Cisco is honored to be this year’s winner of the Best Next Generation Firewall Award in the SE Labs 2023 Annual Report. This industry recognition validates Cisco’s continuous push towards harmonizing network, workload, and application security across hybrid and multicloud environments. I’m incredibly proud of the Cisco Secure Firewall team and am thankful for our amazing … [Read more...] about SE Labs 2023 Annual Security Report Names Cisco as Best Next Generation Firewall
security
The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience
“Where do we start?” This is the question every CISO asks about every new program. In fact, I ask and answer that question many times a month. There’s a reason for this, of course. A strong start to any project builds momentum, reassures stakeholders, and sets the stage for what’s to come. Security resilience initiatives are no different. Security resilience is the ability to … [Read more...] about The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience
Cisco secures IoT, keeping security closer to networking
The use of unmanaged and IoT devices in enterprises is growing exponentially, and will account for 55.7 billion connected devices by the end of 2025. A critical concern is deploying IoT devices without requisite security controls. While these numbers are numbing, their reality is undeniable. 90% of customers believe digitization has accelerated the importance placed … [Read more...] about Cisco secures IoT, keeping security closer to networking
10 Surprises of Remote Work from Security Engineers
For Cisco engineers working on Duo, having a remote-first workplace has helped them reach life goals, connect with colleagues around the world, and be intentional communicators. We understand that working remotely can be an adjustment — that’s why we’ve compiled the 10 parts of remote work that surprised our team members most and their advice for navigating the nuances. If … [Read more...] about 10 Surprises of Remote Work from Security Engineers
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
Jan 31, 2023Ravie LakshmananData Security / Vulnerability Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 and QuTS … [Read more...] about QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
Jan 28, 2023Ravie LakshmananServer Security / DNS The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause … [Read more...] about ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information
Jan 19, 2023Ravie LakshmananEmail Security / Security Breach Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled threat actors to access an internal support and account admin tool to obtain information about 133 customers. "The unauthorized actor conducted a social engineering attack on Mailchimp employees and … [Read more...] about Mailchimp Suffers Another Security Breach Compromising Some Customers’ Information
Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident
Jan 14, 2023Ravie LakshmananDevOps / Data Security DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company's systems and data last month. The CI/CD service CircleCI said the "sophisticated attack" took place on December … [Read more...] about Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident
Achieving Security Resilience: Findings from the Security Outcomes Report, Vol 3
I am excited to announce the release of Cisco’s annual flagship cybersecurity report, the Security Outcomes Report, Volume 3: Achieving Security Resilience. It’s about preparing, adapting, and overcoming security challenges and threats, and an organisation’s ability to respond and emerge stronger.It’s the organization’s ability to respond to the inevitable attacks and … [Read more...] about Achieving Security Resilience: Findings from the Security Outcomes Report, Vol 3
Why Zero Trust Helps Unlock Security Resilience
Speaking to many CISOs, it’s clear that many security executives view zero trust as a journey that can be difficult to start, and one that even makes identifying successful outcomes a challenge. Simultaneously, the topic of security resilience has risen up the C-level agenda and is now another focus for security teams. So, are these complementary? Or will they present … [Read more...] about Why Zero Trust Helps Unlock Security Resilience