels of security resilience.
Fuel and energy retailer, Ampol, uses a variety of Cisco technologies, including Secure Firewall, to segment and safeguard its network. “Cisco was an integral part of our success during COVID-19 as we were able to serve customers without interruption in stores,” said Amir Yassa, senior project specialist at Ampol. “Deploying our retail resilience project, mostly comprised of Cisco products, enabled us to reduce our IT-related incidents by 90%, thus enabling us to serve our customers better now and into the future.”
Is your firewall keeping up with future demands, or is it still stuck in the 80s teasing its hair? If it’s the latter, we can help. Visit cisco.com/go/firewall and learn how to refresh your firewall.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
A new year is almost upon us and as we look back on our accomplishments in 2022, we also look forward to helping our customers become more security resilient and be better prepared for 2023. As part of this forward-looking process, and with the help of Gartner Peer Insights, we surveyed 100 Security and IT professionals to understand their level of security maturity and obtain their perspective on the future.
The results of the survey, called “Gartner Peer Insights – Future of Endpoint Security” can be found here in Infographic form.
Key insights from the Survey:
Regarding the first key insight, approximately two-thirds of the organizations surveyed have implemented EDR and XDR capabilities. These two capabilities are critical to detecting and eliminating threats, either before a breach has occurred or before a breach has had an opportunity to create damage.
Another key insight is related to endpoint vendor selection. In the survey, it’s noted that the top criterion organizations are looking for when selecting an endpoint security solution is the ability to support a hybrid workforce. This isn’t surprising given the events that have occurred over the last few years and the mix of remote workers expanding to working from home. Many organizations feel that the hybrid workforce is here to stay, in varying levels of remote workforce vs. on-premises workforce. The obvious implications directly related to the endpoint solutions are flexibility (e.g., deployment options), scalability, efficacy, resilience, and manageability, as a few examples.
The survey infographic provides much more insights than these two examples. The good news is that Cisco Secure Endpoint meets the challenges ahead for 2023 and beyond. If you haven’t researched Secure Endpoint lately, go here to see What’s New.
To find out more insights from the 100 Security and IT professionals we surveyed, please read the “Gartner Peer Insights – Future of Endpoint Security” survey.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Today, we released the latest issue of The Domain Name Industry Brief, which shows that the third quarter of 2022 closed with 349.9 million domain name registrations across all top-level domains, a decrease of 1.6 million domain name registrations, or 0.4%, compared to the second quarter of 2022.1,2 Domain name registrations have increased by 11.5 million, or 3.4%, year over year.1,2
Check out the latest issue of The Domain Name Industry Brief to see domain name stats from the third quarter of 2022, including:
• Top 10 Largest TLDs by Number of Reported Domain Names
• Top 10 Largest ccTLDs by Number of Reported Domain Names
• ngTLDs as Percentage of Total TLDs
• Geographical ngTLDs as Percentage of Total Corresponding Geographical TLDs
To see past issues of The Domain Name Industry Brief, please visit verisign.com/dnibarchives.
The post Verisign Domain Name Industry Brief: 349.9 Million Domain Name Registrations in the Third Quarter of 2022 appeared first on Verisign Blog.
Two years ago, we asked the question: What actually works in cybersecurity?
Not what everyone’s doing—because there are plenty of cybersecurity reports out there that answer that question—but which data-backed practices lead to the outcomes we want to implement in cybersecurity strategies?
The result was the first Security Outcomes Report, in which we analyzed 25 cybersecurity practices against 11 desired outcomes. And thanks to a large international respondent group, together with the mighty data science powers of the Cyentia Institute, we got some good data that raised as many questions as it answered. Sure, we found some strong correlations between practices and outcomes, but why did they correlate?
Last year, our second report focused in on the top five most highly correlated practices and tried to reveal more detail that would give us some guidance on implementation. We found that certain types of technology infrastructure correlated more with those successful practices, and therefore with the outcomes we’re seeking. Is architecture really destiny when it comes to good security outcomes? It does appear to be the case, but we had more research ahead of us to be more confident in a statement that sweeping.
All the while, we’ve been listening to readers considering what they’d like to glean from this research. One big question was, “How do we turn these practices into management objectives?” In other words, now that we have some data on practices we should be implementing, how do we set measurable goals to do so? I’ve led workshops in the UK and in Colombia to help CISOs set their own objectives based on their risk management priorities, and we’ve worked to identify longer-term targets that require close alignment with business leaders.
Another question that took a front-row seat in our presentations and just wouldn’t leave: the topic of cyber resilience, or security resilience. It’s almost reached the status of a buzzword in the security industry, but you can understand why it’s ubiquitous.
“Among the upheaval of the pandemic, political unrest, economic and climate turbulence, and war, everyone is struggling to find a new ‘business as usual’ state that includes being able to adapt better to the shaky ground beneath them.”
But what exactly is security resilience, anyway? What does it mean to security practitioners and executives around the world? And what are the associated cybersecurity outcomes that we can identify and correlate? We know it doesn’t simply mean preventing bad things from happening; that ship has sailed (and sunk). We also know that security resilience doesn’t always mean full recovery from an event or condition that has knocked you down. Rather, it means continuing to operate during an adverse situation, either at full or partial capacity, and mitigating the effects on stakeholders. Ideally speaking, security resilience also means learning from the experience and emerging stronger.
Security resilience is the focus of the third volume of our Security Outcomes Report: Achieving Security Resilience. It tells us how 4,700 practitioners across 26 countries are prioritizing security resilience: what it means to them, what they’re doing successfully to achieve it, and what they’re struggling with. Once again, the data gives us interesting ideas to ponder.
A stronger security culture boosts resilience by as much as 46%. By “culture,” we don’t mean annual compliance-driven awareness training. Cybersecurity awareness is what you know; security culture is what you do. When organizations score better at being able to explain just what it is that they need to do in security and why, they make better decisions in line with their security values, and that leads to better overall security resilience.
It doesn’t matter how many people you have; it matters whether you have any of them available in reserve to respond to events. Organizations with a flexible pool of talent internally (or on standby externally) show anywhere from 11% to 15% improvement in resilience. Which makes sense, as a fully leveraged team will be strained if they have to work even harder to take on an incident.
Because so many organizations around the world are looking to the NIST Cybersecurity Framework as a guidepost for cybersecurity practices, we also analyzed which NIST CSF capabilities correlated most strongly with our list of resilience outcomes. For example, our survey respondents that do a great job tracking key systems and data are almost 11% more likely to excel at containing the spread and scope of security incidents. From one angle, this seems like an obvious result, hardly worth mentioning. On the other hand, it’s worth presenting to your management some data that shows that investing in asset inventory solutions really does have long-range effects on your ability to stop an intrusion.
And there’s much more. The report identifies—and then explores—seven success factors that, if achieved, boost our measure of overall security resilience from the bottom 10th percentile to the top 10th percentile. These include establishing a security culture and properly resourcing response teams, among others.
I hope this introductory blog—the first in a series exploring this latest report—whets your appetite to read the report itself. And remember, we are always aiming to reveal the next undiscovered insight that leads to better security outcomes. Please share your feedback and research requests with us in the comments below, or talk to us at the next security conference.
For more insights like what you’ve seen in today’s blog take a look at the Security Outcomes Report, Volume 3: Achieving Security Resilience.
Explore more data-backed cybersecurity research and other blogs on security resilience:
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Ampol has been Australia’s leading transport fuel company since 1900. What began over 125 years ago is now an organization that powers a country, operating 1,500 retail stores and stations across ANZ, plus 89 depots for refining and importing fuels and lubricants, and 8,200 employees throughout Australia, New Zealand, the United States, and Singapore. And while Ampol’s history goes back a century, they are a modern organization, using internet of things (IoT) technology across operational and retail locations, with sensors on everything from electric vehicle charging units to fuel tank gauges to transportation trucks to refrigeration units inside retail stores.
As a critical energy provider to a country of over 25 million people, Ampol’s security needed to match its evolving infrastructure. As Satish Chowdhary, Network Enterprise Architect, said, “At Ampol, we have implemented sensor technology across our network: from gauges in the fuel tanks to monitor fuel quality and quantity to sensors that monitor the temperature in various refrigerators across our retail sites to ensure goods stay chilled. It’s critical to manage these devices effectively and securely, and that’s where Cisco comes in…With IoT, a major security risk is posed by dodgy legacy devices left unpatched and vulnerable within your network. Cisco’s TrustSec and VLAN segregation automatically isolate vulnerable devices, not exposing the rest of the network to risks from untrusted devices.”
In addition to securing the IoT that let’s Ampol monitor and manage its critical operations, Cisco was able to create a comprehensive security environment that solved for their three strategic goals.
“Three key components of our cyber-resilient strategy were isolation, orchestration, and rapid recovery. Cisco SecureX nailed all three providing us a single interface to see all security events, and malicious files, thus expediting how fast we can isolate events and recover,” Chowdhary explained. “Before using Cisco Secure, security was a hindrance, not an enabler for our IT team, employees, and even customers,” he added.
In fact, Cisco Secure helped Ampol improve their security posture so much that they were able to quickly pivot during the early days of the pandemic.
“When Covid triggered supply challenges during lockdowns, people not being able to access groceries turned to their local service station convenience stores to get what they needed. For Ampol, maintaining that supply continuity was critical, not just for our business, but for the customers who were relying on us to get their supplies. And all of this was done when many employees were now having to work remotely… This was possible only because we could maintain our revamped locations, staff, clients, and business partners safe on our network – while still maintaining speed and efficiency. Cisco Secure was the ticket to Ampol’s resilience in the face of major change,” Chowdhary said.
In addition to enabling flexibility against supply chain fluctuations, Ampol is readily protected against threats, cyberattacks, and other vulnerabilities. Their Cisco security solution included:
“The major force for our Cisco Secure investment was simplification by integrating the entire Security portfolio…If we ever happen to have a cyber-attack, we can quickly find it and contain it,” Chowdhary said, adding, “The greatest outcome of using Cisco Secure is simplicity at its core. We achieved great efficiency integration, better visibility, and context that’s not hidden across five, ten, or fifteen consoles, and ultimately, greater security outcomes.”
To find out how else Cisco Secure is helping protect Ampol against sophisticated threats and other challenges, read the full Ampol case study.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
After a three-year hiatus, Cisco Live 2022 Melbourne is back! Personally, it will be a special experience, attending with my team and leaders for the first time as the Asia Pacific Cybersecurity Lead.
I will be speaking on the “Top Priorities for IT and Security Leaders in 2023” on 7 December at the Cisco Secure Insights Live, covering key priorities for security leaders as we enter the new year. Please join me at the Security Experience Hub at the World of Solutions. You can also participate virtually.
Today’s businesses require a strong culture of security and resilience that is pervasive throughout the organization to withstand uncertainty and emerge stronger. Hear from our Cisco security leaders on powering resilience across the enterprise in the following presentations:
Dive into 80+ security sessions by experts to uncover best practices to address key challenges, and maximize your technology investments.
Explore the Security Experience Hub and Demo Stand at the World of Solutions Zone for exciting security activities:
For those joining us online, we have the Cisco Secure Insights Live broadcast on all things security, and Cisco Live broadcast covering keynote presentations by industry leaders.
I’m excited for you to see how we can help you achieve security resilience and look forward to meeting you at Cisco Live 2022 Melbourne. I’m ALL IN, are you?
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Throughout my career, I have noticed the way we “futurize” technology. Often, we are thinking of technology in five-to-ten-year increments. But the fact of the matter is – technology is moving faster than we can keep up. The minute we think we understand it, it’s already onto something new. That’s why here at Cisco, we’re focused on what’s NEXT. We all know technology will continue to grow at a rapid pace, our goal is to remain at the forefront of these changes.
After much anticipation, it’s finally here! I am excited to present the first episode of “NEXT” by Cisco Secure! “NEXT” is a video series illuminating simple conversations about complex topics. Our mission is twofold: First, we want to humanize cybersecurity. Second, we want to build a bridge between Cisco Secure and the ideas of the future.
CTO of Cisco Secure, TK Keanini and I sit down with Michael Ebel, CEO of Atmosfy. If you saw our preview, then you know Atmosfy is on a mission to help inspire others and support local restaurants through live videos.
Want to learn what’s NEXT for Michael Ebel and Atmosfy? Check out our episode!
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
When you think about the most resilient creatures in the animal kingdom, what comes to mind?
Perhaps the camel, which can survive for 6 months with no food or water. Or maybe it’s the honey badger, which tends to drink snake venom like cranberry juice.
Or how about the immortal jellyfish? This is one of the most fascinating (and oldest) creatures on Planet Earth. Not only are they immortal, but they also live their lives in Benjamin Button-esque fashion. Turritopsis nutricula jellyfish live to the age of 50 and think, “Well that was fun, but what if I did all of that again in reverse?” When they get back to the beginning, they age forwards again…kind of like the David Fincher film playing on an endless loop, which, I must be honest, felt rather reminiscent of my watching experience.
Those are all fine contenders. But I think the award for the most resilient animal goes to the Tardigrade.
A Tardigrade is a water creature – it needs water to survive. But if there’s a shortage – say, they made their home in a lovely bunch of moss which has unfortunately dried out, they have a plan B.
A Tardigrade will curl up, slow down their metabolism by a factor of 10,000, and can go without a drop of water for decades. Then, when conditions are better, they reboot, rehydrate, and carry on as if nothing has happened. Take that, evolution.
That’s not all. They can also survive temperatures of up to 150 degrees centigrade, without so much as a flinch. How about colder temperatures? Snow problem. (Sorry.) Turn the temperature down to minus 272 centigrade (pretty much Sub Zero), and you’ll defeat the atom, but you won’t make a mark on the Tardigrade.
This one is my favorite: They can survive space travel. In 2008 European scientists sent a colony of 3,000 tardigrades into low grade orbit for 10 days. The majority were able to withstand both cosmic radiation, and the power of the Sun’s UV light.
I guess one question you might ask is, “Why?” Why does a tardigrade need such a robust defense strategy when it’s only a millimetre in size and looks like a cuddly bear under a microscope?
It comes down to adaptation. Tardigrades are water creatures who needed to adapt to occasional droughts. Sure, they may have overshot it a little by including the potential for space travel too. But, they addressed their main threat, and set a more positive course for the future. I think that’s a nice sum up of what being resilient means.
Which brings me to my main reason for this post. I’d like to talk about security resilience, and how it can be the baseline for plotting a stronger future for your organization.
I believe, as with most things, that security resilience starts with people – looking after them, giving them what they need to flourish, and in most cases, getting out of their way.
That all sounds basic. However, the scale of what our people and security teams need to protect within the enterprise and the internet as a whole, keeps getting bigger. Not everything’s in the data center, and not everything’s in the cloud. Addressing the core challenges, and adapting as needed, is central to a security resilience strategy.
This involves moving away from a siloed security policy that is only focused on threat prevention and treats all alerts and threats equally. Not only is this way inefficient – it wears defenders out. We can’t prevent everything, so we must prevent what will affect us most from a security standpoint, while increasing detection and response for anything else that may come our way.
That’s where a detection, response and recovery strategy comes into play. This strategy is underpinned by risk-based contextual analysis (i.e., “Exactly how concerned do we need to be with this new vulnerability?”) and continuous trust assessments.
For your people running daily analysis, this is crucial to help them move from the overwhelming environments that often stem from alert fatigue. Dealing with the latest headline threats is reactive, exhaustive, and is a large component as to why burnout is so prevalent in security. Context-centric security is a key factor to moving away from this.
We explore this concept and more, in our new e-book: Adapt and Overcome: Your guide to building security resilience with Cisco Secure.
In this e-book, we identify the key steps to implementing security resilience. We help you to find the priorities, so you can drive resilience faster, and more efficiently. You will also be able to see this in action, in our case study with the NFL (National Football League).
Later on, we get into some specifics about how Cisco can help you build security resilience across four key areas: risk reduction, visibility, mitigating insider threats, and what to do with actionable intelligence.
Plus, we share some security resilience success principles from other organizations around the world.
Please check out the e-book when you have a moment. I hope the stories, videos and words have meaning for you, and can help your organization as it prepares to meet its current challenges and opportunities.
And finally, remember that with the right security partner, your organization can adapt to change with speed and precision, making informed decisions with the right context at the right time.
Learn more about how Cisco Secure can help you build your resilience strategy.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
It’s Partner Summit week and, for me, it’s an important reminder that no one company, not even Cisco, can do it alone. Our partners provide diverse perspectives, expertise, and solutions offerings. Each partner plays a key part in delivering the outcomes and experiences our customers need, want, and expect. So, when we say, “Let’s Own It”, it’s a rally cry for Cisco and our partners alike to do our parts to seize the massive opportunity that we have in front of us and turn it into mutual success.
Together, I know we can achieve amazing things. Foremost on my mind right now is both the opportunity and necessity to empower customers with security resilience. Resilience means customers can protect the integrity of every aspect of their business so that they can withstand unpredictable threats or changes and emerge stronger. It’s about providing controlled, trusted access to applications and services, at any time, from any place.
Resilience can also help customers deal with issues the moment they arise. If changes are needed, they will have the visibility to determine priorities, thanks to actionable intelligence and insight in the face of some major security realities that they are dealing with every day.
One, businesses are more interconnected, meaning that a breach on anyone in the value chain has dramatic ripple effects on the others.
Two, security attacks are becoming more personalized. Individuals remain one of the easiest targets for cybercriminals and their attacks are becoming more sophisticated and customized for the individual.
Three, hybrid work is here to stay. People around the world will continue to work from anywhere, on managed and unmanaged devices, over secured and unsecured networks, to applications spread across multiple clouds and data centers.
Our vision for enabling a more resilient organization is the Cisco Security Cloud. It’s an open, integrated security platform that will protect the integrity of entire IT ecosystems by safeguarding users, devices and applications across public clouds and private data centers, without public cloud lock-in. Delivering on the Security Cloud is part of our long-term product strategy; but the innovations we are announcing at Partner Summit this week are foundational elements that execute on this vision.
Specifically, we are announcing new solutions and technologies across our portfolio in Secure Connectivity, Network Security, and Zero Trust. I encourage all partners to drill down on each announcement in the accompanying blogs and news announcements. But here are the highlights of the announcements.
Helping increase resistance to phishing attacks and improve user experience through frictionless access using Duo Passwordless, which is now generally available with support for Duo Mobile as a passwordless authenticator.
Expanding the Cisco Secure Firewall 3100 series, the first firewall purpose-built for hybrid work, with the Secure Firewall 3105, ideal for branch office and similar use cases focused on performance at a competitive price point.
Strengthening Umbrella’s data loss prevention (DLP) capabilities by adding API-based enforcement and unified reporting to protect sensitive data, e.g., intellectual property and financial and healthcare information. This complements Umbrella’s current inline-DLP functionality and collectively forms multi-mode DLP.
New Secure Workload capabilities delivering policy-as-code workload security for cloud-native and public-cloud application development. Common use cases for policy-as-code include access control to infrastructure and simplifying enterprise compliance and controls.
Our strategy and our innovation roadmap are all designed to set you up, our partners, for long-term success. In addition, we are committed to several partner enablement programs to help you deliver more value to customers and to help you become more profitable. Examples include:
Partner Summit is for you. So, my call-to-action is for you to maximize the value you get out of this week by attending as many of the informative, high-impact security sessions many teams worked hard to create. I am really looking forward to meeting as many of you as possible – on the expo floor, at the sessions, or in our 1-on-1 meetings.
Security has never been more critical and the need for resiliency is a requirement for virtually every business. The time for us to own it and innovate to win this future together has never been better.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
When people think of cybersecurity, they think it is all about constant, in-the-moment, reactive execution. That is true in many regards, however, there is more to cybersecurity than that. There is also a strategic side; that progressive, long-term vision to anticipate the unknown, convert fear into motivation, and prepare for future threats.
As the Chief Operations Officer of Sara Assicurazioni, Luigi Vassallo has a philosophy that he lives by to keep his motivation strong. “The most important thing is not being the best one in a race, but the best version of yourself.” To put that into sharper perspective, Sara Assicurazioni is the largest insurance company in Italy with agency offices spread over 1500 points of sale.
Part of Luigi’s credo is realized through his training as a kickboxer. The challenges of getting into a boxing ring, and not knowing where the opponent may direct the next combination of blows is very similar to the uncertainties of cybersecurity. You have a choice, either to cower in fear, or to take a proactive stance, preventing the opponent from ever gaining the opportunity to attack. This requires confidence and control.
Sara Assicurazioni partnered with Cisco Secure to transform their entire security infrastructure. Luigi states, “Thanks to Cisco, when I explain where we are to our stakeholders and board members, I can reassure them that we are in control.” However, like any good athlete, he doesn’t boast too broadly, adding “you need to be extremely safe and modest.” Some of the benefits that have been realized through adopting the Cisco Secure portfolio include:
One important aspect of a good strategy, whether you are an elite athlete or not, is to see the long-term effects of each maneuver. The vision Luigi had for Sara Assicurazioni was to become a “cloud first” organization. This required careful planning, and most importantly, a firm foundation of trust that this direction was the right one for the organization and its stakeholders. “We are now a full digital company completely based on cloud infrastructure, and we have a lot of new digital services applications, and artificial intelligence.”
Another part of any good strategy is understanding the importance of having a good team working with you. An audience may see the lone boxer in the ring, but there are so many others involved with that person’s success. Luigi credits his colleagues – from the IT and SecOps teams, all the way up to senior management – with the achievements of making Sara Assicurazioni as secure as possible. Luigi also adds more power to his punch by being a Cisco Insider Advocate, which enables him to channel his energy to inspire others. He is also candidly self-aware of his part in the full security strategy. “I am not an elite athlete, but I like to win, and I like having Cisco on my team.”
To find out more about Luigi’s journey, his challenges, and triumphs, tune into his customer story here.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Just a few years ago when the topic of supporting offsite workers arose, some of the key conversation topics were related to purchase, logistics, deployment, maintenance and similar issues. The discussions back then were more like “special cases” vs. today’s environment where supporting workers offsite (now known as the hybrid workforce) has become a critical mainstream topic.
Now with the bulk of many organization’s workers off-premise, the topic of security and the ability of a security vendor to help support an organization’s hybrid workers has risen to the top of the selection criteria. In a soon to be released Cisco endpoint survey, it’s not surprising that the ability of a security vendor to make supporting the hybrid workforce easier and more efficient was the key motivating factor when organizations choose security solutions.
Today, when prospects and existing customers look at Cisco’s ability to support hybrid workers with our advanced security solution set and open platform, it’s quite clear that we can deliver on that promise. But, yes, good tools make it easier and more efficient, but the reality is that running a SOC or any security group, large or small, still takes a lot of work. Most organizations not only rely on advanced security tools but utilize a set of best practices to provide clarity of roles, efficiency of operation, and for the more prepared, have tested these best practices to prove to themselves that they are prepared for what’s next.
Knowing that not all organizations have this degree of security maturity and preparedness, we gathered a couple of subject matter experts together to discuss 5 areas of time-tested best practices that, besides the advanced tools offered by Cisco and others, can help your SOC (or small security team) yield actionable insights and guide you faster, and with more confidence, toward the outcomes you want.
In this webinar you will hear practical advice from Cisco technical marketing and a representative from our award winning Talos Threat Intelligence group, the same group who have created and are maintaining breach defense in partnership with Fortune 500 Security Operating Centers (SOC) around the globe.
You can expect to hear our 5 Best Practices recommendations on the following topics;
Check out our webinar to find out how you can become more security resilient and be better prepared for what’s next.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
card-fan-1200
The concept of zero trust is not a new one, and some may even argue that the term is overused. In reality, however, its criticality is growing with each passing day. Why? Because many of today’s attacks begin with the user. According to Verizon’s Data Breach Investigations Report, 82% of breaches involve the human element — whether it’s stolen credentials, phishing, misuse or error.
Additionally, today’s businesses are hyper-connected, meaning that — in addition to your employees — customers, partners and suppliers are all part of your ecosystem. Couple that with hybrid work, IoT, the move to the cloud, and more emboldened attackers, and organizational risk increases exponentially.
Adopting a zero trust model can dramatically reduce this risk by eliminating implicit trust. It has become so crucial, in fact, that several governments including the U.S., UK and Australia have released mandates and guidance for how organizations should deploy zero trust to improve national security.
However, because zero trust is more of a concept than a technology, and so many vendors use the term, organizations struggle with the best way to implement it. At Cisco, we believe you should take a holistic approach to zero trust, starting with what you have and adding on as you identify gaps in your defenses. And while layers of protection are necessary for powerful security, so is ease of use.
Zero trust plays a major role in building security resilience, or the ability to withstand unpredictable threats or changes and emerge stronger. Through zero trust, the identity and security posture of users, devices and applications are continuously checked and verified to prevent network intrusions — and to also limit impact if an unauthorized entity does gain access.
Organizations with high zero trust maturity are twice as likely to achieve business resilience.
– Cisco’s Guide to Zero Trust Maturity
Eliminating trust, however, doesn’t really conjure up images of user-friendly technology. No matter how necessary they are for the business, employees are unlikely to embrace security measures that make their jobs more cumbersome and time-consuming. Instead, they want fast, consistent access to any application no matter where they are or which device they are using.
That’s why Cisco is taking a different approach to zero trust — one that removes friction for the user. For example, with Cisco Secure Access by Duo, organizations can provide those connecting to their network with several quick, easy authentication options. This way, they can put in place multi-factor authentication (MFA) that frustrates attackers, not users.
Cisco Secure Access by Duo is a key pillar of zero trust security, providing industry-leading features for secure access, authentication and device monitoring. Duo is customizable, straightforward to use, and simple to set up. It enables the use of modern authentication methods including biometrics, passwordless and single sign-on (SSO) to help organizations advance zero trust without sacrificing user experience. Duo also provides the flexibility organizations need to enable secure remote access with or without a VPN connection.
During Cisco’s own roll-out of Duo to over 100,000 people, less than 1% of users contacted the help desk for assistance. On an annual basis, Duo is saving Cisco $3.4 million in employee productivity and $500,000 in IT help desk support costs. Furthermore, 86,000 potential compromises are averted by Duo each month.
La-Z-Boy, one of the world’s leading residential furniture producers, also wanted to defend its employees against cybersecurity breaches through MFA and zero trust. It needed a data security solution that worked agnostically, could grow with the company, and that was easy to roll out and implement.
“When COVID first hit and people were sent home to work remotely, we started seeing more hacking activity…” said Craig Vincent, director of IT infrastructure and operations at La-Z-Boy. “We were looking for opportunities to secure our environment with a second factor…. We knew that even post-pandemic we would need a hybrid solution.”
“It was very quick and easy to see where Duo fit into our environment quite well, and worked with any application or legacy app, while deploying quickly.” – Craig Vincent, Director of IT Infrastructure and Operations, La-Z-Boy
Today, Duo helps La-Z-Boy maintain a zero trust framework, stay compliant, and get clear visibility into what is connecting to its network and VPN. Zero trust helps La-Z-Boy secure its organization against threats such as phishing, stolen credentials and out-of-date devices that may be vulnerable to known exploits and malware.
As mentioned, zero trust is a framework, not a single product or technology. For zero trust to be truly effective, it must do four things:
Many technology companies may offer a single component of zero trust, or one aspect of protection, but Cisco’s robust networking and security expertise enables us to provide a holistic zero trust solution. Not only can we support all the steps above, but we can do so across your whole IT ecosystem.
Modern organizations are operating multi-environment ecosystems that include a mix of on-premises and cloud technologies from various vendors. Zero trust solutions should be able to protect across all this infrastructure, no matter which providers are in use. Protections should also extend from the network and cloud to users, devices, applications and data. With Cisco’s extensive security portfolio, operating on multiple clouds and platforms, zero trust controls can be embedded at every layer.
Depending on where you are in your security journey, embedding zero trust at every layer of your infrastructure may sound like a lofty endeavor. That’s why we meet customers where they are on their path to zero trust. Whether your first priority is to meet regulatory requirements, secure hybrid work, protect the cloud, or something else, we have the expertise to help you get started. We provide clear guidance and technologies for zero trust security mapped to established frameworks from organizations like CISA and NIST.
Much of our Cisco Secure portfolio can be used to build a successful zero trust framework, but some examples of what we offer include:
All of our technologies and services are backed by the unparalleled intelligence of Cisco Talos — so you always have up-to-date protection as you build your zero trust architecture. Additionally, our open, integrated security platform — Cisco SecureX — makes it simple to expand and scale your security controls, knowing they will work with your other technologies for more unified defenses.
As Italy’s leading insurance company, Sara Assicurazioni requires complete visibility into its extended network, including a multi-cloud architecture and hybrid workforce. The company has adopted a comprehensive zero trust strategy through Cisco Secure.
“Our decentralized users, endpoints, and cloud-based servers and workloads contribute to a large attack surface,” says Paolo Perrucci, director of information and communications technology architectures and operations at Sara Assicurazioni. “With Cisco, we have the right level of visibility on this surface.”
“The main reason we chose Cisco is that only Cisco can offer a global security solution rather than covering one specific point…. Thanks to Cisco Secure, I’m quite confident that our security posture is now many times better because we are leveraging more scalable, state-of-the-art security solutions.” – Luigi Vassallo, COO & CTO, Sara Assicurazioni
To learn more, explore our zero trust page and sign up for one of our free zero trust workshops.
Watch video: How Cisco implemented zero trust in just five months
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Technology has typically had a reputation for being exciting and inventive. Unfortunately, this hasn’t always been the case for security. But times have changed. We are now recognizing the crucial role security plays in any groundbreaking technology. Without strong defenses, even the most visionary app is likely to crash and burn. So it’s imperative that big security players like Cisco stay on top of what’s next.
I am thrilled to announce that in November, we will be launching our new video series, “NEXT” by Cisco Secure. In the series, my esteemed co-host TK Keanini and I will interview some of the brightest new minds in tech to find out more about the future of the industry and how we can best secure it. Watch the series preview below!
As the CTO of Cisco Secure, TK has over 25 years of networking and security expertise, as well as a penchant for driving technical innovation. As for me, I’m a cybersecurity specialist of 10 years with an obsession for communication and empathy. Together, TK and I will bring new cyber pioneers to the forefront and highlight the criticality of digital protection and privacy for everyone.
Whether we’re discussing Web3, the metaverse, or next-generation healthcare, we’ll learn and laugh a lot. Through simple conversations about complex topics, we’re building a bridge between leading-edge tech and how Cisco is helping to safeguard what’s on the horizon.
And what better time to preview this series than during Cybersecurity Awareness Month? A time when we focus on the reality that security belongs to everyone — not just the threat hunter, or the product engineer, or the incident responder — but everyone.
We all have a responsibility to protect the world’s data and infrastructure, and should all have a seat at the table for important security conversations. We hope you’ll join us as we dive into what’s making waves out there, and how we can keep it safe.
Follow our Cisco Secure social channels to catch our first episode in November, when we will speak with Michael Ebel, CEO of Atmosfy. Atmosfy is revolutionizing restaurant reviews by incorporating engaging live video that inspires others and supports local businesses. TK and I will chat with Michael about the origin of Atmosfy, and how the company keeps its content authentic and organization resilient.
In the meantime, explore our other Cybersecurity Awareness Month resources.
Who do you want to hear from next? Tell us your ideas for future guests in the comments.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels