Why are CEOs Cyber Resilient?

I recently attended a session run by the Said Business School at Oxford along with an organisation called Istari. The discussion was based upon their research into at the view CEOs had of cyber resilience.

There were two immediate points which struck me. The first is that major cyber incidents are hugely traumatic for CEOs. It is an experience they are ill equipped to deal with when compared to other business challenges. This is not surprising considering the speed at which an incident can stop a business from operating and its relative recent appearance when compared to other risks. The second was that cyber security is not a topic to interest a CEO but cyber resilience certainly is. So, a lesson for security professionals is to “watch your language” and use more recognised terminology.

So, what practical steps can a CEO take to address Cyber Resilience rather than just heaving it on to the shoulders of the CISO.

One of the issues could be a possible difference between views on Cyber Resilience between Business Leaders and CISOs. A recent report by the World Economic Forum showed a comparative difference between these two groups in their organisations cyber resilience capability. Whereas CISOs saw a definite improvement Business Leaders were not so sure.

One action could be is to define and agree what resilience means to the organisation. It can be very different according to the nature, risk and priorities of the organisation. In a key, regulated member of the CNI there will be a different idea of resilience when compared to a born in the cloud start up chasing market share. The former will be focused on ensuring stability and compliance, the latter on availability and speed of change. So different views of what it means to keep the business operating, adapting and innovating.

The CEO should be agreeing on a Risk based approach and clearly expressing the importance of this is at the start. One principle I was told to follow many years ago as a young consultant is that CEOs always make decision with a Risk vs Opportunity mind set. If we do this, what will we gain, what could we lose and how do we minimise the downside? So, security teams can always present an issue on those terms. What the priorities are, how should they be addressed and the identifiable benefits.

From the CISO perspective this can be a great help in practical terms. For example, during a discussion with a couple of CISOs, it became apparent that they had different levels of budgetary support from their CEO. One had aligned all expenditure with the Risk Register and was well funded. The other had a funding surge after an incident but interest had waned and now funding was harder to justify. The former had the support of the CEO for the security function whilst the latter was seen in the light of a specific incident which became less valid as memories faded.

This observation led me to another topic. A lot is talked about Culture, the soft art of improving security and resilience. This is increasingly referred to by CISOs but shouldn’t the CEO be leading this change? To draw a comparison. Over the years the concept of Health and Safety has increased in profile as CEOs committed to the principles especially in industries such as Oil and Gas. This developed into a clear set of ordered  priorities, employees, customers, shareholders. Now the principles of Sustainability are also becoming fundamental to how an organisation operates. Cyber Resilience can likewise be developed into the fabric and values. Become part of the culture.

The best place to start is at the most senior level. Some years go the World Economic Forum produced a set of Board Principles to support CEOs and which are valid today. They encompass the basic needs which a Board to address from Accountability to Collaboration. Adopting an internationally recognised framework has been successful in the past and I am aware of a CISO who used these Principles to gain greater traction internally. Driven by the CEO this will create a sense of Cyber Resilience as part of the fundamental management of the business.

All preparation is improved by constant repetition and developing the ability to act when needed. Tabletop exercises are commonly carried out. But for the CEO to lead on these and ensure full cooperation is a further way to change the culture and thinking.  Being trained in a situation will intuitively increase awareness of the importance of cyber resilience as well as building in response capabilities. Learning in the middle of an incident is not the best option.

When addressing culture at a more tactical, day to day, basis the CEO should ensure that the ELT have Security Champions working in all areas of the business. People who understand how colleagues work to and align security with them. Understanding the User Experience. The benefit of this will be to feed back to the security teams the needs of the business from a resilience perspective. Whether following set procedures is more important than being able to adapt quickly and securely for example.  In addition, it makes security a cooperative rather than an antagonistic exercise where the security team impose controls.

As a final thought. The CEO could support the CISO in getting the right communications around the risk and benefits to the business by not holding the CISO responsible for communicating the ideas and principles. In other words, make it the responsibility for the business leaders to communicate what resilience means to them and their areas of responsibility.

One CISO was supported by the adoption of  this approach and got the support from within the organisation they secured.  The brand was of paramount importance to the business. Built up over years. A major corporate asset. The CISO asked the marketing team to define the impact and cost, tangible and intangible, of an incident on the brand and how resilience could be worked into the brand values as a positive element for customers. Whilst it may be a long trek for the CISO to achieve this support, for the CEO it could be a simple first step to inculcate cyber resilience into the culture and thinking of the organisation by asking the functional leads to take the initiative.

For the CEO an incident could be traumatic. But there are a range of proactive steps that could be taken at the most senior level through to daily operations.

There is an adage that the most expensive security is the security that is applied after the event. If the CEO leads Cyber Resilience journey, not only will security make the organisation more resilience, it could also save money. It will weigh the Risk vs Opportunity decision in favour of the opportunity by understanding and mitigating the risk. And by being part of the solution the CEO will find the traumatic impact of an incident is reduced.

Source: cisco.com

Continue reading

Failing Forward – What We Learned at Cisco from a “Failed” Digital Orchestration Pilot

The modern customer experience is fraught with friction:

You speak to a customer representative, and they tell you one thing.

You log into your digital account and see another.

You receive an email from the same company that tells an entirely different story.

At Cisco, we have been working to identify these friction points and evaluating how we can orchestrate a more seamless experience—transforming the customer, partner, and seller experience to be prescriptive, helpful – and, most importantly, simple. This is not an easy task when working in the complexity of environments, technologies, and client spaces that Cisco does business in, but it is not insurmountable.

We just closed out a year-long pilot of an industry-leading orchestration vendor, and by all measures – it failed. In The Lean Startup Eric Ries writes, “if you cannot fail, you cannot learn.” I fully subscribe to this perspective. If you are not willing to experiment, to try, to fail, and to evaluate your learnings, you only repeat what you know. You do not grow. You do not innovate. You need to be willing to dare to fail, and if you do, to try to fail forward.

So, while we did not renew the contract, we did continue down our orchestration journey equipped with a year’s worth of learnings and newly refined direction on how to tackle our initiatives.

Our Digital Orchestration Goals

We started our pilot with four key orchestration use cases:

1. Seamlessly connect prescriptive actions across channels to our sellers, partners, and customers.

2. Pause and resume a digital email journey based on triggers from other channels.

3. Connect analytics across the multichannel customer journey.

4. Easily integrate data science to branch and personalize the customer journey.

Let’s dive a bit deeper into each. We’ll look at the use case, the challenges we encountered, and the steps forward we are taking.

Use Case #1: Seamlessly connect prescriptive actions across channels to our sellers, partners, and customers.

Today we process and deliver business-defined prescriptive actions to our customer success representatives and partners when we have digitally identified adoption barriers in our customer’s deployment and usage of our SaaS products.

In our legacy state, we were executing a series of complex SQL queries in Salesforce Marketing Cloud’s Automation Studio to join multiple data sets and output the specific actions a customer needs. Then, using Marketing Cloud Connect, we wrote the output to the task object in Salesforce CRM to generate actions in a customer success agent’s queue. After this action is written to the task object, we picked up the log in Snowflake, applied additional filtering logic and wrote actions to our Cisco partner portal – Lifecycle Advantage, which is hosted on AWS.

There are several key issues with this workflow:

◉ Salesforce Marketing Cloud is not meant to be used as an ETL platform; we were already encountering time out issues.

◉ The partner actions were dependent on the seller processing, so it introduced complexity if we ever wanted to pause one workflow while maintaining the other.

◉ The development process was complex, and it was difficult to introduce new recommended actions or to layer on additional channels.

◉ There was no feedback loop between channels, so it was not possible for a customer success representative to see if a partner had taken action or not, and vice versa.

Thus, we brought in an orchestration platform – a place where we can connect multiple data sources through APIs, centralize processing logic, and write the output to activation channels. Pretty quickly in our implementation, though, we encountered challenges with the orchestration platform.

The Challenges

◉ The complexity of the joins in our queries could not be supported by the orchestration platform, so we had to preprocess the actions before they entered the platform and then they could be routed to their respective activation channels. This was our first pivot. In our technical analysis of the platform, the vendor assured us that our queries could be supported in the platform, but in actual practice, that proved woefully inaccurate. So, we migrated the most complex processing to Google Cloud Platform (GCP) and only left simple logic in the orchestration platform to identify which action a customer required and write that to the correct activation channel.

◉ The user interface abstracted parts of the code creating dependencies on an external vendor. We spent considerable time trying to decipher what went wrong via trial and error without access to proper logs.

◉ The connectors were highly specific and required vendor support to setup, modify, and troubleshoot.

Our Next Step Forward

These three challenges forced us to think differently. Our goal was to centralize processing logic and connect to data sources as well as activation channels. We were already leveraging GCP for preprocessing, so we migrated the remainder of the queries to GCP. In order to solve for our need to manage APIs to enable data consumption and channel activation, we turned to Mulesoft. The combination of GCP and Mulesoft helped us achieve our first orchestration goal while giving us full visibility to the end-to-end process for implementation and support.

Orchestration Architecture

Use Case #2: Pause and resume a digital email journey based on triggers from other channels.

We focused on attempting to pause an email journey in a Marketing Automation Platform (Salesforce Marketing Cloud or Eloqua) if a customer had a mid-to-high severity Technical Assistance Center (TAC) Case open for that product.

Again, we set out to do this using the orchestration platform. In this scenario, we needed to pause multiple digital journeys from a single set of processing logic in the platform.

The Challenge

We did determine that we could send the pause/resume trigger from the orchestration platform, but it required setting up a one-to-one match of journey canvases in the orchestration platform to journeys that we might want to pause in the marketing automation platform. The use of the orchestration platform actually introduced more complexity to the workflow than managing ourselves.

Our Next Step Forward

Again, we looked at the known challenge and the tools in our toolbox. We determined that if we set up the processing logic in GCP, we could evaluate all journeys from a single query and send the pause trigger to all relevant canvases in the marketing automation platform – a much more scalable structure to support.

Sample of Wait Until Event used in Journey Builder

Wait Until API Configuration

Another strike against the platform, but another victory in forcing a new way of thinking about a problem and finding a solution we could support with our existing tech stack. We also expect the methodology we established to be leveraged for other types of decisioning such as journey prioritization, journey acceleration, or pausing a journey when an adoption barrier is identified and a recommended action intervention is initiated.

Use Case #3: Connect analytics across the multichannel customer journey.

We execute journeys across multiple channels. For instance, we may send a renewal notification email series, show a personalized renewal banner on Cisco.com for users of that company with an upcoming renewal, and enable a self-service renewal process on renew.cisco.com. We collect and analyze metrics for each channel, but it is difficult to show how a customer or account interacted with each digital entity across their entire experience.

Orchestration platforms offer analytics views that display Sankey diagrams so journey strategists can visually review how customers engage across channels to evaluate drop off points or particularly critical engagements for optimization opportunities.

Sample of a Sankey Diagram

The Challenge

◉ As we set out to do this, we learned the largest blocker to unifying this data is not really a challenge an orchestration platform innately solves just through executing the campaigns through their platform. The largest blocker is that each channel uses different identifiers for the customer. Email journeys use email address, web personalization uses cookies associated at an account level, and the e-commerce experience uses user ID login. The root of this issue is the lack of a unique identifier that can be threaded across channels.

◉ Additionally, we discovered that our analytics and metrics team had existing gaps in attribution reporting for sites behind SSO login, such as renew.cisco.com.

◉ Finally, since many teams at Cisco are driving web traffic to Cisco.com, we saw a large inconsistency with how different teams were tagging (and not tagging) their respective web campaigns. To be able to achieve a true view of the customer journey end to end, we would need to adopt a common language for tagging and tracking our campaigns across business units at Cisco.

Our Next Step Forward

Our team began the process to adopt the same tagging and tracking hierarchy and system that our marketing organization uses for their campaigns. This will allow our teams to bridge the gap between a customer’s pre-purchase and post-purchase journeys at Cisco—enabling a more cohesive customer experience.

Next, we needed to tackle the data threading. Here we identified what mapping tables existed (and where) to be able to map different campaign data to a single data hierarchy. For this particular example for renewals, we needed to tackle three different data hierarchies:

1. Party ID associated with a unique physical location for a customer who has purchased from Cisco

2. Web cookie ID

3. Cisco login ID

Data mapping exercise for Customer Journey Analytics

With the introduction of consistent, cross Cisco-BU tracking IDs in our Cisco.com web data, we will map a Cisco login ID back to a web cookie ID to fill in some of the web attribution gaps we see on sites like renew.cisco.com after a user logs in with SSO.

Once we had established that level of data threading, we could develop our own Sankey diagrams using our existing Tableau platform for Customer Journey Analytics. Additionally, leveraging our existing tech stack helps limit the number of reporting platforms used to ensure better metrics consistency and easier maintenance.

Use Case #4: Easily integrate data science to branch and personalize the customer journey.

We wanted to explore how we can take the output of a data science model and pivot a journey to provide a more personalized, guided experience for that customer. For instance, let’s look at our customer’s renewal journey. Today, they receive a four-touchpoint journey reminding them to renew. Customers can also open a chat or have a representative call or email them for additional support. Ultimately, the journey is the same for a customer regardless of their likelihood to renew. We have, however, a churn risk model that could be leveraged to modify the experience based on high, medium, or low risk of churn.

So, if a customer with an upcoming renewal had a high risk of churn, we could trigger a prescriptive action to escalate to a human for engagement, and we could also personalize the email with a more urgent message for that user. Whereas a customer with a low risk for churn could have an upsell opportunity weaved into their notification or we could route the low-risk customers into advocacy campaigns.

The goals of this use case were primarily:

1. Leverage the output of a data science model to personalize the customer’s experience

2. Pivot experiences from digital to human escalation based on data triggers.

3. Provide context to help customer agents understand the opportunity and better engage the customer to drive the renewal.

The Challenge

This was actually a rather natural fit for an orchestration platform. The challenge we entered here was the data refresh timing. We needed to refresh the renewals data to be processed by the churn risk model and align that with the timing of the triggered email journeys. Our renewals data was refreshed at the beginning of every month, but we hold our sends until the end of the month to allow our partners some time to review and modify their customers’ data prior to sending. Our orchestration platform would only process new, incremental data and overwrite based on a pre-identified primary key (this allowed for better system processing to not just overwrite all data with every refresh).

To get around this issue, our vendor would create a brand new view of the table prior to our triggered send so that all data was newly processed (not just any new or updated records). Not only did this create a vendor dependency for our journeys, but it also introduced potential quality assurance issues by requiring a pre-launch update of our data table sources for our production journeys.

Our Next Step Forward

One question we kept asking ourselves as we struggled to make this use case work with the orchestration platform—were we overcomplicating things? The two orchestration platform outputs of our attrition model use case were to:

1. Customize the journey content for a user depending on their risk of attrition.

2. Create a human touchpoint in our digital renewal journey for those with a high attrition risk.

For number one, we could actually achieve that using dynamic content modules within SalesForce Marketing Cloud if we simply added a “risk of attrition” field to our renewals data extension and created dynamic content modules for low, medium, and high risk of attrition values. Done!

For number two, doesn’t that sound sort of familiar? It should! It’s the same problem we wanted to solve in our first use case for prescriptive calls to action. Because we already worked to create a new architecture for scaling our recommended actions across multiple channels and audiences, we could work to add a branch for an “attrition risk” alert to be sent to our Cisco Renewals Managers and partners based on our data science model. A feedback loop could even be added to collect data on why a customer may not choose to renew after this human connection is made.

Finding Success

At the end of our one-year pilot, we had been forced to think about the tactics to achieve our goals very differently. Yes, we had deemed the pilot a failure – but how do we fail forward? As we encountered each challenge, we took a step back and evaluated what we learned and how we could use that to achieve our goals.

Ultimately, we figured out new ways to leverage our existing systems to not only achieve our core goals but also enable us to have end-to -end visibility of our code so we can set up the processing, refreshes, and connections exactly how our business requires.

Now – we’re applying each of these learnings. We are rolling out our core use cases as capabilities in our existing architecture, building an orchestration inventory that can be leveraged across the company – a giant step towards success for us and for our customers’ experience. The outcome was not what we expected, but each step of the process helped propel us toward the right solutions.

Source: cisco.com

Continue reading

An Easier Way to Secure Your Endpoints

Why is it so hard to secure your endpoints? The most simplistic reason is because endpoints are in the hands of human beings who can inadvertently click on a link that introduces malware or unwittingly use an unsecure Internet connection which allows threat actors to access a corporate network.

Read More: 700-805: Cisco Renewals Manager (CRM)

Organizations became more prone to breaches over the course of the pandemic because more and more workers were not inside corporate walls (and firewalls) and instead worked from places like a home office or café. With more endpoints outside the confines of the corporate WAN, the attack surface abruptly increased, and with this came greater risk. Working to keep endpoints secure while having to grant access so workers can be productive makes for a difficult balancing act.

Endpoints are ground zero for organizations of all sizes and across all industry verticals. Cisco examined the nature of security incidents detected by sensors through Indication of Compromise (IOC), detecting suspicious behaviors and analyzing patterns of malicious activity. These are the top four critical severity IOCs we observed:

Without the capability to bring visibility via focused detection, breaches can go undetected for months, until the organization’s critical data have likely already been compromised.

So, if we know endpoints are so often targeted, then why are many organizations having such a problem securing them?

Customers tell us their primary challenges are expertise, time, and evidence:

Challenge: Expertise	Challenge: Time	Challenge: Evidence
“My team can’t be experts on every new threat, or all be experts in threat hunting.”	“I don’t have enough time to go after every new threat, alert, patch and compromised device.”	“We can’t always identify which threats to prioritize or get to the root cause of every attack.”

These quotes have got to be music to the ears of threat actors. They know, like you do, how hard it can be to find skilled resources to staff your security team. Studies show that most organizations’ internal Security Operations Centers (SOCs) are only able to handle 7 to 8 investigations per day, in part because teams are burdened with frequent, false, and often redundant alerts. This leads to more manual effort for already understaffed teams, making it harder to keep pace with constantly evolving threats and issues. The result? You end up with gaps in security, higher operational costs, and a less efficient and, honestly, burned out team.

But I’m here to tell you it doesn’t have to be like that. Consider our solution offer, Cisco Secure MDR for Endpoint (formerly Cisco Secure Endpoint Pro):

◉ We do the heavy lifting of securing your endpoints: Our dedicated elite team of Cisco security experts performs 24x7x365 endpoint monitoring, detection, and response—so you don’t have to.

◉ We detect and respond to threats in minutes, not hours: Cisco specialists use automation and advanced playbooks, powered by the Cisco SecureX platform, and backed by Talos threat intelligence, to drastically reduce detection and response times.

◉ We investigate every threat and prioritize the most critical ones: We conduct an in-depth investigation of every incident you have and enable you to approve or reject remediation actions based on evidence from our experts.

Cisco Secure MDR for Endpoint can identify and then stop threats, block malware, and contain and remediate even advanced threats that evade frontline defenses. We look at all alert-able threats, investigate and prioritize them, and recommend response actions. We do this around the clock and around the globe, from dedicated, global Cisco SOCs.

By the way, let me tell you a bit more about the incredible Talos threat intelligence standing behind our detection and response capabilities. Talos is a recognized leader in threat intelligence research and proactive and emergency response security services. Their research work includes identifying over 30 billion events per day and then vetting those events with Talos’ 400+ researchers and investigators—benefitting our ability to detect and respond.

We built Secure MDR for Endpoint as a solution, so you don’t have to spend the time and money to build a SOC, develop or acquire the tools to make it work, and then recruit and train the personnel to staff it. Secure MDR for Endpoint takes the time, expense, and complexity out of identifying and responding to threats on endpoints. Our SOC experts use AI and machine learning to separate all the false positive alarms from the real issues that need to be pursued and managed.

Source: cisco.com

Continue reading

Private 5G Delivered on Your Terms

Private 5G is a hot topic as enterprises seek industrial wireless IoT solutions to modernize their business for increased productivity and efficiency. In newly emerging cases, wired solutions are not enough, such as in sectors like hospitality where “protected buildings” limit running new cables. For manufacturing and other industries, critical processes like robotic assembly of essential parts (jet turbines, automotive transmissions, or medical devices) and autonomously guided vehicles need a very low-latency, high-reliability solution like private 5G, particularly when those processes co-exist with humans.

On Feb. 3, 2022, we introduced Cisco Private 5G as part of “The Network. Powering Hybrid Work” launch. During this event, we shared our view that the future of hybrid work expands beyond people collaborating with people and now includes people collaborating with things. We now begin to share many attractive use cases for introducing private 5G alongside Wi-Fi into the enterprise networks. As we move towards Mobile World Congress (MWC) at the end of February, we’ll reveal more about our private 5G go-to-market strategies and discuss exciting new opportunities for our global service provider partners.

Connecting everyone and everything

Wireless networking and IoT will transform industries by digitalizing Operational Technology (OT) just as profoundly as the cloud transformed Information Technology (IT). And enterprises are already waiting in anticipation, with a 2021 GSMA Intelligence market report showing that a combination of digital transformation and labor shortages is expected to see enterprise IoT connections quadruple to 23.6 billion by 2030, accounting for 63 percent of total IoT connections. With all the pieces in place, companies with a strategy to converge their IT and OT operations will experience significant gains in productivity and efficiency, creating a major competitive advantage.

With the convergence of IT and OT, hybrid work becomes about connecting everyone and everything. Delivering IoT at scale is just as important as connecting people, allowing hybrid workers to gain access to sensors, monitors, robots, and more. Our vision of the future of work is built on wireless through a combination of private 5G and Wi-Fi, where enterprises can modernize, automate their operations, and benefit from the resulting productivity gains.

But making the change is not easy. There are all kinds of confusing options right now, so where do you begin? We can help by delivering a private 5G solution on your terms.

What separates Cisco Private 5G from the rest?

We believe the competitors are going about it the wrong way. They would have you adopt a complex, carrier-centric 5G solution that’s radically different from what you already know and use. Some even ignore Wi-Fi entirely. As the top enterprise networking, wireless, security, Industrial IoT, and collaboration IT vendor, we know how to build a solution that fits your enterprise needs, where Cisco Private 5G is integrated with Wi-Fi and existing IT operations environments. This makes your transformation easy, and we’re the only vendor to empower enterprise customers to extend what they already own and understand into new possibilities.

We know the many different technology choices and complexity of operating such an environment can make it difficult to start. It’s hard to commit financially to a new technology with so many uncertainties. Even the most visionary business leaders may hesitate to avoid making a wrong decision. With Cisco as your partner, you can feel confident you’ve made the right choice because our private 5G solution is ‘Simple to Start’, ‘Intuitive to Operate’, and ‘Trusted’ for enterprise digital transformation.

Simple to start

◉ The journey begins with a qualified business consultation.

◉ You don’t have to choose between 5G and Wi-Fi – you can use both, protecting your current investments and strategies.

◉ With your business goals in hand, a premium partner will perform a site survey to scope the necessary networking and radio coverage to support the intended IoT use case(s).

◉ Cisco Private 5G networks will be Cisco Validated Designs (CVD).

◉ Our “pay-as-you-use” subscription model means that you and your deployment partners will have minimal up-front infrastructure costs, so no matter how small the start or how massive the goal, costs remain in line with value. By comparison, traditional purchasing models force you to “spend a lot and wait” for productivity or profitability.

Intuitive to operate

◉ A simple management portal integrates and aligns with existing enterprise tools. We handle all the complexities of the 3GPP mobile network stack.

◉ Enterprise IT teams get a complete picture of their network and devices. You can maintain policy and identity across wired and wireless network domains for simplified operations.

◉ AI/ML-based management tools can identify unexpected behavior patterns and potential issues, making it easy to proactively take intelligent actions. Intelligent analytics increase effectiveness, minimize exposure time and reduce damage.

◉ Many problems in the network stem from outdated software, and nearly all are avoidable. As a continuously improving service, our private 5G software releases are automatically maintained from the cloud, ensuring the latest functions and security updates are in place.

Trusted

◉ As the No. 1 provider for connectivity, collaboration, industrial IoT, and IoT-connected cars, enterprises trust our technology, products, and services.

◉ Cloud-native architecture allows Cisco Private 5G to flexibly support different deployment models. Components may reside in the cloud, distributed edge, or on premises depending on needs for extra reliability or data privacy.

Source: cisco.com

Continue reading

Cisco’s Role in the Monumental Vaccination Effort

Big challenges require big solutions. But when it comes to technology for coronavirus vaccine access and administration, many of those big solutions already exist.

As you read this, COVID-19 vaccines are being rolled out in different capacities around the world. The troubling news is, getting the vaccines to the public is continuing to present an evolving array of challenges. Limited availability, complex transportation and storage, and phasing are all creating confusion. The good news is that technology is helping to overcome those challenges by building bridges between the government agencies in charge of the vaccination effort, the retail pharmacies and healthcare organizations administering the vaccines, and the communities who need them.

During the past nine months, Cisco has been powering an inclusive recovery through efficient vaccine administration; helping essential organizations stand up the technology and communications needed by medical and healthcare facilities, retail pharmacies, essential government services, and other frontline efforts. And, today, Cisco continues to do its part as a trusted technology partner. We’re helping enable vaccine administration by improving three key functions—communications and access, field operations and administration, and security and application performance.

Communications and access

By providing communications and access solutions—such as Cisco Webex and Webex Contact Center—we’re enabling better patient access and outreach, better care provider and administrative collaboration, and more virtual engagements. We’re also providing a more comprehensive way for government agencies, healthcare facilities, and retail sites to efficiently scale their efforts to address increased volume and equitable access to critical information and services.

Field operations and administration

With field operations and administration solutions—like networking, WiFi analytics, video, collaboration, and cloud-delivered location services and security—we’re helping organizations respond to dynamic community needs, set up field hospitals and mobile clinics, provide equitable access, improve citizen experiences, and simplify equipment monitoring.

Security and application performance

Finally, our innovative security and application performance tools—among them, application monitoring and management, IoT sensors, cameras, and cloud-enabled security—are ensuring the safety, security, privacy, performance, and compliance necessary for organizations to successfully administer vaccines and operate efficiently around the clock.

As you can imagine, vaccine administration systems will likely remain under immense pressure until the millions of people who need vaccinations get them. So, it is vital for government, healthcare, and retail organizations to keep these mission-critical services running as smoothly as technologically possible. That, as it turns out, is our strong suit.

Keep in mind, performing in this capacity is nothing new for Cisco. All of the solutions and use cases mentioned above are customer-validated and proven.

As it always has, Cisco provides its customers with solutions that help people and communities access technology, information, advice, and anything else they might require. We were here for our customers before the pandemic. We’re here for them today as we navigate our way through COVID-19 together. And as any trusted partner should, we will be here for our customers tomorrow to take on whatever comes next. That’s why so many leaders around the world, across all levels of government, healthcare, and retail, have trusted and relied on us to stand by them through their ongoing digital transformation efforts.

Continue reading

How Cisco manages corporate social responsibility

Cisco pioneered the technology that connects everything. We believe that connections have the potential to create opportunity for everyone and to solve some of the world’s most pressing challenges. Leveraging our expertise, technology, and a strong network of partners, we’re focused on building bridges to a more inclusive future.

Corporate social responsibility (CSR) is core to our purpose, our culture, and how we invest. We focus on People, Society, and Planet—issues that align with our business strategy and where we can have the greatest potential for impact. Our success is built on a Conscious Culture, where trustworthiness and ethical conduct are expected and supported among our employees, suppliers, and business partners.

How we manage CSR

Corporate Affairs, as part of the Human Resources organization, champions Cisco’s strategic approach to CSR, including social investment programs and environmental sustainability. The organization also stewards our commitments to CSR performance and transparency. The Corporate Affairs team is responsible for:

◉ Defining and managing our social investment strategy and programs

◉ Driving CSR governance processes

◉ Collaborating with a broad range of stakeholders

◉ Conducting socio-economic research and developing data driven insights

◉ Assessing and monitoring CSR priority issues

◉ Producing our annual CSR Report

◉ Coordinating and ensuring cross-functional ESG alignment

Business functions own CSR priorities. Teams integrate priorities into their business strategy by setting goals, implementing plans, and measuring performance. Some priorities touch multiple functions. In these cases, we establish cross-functional teams to align CSR business process and implement against our commitments. In some cases, CSR goals and objectives may be linked to performance factors and compensation for CSR owners. For example, Supplier Code of Conduct performance may be considered when assessing the performance of key supply chain leaders.

We believe that risk is inherent in innovation and the pursuit of long-term growth opportunities. Cisco’s management is responsible for day-to-day risk management activities. The Board of Directors, acting directly and through its committees, is responsible for the oversight of risk management.

Cisco’s management has implemented an enterprise risk management (ERM) program, managed by Cisco’s internal audit function, that is designed to work across the business to identify, assess, govern, and manage risks and Cisco’s response to those risks. Cisco’s internal audit function performs an annual risk assessment that is utilized by the ERM program.

The Audit Committee, which oversees our financial and risk management policies, including data protection (comprising both privacy and security), receives regular reports on ERM from the chair of the ERM operating committee, as well as regular reports on cybersecurity from Cisco’s Chief Security and Trust Officer. Other Board committees oversee certain categories of risk associated with their respective areas of responsibility.

The Nomination and Governance Committee of the Board reviews Cisco’s policies and programs concerning corporate social responsibility, including environmental, social, and governance matters. CSR and environmental sustainability are represented through Tae Yoo, Senior Vice President of Corporate Affairs, and Francine Katsoudas, Executive Vice President and Chief People Officer.

Engaging with stakeholders

Building bridges of understanding with key stakeholders helps us maximize impact and informs our materiality process. Through regular dialogue, we can better align our business to social and environmental needs.

We partner with a wide range of global and local organizations to shape and extend the reach of our CSR programs, including governments, nonprofits, multilateral organizations, and peers. We have been a strategic partner of the World Economic Forum (WEF) since 2002. Our engagement with the WEF provides us with world leader insights, influences our CSR strategy, and enables us to learn from others and share best practices. Other partnerships and memberships include: Business for Social Responsibility (BSR); the Conference Board’s Sustainability Council II on Innovation and Growth; the CEF (formerly the Corporate Eco Forum); and the Responsible Business Alliance (formerly the EICC or Electronic Industry Citizenship Coalition).

In addition to the formal materiality assessment, Cisco’s environment team independently gathers feedback on emerging issues, the quality of our reporting, and our sustainability performance from sources including stakeholder inquiries and key rankings and ratings. “Stakeholder inquiries” is the umbrella term we use for questions we receive from a variety of sources, including:

◉ Customers and partners. The visibility of environmental sustainability continues to increase in customer and partner requests for proposal (RFP), supplier qualification, and contract processes.

◉ Employees

◉ Financial and industry analysts

◉ Shareholders and investors

◉ Sustainability data aggregators, which includes companies like Ecovadis that collect sustainability information for our customers and partners. It also includes a range of organizations that collect and package sustainability information for resale or for their own analysis.

◉ Environmental advocacy groups

◉ Academia, including researchers and students

◉ Media

Environment-related topics form the vast majority of stakeholder inquiries that Cisco receives. These inquiries provide continuous, real-time insight into the environmental issues of interest to different categories of stakeholders. In FY19, we continued to see increasing customer and investor interest in environmental sustainability, as reflected in customer requests for proposals, customer and environmental advocacy surveys, and other inquiries.

Continue reading

Bridging the divide: Getting IT and OT to work together for industrial IoT

Industrial IoT has the potential to transform business processes in manufacturing, oil and gas, utilities, and more. However, organizations must first overcome numerous challenges, one of which is bridging the divide between IT and operational technology (OT). Having the right people involved and working together toward an IoT initiative is critical for achieving a seamless, secure and successful end-to-end design.

We often hear customers describe what it is they want out of an IoT deployment: a dashboard with buttons that allows them to see data or analytics of that data to understand what is happening in the operating environment. It’s obvious they have a clear vision of the outcome they want, but they don’t know how to get there. And they can’t — at least, not by themselves.  One of the biggest reasons why IoT projects fail is because line of business expectations aren’t managed correctly, or because IT and OT didn’t work together to validate if a solution is feasible with current technology and skill sets.

The IoT tech stack is complex and fragmented. Organizations have to pick the right sensors, select the machines to be connected, choose a connectivity method, and then build the networking, application, and business intelligence layers (often incorporating cloud and multiple applications) on top. To further complicate matters, companies are looking to connect many different (often legacy) machines that have never before been connected. Different protocols must be parsed and cleaned up so that technologies further up the stack can ingest and understand the data.

No single department is capable of navigating all the different technical options and making the best decisions for a seamless, secure IoT deployment. While OT may be able to choose sensors and machines to connect, and IT may be able to build the remainder of the tech stack, these decisions can’t be made in silos. The digitalization of machine data creates a technical convergence, and both sides must work together to make IoT work. IoT is a team sport.

When the right people come together to solve a business problem with IoT, it becomes much easier to build a successful solution. Four primary groups or individuals include:

The line of business:

Representatives from lines of business can articulate the business need. These people are experts in higher level business strategy, sales, marketing, how to go to market, etc. For the line of business, IoT is a means to an end to achieve a business objective. These people can envision the dashboard and contribute to process and organizational design. While they may or may not own the budget, the line of business defines and creates the demand for a business improvement.

IT department:

The IT department is responsible for the enterprise IT infrastructure. The department’s main concerns are security, scalability, and manageability. They work in a fast, dynamic environment. IT is always under pressure to get things done—and to do more with less. When it comes to an IoT deployment, the IT department is concerned with the tech stack from the network out to the edge.

OT department:

The OT department is generally responsible for the equipment on the shop floor. They are concerned about quality, uptime and maintenance of machinery that is typically two to three decades old. Often times, the machines produce data that doesn’t go anywhere. There’s a human/machine interface where operator receives data and makes decisions. The OT department plays a key role in connecting machinery on the shop floor for an IoT deployment.

Procurement:

Procurement is responsible for finding products and services at the best cost. Sometimes this means breaking up solutions and buying components piecemeal. It’s best to bring procurement on board sooner than later so that they understand that the broad spectrum of components in an IoT deployment come from one ecosystem of integration. If a solution is broken up into bits and pieces, none of the solution providers will feel motivated to deliver the best possible service.

Even with these parties at the decision-making table, there are likely to be gray areas. Organizations often have to experiment or partner with a provider for technology that they don’t have the skills to work with internally. Of course, it’s important to get the right skills at the right time for the right cost.

At Cisco, we work hard to pull together the key technologies and partners required to deliver seamless, secure solutions that span the manufacturing floor to the cloud. Our partner ecosystem consists of large systems integrators, service providers, OT partners, distributors, and a variety of others. We span and bring together both the IT and OT worlds to create harmony and cohesion across our customer’s organization, our Cisco partner ecosystem and through the solution itself via Cisco Validated designs to ensure a successful IoT initiative.

Continue reading

Cisco DNA Center Real Time Event Notifications into Webex Teams!

Find out about network issues before your users do!

Cisco DNA center has a powerful issue correlation engine for enterprise wired and wireless networks. Taking real time feeds of network telemetry it is able to identify issues and provide context for resolution.  The next question is what to do with the events?  Some customers would like to send them to an email system, where as others would like to create a message in an instant messaging system.

Fortunately, there is a webhook based notification that can be used to process and handle issue notifications.  This blog post provides a simple python script to send a notification to a Webex Teams room, or email server.  Version 1.3.1 of Cisco DNA Center provides native email integration, so I will focus on the Webex Teams integration.

Getting  Started

As with all of my examples, the sample code is posted on github.

The first step is to download the code and create a python virtual environment (the virtual environment is optional). You need to change directory into the WebHookServer directory.

git clone https://github.com/CiscoDevNet/DNAC-Platform

python3 -mvenv env3
source env3/bin/activate
cd DNAC-Platform/WebHookServer

The next step is to install the required python libraries

pip install -r requirements.txt

You will also need to edit the configuration file  config/dummy_spark_config.py and add a Webex Teams roomId and provide a valid Webex Teams token.  To get a token and find the API call to discover the roomID go to developer.webex.com .

AUTH="Bearer XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
# alerts room
ROOMID="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

You need to run the server and it will listen on port 9000. This can be changed if required.

./server.py

Testing out the issue notifications

The next challenge is to generate an issue. Fortunately, I have provided a sample script to generate some “dummy” issues.

The client directory contains some “fake issues” that can be sent to the server for testing.

If you run the client.py program will no arguments, a list of valid issues is provided.

./client.py
Run with --event and a valid example.
Valid Examples:ap_down_eg, ap_flap_eg, border_dhcp_eg, device_unreachable_eg, swim_eg, new_flap_eg

The schema for issues changed between 1.3.0 and 1.3.1.  There are examples for both old and new versions.  New versions has prefix “new.”   The new_flap_eg is an example of a new issue.  I am going to send the new format example.

$ ./client.py --event new_flap_eg
Sending:new_flap_eg
200

The server will display the JSON payload, as well as sending it to the Webex Teams room.

Example Issue Notification

If you want to take a look at the payloads, you can look at the source of the issues in the github directory:

https://github.com/CiscoDevNet/DNAC-Platform/blob/master/client/examples/ 

Cisco DNAC configuration

I am going to focus on the 1.3.1 configuration.  This has changed a lot from earlier releases and is now real time (vs 15min delay).

The first step is to go to Assurance->Manage->Issue Settings

Manage Issues

 Then click top right “Manage Subscriptions.”  A tip is to make sure you click “show more” a few times so all 53 issues can be selected. Only the first 10 are shown by default.

Select Issues

You can then click top left “subscribe,” and then “Create a new subscription.”  You will see the screen below.

Select the  “created a new endpoint option.”  For this example, we need the IP address of the server and the port (9000 was the default).   Note that this needs to be https. You also need to select the HTTP Method (POST).

Create Subscription

For the simple example, there is no authentication, but this is easy to add.   Click “subscribe” and the subscription will be created for the selected events.

Congratulations, you now have a working integration between your DNA Center and the python webhook server into webex teams.

Continue reading

5 Reasons Cloud UC and BroadSoft Are Top of Mind

There, my Cisco colleague Andy Johnston and I shared an overview of the cloud unified communications market to a standing-room‑only audience. We described how the combined strength of the Cisco and BroadSoft calling portfolios are helping you accelerate transitioning to cloud.

I’d like to highlight five key reasons why I think our overview resonated so well.

1. Customer cloud UC perceptions have changed

We recently conducted a survey with over 1,000 IT decision makers from seven countries. In it, we learned that cloud UC is a key priority of their digital transformation strategies. 74% of respondents said they will choose a cloud provider in the next 24 months.

2. SMBs need native mobile

Mobile working has many benefits. Many small businesses are ditching their on-premises solution and going mobile first for both cost and efficiency reasons. One of our portfolio’s most unique and innovative differentiators is our ability to deeply integrate communications within the core mobile network. This allows our mobile carrier partners like Verizon, Vodafone, Telstra, Deutsche Telekom, and Rogers to deliver a fixed-mobile converged experience that helps SMBs become more agile and productive, and appear bigger and stronger.

3. Mid-market needs enterprise-grade features without cost and complexity

Mid-market organizations need enterprise-grade features and a way to seamlessly and reliably network their PBX and cloud applications. This includes:

◈ a common network dialing plan

◈ a consistent collaboration experience across locations

◈ centralized and local administration capabilities

In addition, they need simplicity, on-demand scalability, global scale, and reliable communications for remote and mobile employees.

4. Flexible and smooth transition to cloud

Transitioning to the cloud will take some time for mid-sized and large enterprises that have large investments they simply cannot replace overnight. A 2017 study by global research firm Nemertes suggests that more than 70% of enterprises are still running TDM to at least half of their endpoints. You need solutions that both maximize the life of in-place investments and allow you to network with cloud solutions via SIP trunking for new locations, expansions, branch offices, contact centers, and mobile workers.

5. Cloud UC offers a better total cost of ownership

Cloud is a natural and more economical solution for new sites, site expansions, and smaller branch offices. In our survey:

◈ 68% of respondents believe their current on-premises systems are too expensive to maintain

◈ 70% believe cloud will reduce their IT staff efforts

◈ 69% say their current systems don’t have the advanced features they need

For many, cloud contact centers will offer more capabilities, on-demand flexibility, and superior multisite and remote-agent support. In fact, 88% of premises-based contact center users are considering moving to CCaaS, with 68% in active evaluation.

The Transition Zone

For all these reasons, we’ve developed a thoughtful technology plan that provides a smooth network transition from on-prem to cloud. A hybrid model that ensures user adoption helps you realize value more quickly and move at a pace that makes sense for your organization.

Flexible and affordable migration strategies with hybrid configuration support allow you to implement a cap-and-grow strategy. You maintain your in-place investments until they reach the end of their natural life-cycle, then transition to cloud when the time is right.

The Cisco Collaboration Flex Plan decouples the purchasing and deployment so that you can choose on-premises, hosted, or cloud options. You can move your organization, specific users, specific sites, or individual applications when it suits you in a flexible, phased approach that addresses all your needs.

This level of flexibility is available today. As you look to make your cloud transition, consider a vendor that can provide a complete solution that looks not only at your PBX requirements, but addresses your mobility and voice conferencing needs as well.

Cisco and BroadSoft are in a prime position to help you make the transition and migrate while leveraging your existing investments.

Continue reading

Cisco Container Platform – Kubernetes for the Enterprise

Developed by Google to shepherd their in-house container clusters, Kubernetes has been vying for the attention and adoption of cloud architects. For the past several years, Docker Swarm, Mesos and Kubernetes have engaged in the duel to bring orchestration nirvana to containerized applications. While there are other participants in the fray and while Mesos has had a longer showing, Kubernetes seems to be capturing the pole position according to this research. This assertion is reinforced by the recent addition of support for Kubernetes to Apache Mesos, to Pivotal Container Service and to Cloud Foundry. The most recent admission of market realities is Docker’s seamless integration of Kubernetes into their Enterprise Edition offering. Whichever container orchestrator eventually arises as the de facto standard, it is clear that enterprises are looking for more and more infrastructure abstraction so they can laser focus on core business objectives.

Continue reading