How Did Cisco Save Me from Cyber Security Nightmares?
I am Mr. Secure and run a business company. I used to feel secure due to having the basic security for data, network, and devices of my infrastructure. I believed that --
"No one will be interested in attacking on our data, network, and devices. So I need not to not worry about the security much and -- Why to waste a lot of money on securing all these? I am making money. My team is performing fantastically. My business growing."
"…. Why to make fuss about security? After all I have so many other more important things to do."
One fine day recently…. I, my team, and all the clients were not able to access our company website. We soon found that our network was breached, and our website had been hacked. All the important & confidential data of the company, website, and its users was in the hands of attackers (read, Hackers). This turned out to be a classic case of ransom, as they now wanted me to pay them _____ a certain amount of money, I was communicated that they, otherwise, would reveal or sell the data to my competitors. This left me with no choice, but to pay the money to attackers. So I had to pay the money to them and then I was granted back access to my own website & data.
But I was left wandering and worried about my business, users, information and other IT assets. I could no longer feel secure, in fact, I was apprehensive to realize that--
Yes, this can happen again! ... Any time!!
That night when I was sleeping, the Hacker GOD, appears in my dream. He started laughing loudly at me.
"Do you still think -- your business is really safe?," and he said, "Thank you, for paying the money. I now will be able to recruit more hackers in my team".
"The HACKING industry is growing very very rapidly. We now have highly professional attackers, and with the generous contributions of people like you…", he tells me, "We are hiring more hackers for The Attackers Army."
"No business is really safe," he said, "See! Here is success of one attack, named Angler. How much did money it generated for us, of course from ransom? Angler is still earning money for us."
"We use highly advanced technologies, malware, professional attackers and other resources for attacking at our targets and we, indeed, can damage them severely."
"It is just like a trailer of the complete film," Hacker GOD says, "We will meet you again soon. Good Luck till then!"
I was gasping for my breath and it was the sound of alarm which came to rescue me. Thank God! It was a dream only. But I knew for sure that I need to do something, before this dream turns out to be a real-life business-nightmare again.
I knew any day, anytime this can happen again. I was terrified by the dream. Then I decided to build a proper security for my business and made it my first priority. Immediately, I started out searching for IT Security experts, and one of my friend recommended me about Cisco.
It prompted me to research about Cisco and its IT security offerings. Soon, I could gather the following data or facts about Cisco security.
My research made me progressively convinced of Cisco, as the leader among integrated IT Security systems.
I was compelled enough to contact and invite the Cisco Security Team to discuss about our security requirements.
Soon, one Mr. John, a Cisco Security Expert visited my office with his team.
"Hello, Mr. John! I need your help to secure our company data, network, and devices," I told them.
I also explained them about what had actually transpired with us lately.
Mr. John assured me that I need not worry much any longer. He also reinforced a point that hackers and cyber criminals, etc. have become much more organized than ever and are generating more sophisticated attacks. Our legacy technologies, devices and methods are not sufficient for defending against these attacks.
Security is not optional, it's a requirement.
He enlightened me about why Cisco's integrated security solutions and services are so robust.
The following key market trends are heavily contributing to the IT security paradigm of today:
- The whole world has gone mobile. It is expected that during 2013-2019, there will be 10x growth in mobile traffic.
- There is ubiquitous access to Apps for mobile devices -- be it smartphones, tabs, laptops, etc. It is predicted that we will see 200 billion downloads of these apps in 2016.
- There is huge rise of cloud computing and that is forcing companies to change their business models, architectures and service delivery.
- Because of major developments in the field of IoT, there is massive increase in number of connected devices. It effectively means that a huge number of people are connected together, huge number of processes are connected together, unbelievably large quantum of data is being generated and shared, and of course, things (e.g. car, TV, watch, camera, and all short of devices).
All these market trends coupled with following dynamics of IT landscape are causing the actual security problems we are facing:
- Changing Business Models
- Dynamic Threat Landscape
- Complexity and Fragmentation of IT solutions
All these factors are strong indicators of unprecedented growth in IT Security market:
- Total Security market is projected to grow at the CAGR of 8.4% during the period 2015-2018, making it reaching at $95 Billion.
- Total Security Product market is projected to grow at the CAGR of 6.4% during the period 2015-2018, making it reaching at $32 Billion.
- Total Security Service market is projected to grow at the CAGR of 9.6% during the period 2015-2018, making it reaching at $63 Billion.
Mr. John further explained me --
Cisco believes that all above mentioned security challenges coupled with the fact that companies essentially need to maintain their operational focus, while dealing with severe shortage of talent among their IT personnel, would require much improved outcomes from their IT security infrastructure. Cisco points out that the security solutions have to embed the following key features in their offerings:
- It must be visibility-driven.
- It must be threat-centric.
- It must be platform-based.
- It must provide advisory services, along with integration services.
- It must also provide the option of managed IT Security services.
Global Threat Intelligence
Considering all these requirements, Cisco has taken it Threat Intelligence Systems to unprecedented length-n-breadths, which is now based upon world-wide collective security intelligence pool, via cloud. This system is now not only doing threat-intelligence around the clock (24x7), but it also doing threat-research and generating response to all identified threats.
The collective security intelligence is not only using the Cisco's proprietary intelligence databases, it is also including world's other well-known community threat databases. Over 100 TB data of security intelligence which is emanating from more than 1.6 million deployed security devices, is being assessed, analyzed, researched DAILY.
To facilitate this level of execution, Cisco has built SOCs, Security Operations Centers, worldwide which are doing real-time analyses and providing Predictive analytics. Currently, they are operational at 5-locations: Austin (USA), Raleigh (USA), Dubai, Krakow and Sydney. These SOCs are not only doing Incident Response Analysis, they are also escalating newly identified incidents worldwide, they are also doing remediation and making recommendations.
Mr. John also made a point of mentioning that CISCO has been a continuous & close observer of key innovations taking place in IT Security technologies, as it made numerous attempts to achieve cohesion and organic growth of innovation in technology.
- Cisco acquired IronPort in January 2007. IronPort email and web security gateway and management products, currently referred to as Cisco Email Security and Cisco Web Security, have now become an integral part of the Cisco Security vision and strategy.
- Cisco acquired Reactivity in Feburary 2007. Reactivity had been a leading XML (eXtensible Markup Language) gateway provider for organizations ranging from commercial enterprises to the Global 500. The acquisition demonstrated Cisco's commitment to the expanding Application Networking Services (ANS) Advanced Technology segment, which is an important part of Cisco's Service-Oriented Network Architecture (SONA) strategy and vision.
- Cisco acquired ScanSafe in October 2009. ScanSafe has been a market leader of software-as-a-service (SaaS) Web security solutions for organizations ranging from global enterprises to small businesses. By acquiring ScanSafe, Cisco built on its muscles of leading on-premise content security. However, the service is named as Cisco Cloud Web Security, now.
- Cisco acquired Meraki in November 2012. Meraki is a leader in cloud networking, offering midmarket customers easy-to-deploy on-premise networking solutions that can be centrally managed from the cloud. The acquisition of Meraki complements and expands Cisco's strategy to offer more software-centric solutions to simplify network management, help customers empower mobile workforces, and generate new revenue opportunities for partners.
- Cisco acquired Cognitive Security in Feburary 2013. Cognitive Security is focused on applying artificial intelligence techniques to detect advanced cyber threats. Their solution integrated a range of sophisticated technologies to identify and analyze key threats, both external and internal to a customer through advanced behavioral analysis of real-time data.
- Cisco acquired SOURCEFire in July 2013. It allowed Cisco to provide one of the industry's most comprehensive advanced threat protection portfolios. Cisco and Sourcefire has combined their world-class products, technologies and research teams to provide continuous and pervasive advanced threat protection across the entire attack continuum - before, during and after an attack - and from any device to any cloud.
- Cisco acquired THREATGrid in May 2014. ThreatGRID offers dynamic malware analysis and threat intelligence technology, both on-premise and in the cloud. This allowed Cisco to provide private and public cloud-based technology that combines dynamic malware analysis with analytics and actionable indicators to enable security teams to proactively defend against and to quickly respond to advanced cyber-attacks and malware outbreaks.
- Cisco acquired Neophasis in December 2014. Neohapsis had been a security advisory company providing services to address customers' evolving information security, risk management, and compliance challenges. Making Cisco to provide risk management, compliance, cloud, application, mobile, and infrastructure security solutions to Fortune 500 customers. Together, Cisco and its partner ecosystem delivers comprehensive services to help customers build the security capabilities required to remain secure and competitive in today's markets.
- Cisco Cisco CCNA Cyber Ops in 2015 as a response to grave shortage of Cybersecurity Analysts worldwide. You can find out about this scholarship offer more at launched a new associate level program Cisco CCNA Cyber Ops Scholarship: The Ins and Outs!
The most interesting part of Mr. John's presentation to me was yet to follow.
He explained to me that all of Cisco's security products & services make 3-most powerful distinctions of:
What is Managed Threat Defense (MTD)?
Managed Threat Defense rapidly detects and responds to security events which are collected by the expert-staffed at security operations centers (SOCs). They gather these security events by analyzing the network traffic, evaluating security telemetry and also use global intelligence. MTD facilitates managed services which provide threat detection, confirmation, mitigation and remediation.
Additionally, Managed Threat Defense does the following:
- Protects against unknown attacks, not seen by anti-virus, by capturing real-time streaming telemetry.
- Leverages Hadoop 2.0 to apply predictive analytics to detect anomalous patterns against each customer’s unique network profile and determine suspicious behavior.
- Identifies known attacks and vulnerabilities using pattern analysis and investigation against both Cisco-proprietary and community threat intelligence data.
- Provides incident tracking and reporting via a subscription-based business model. This approach can lower operational costs and utilizes Cisco’s continued investment in security technology, processes, and talent.
- Includes innovative Cisco security technology such as Cisco Advanced Malware Protection (AMP) to detect malware and eliminate unnecessary alerts, Sourcefire FirePOWER for threat detection, and Cisco Cloud Web Security for email and web filtering.
THREAT-GRID is everywhere
Threat-Grid is essential corner-stone of MTD.
It's still the small picture of the big concept. I want to tell you that how Cisco is doing this.
With the collective effort of Cisco Security Solutions and other Non-Cisco Security Solutions, Threat-Grid provides us a robust Security solution against today's advanced attacks.
Next-Generation Firewalls (ASA) with FirePOWER Services
New series of Adaptive Security Appliance delivers an integrated threat defense for protection across the entire attack continuum— before, during, and after an attack.
Cisco's NextGen firewalls are providing the following advantages to the end-users:
- Superior multi-layered threat protection from both known and unknown threats, including targeted and persistent malware attacks.
- Advanced Malware Protection (AMP) that provides industry-leading breach detection effectiveness, a low TCO, and superior protection value. It uses big data to detect, understand, and block advanced malware outbreaks. AMP provides the visibility and control needed to stop threats missed by other security layers.
- A next-generation intrusion prevention system (NGIPS) that provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multi-vector threats and automate defense response.
- Granular Application Visibility and Control (AVC) that optimizes security effectiveness with 3000 application-layer and risk-based controls that can invoke tailored IPS threat detection policies.
- VPN capability robust enough to deliver not only traditional site-to-site and remote access VPN capabilities, but also strong VPN capabilities for mobile devices, including the option for split-tunneling of critical enterprise apps but not user apps for personal needs.
In a nutshell, Cisco ASA with FirePOWER Services provides the unprecedented Network Visibility:
The Advanced Malware Protection (AMP) provides greater visibility and control to defeat advanced attacks. You get global threat intelligence, advanced sandboxing, and real-time malware blocking to prevent breaches with Cisco Advanced Malware Protection (AMP). But because you can’t rely on prevention alone, AMP also continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remove advanced malware.
I was completely sold out by now. Cisco could provide me the strongest security solutions to my all possible security concerns of today. These were so robust to even take care of all likely attacks of future too.
Friends, Information Security is not an option, it is requirement.
Wakeup! Now is the time before it is late.
You are welcome to share with us --
What do you think about CISCO security as presented in this article?
This article is written & published by Ms. Meena, Senior Manager - IT, at Luminis Consulting Services Pvt Ltd, India. She can be reached at Email: and/or Linkedin: https://www.linkedin.com/in/meena1