Friday, 16 February 2018

DevSecOps: Security at the Speed of Business

We will describe another key aspect of DevSecOps – developing security guardrails with a hands-on approach via Agile hackathons.

DevSecOps is about bridging DevOps workflows with Information Security (Infosec) Operations by embedding security as code during development, validation during testing and leveraging automation to run continuous operations. From many years in IT, we know that it’s a good idea to first prove ideas manually before we automate. Agile security hackathon is how we bring in participants from relevant disciplines within Information Security and application teams to first go through a set of implementation steps to configure the most important security requirements – the guardrails. With the winter Olympics in progress, this is akin to the guardrails that help a gravity powered Bobsled go faster along iced tracks in a safe manner.

Wednesday, 14 February 2018

Continuous Integration and Deployment for the Network

The requisite for Continuous Integration and Deployment (CI/CD) pipeline being used in the network is growing. Continuous Integration and deployment helps counteract inaccuracies in daily network deployments and changes, hence is critically required. The upshot for change release and automated network testing is that changes are simplified, done more quickly and more streamlined, with CI/CD.

Monday, 12 February 2018

Five things that are bigger than the Internet: Findings from this year’s Global Cloud Index

The scale of the Internet is awe-inspiring. By 2021, there will be 4.6 billion people and 27 billion devices connected to the Internet, and Internet traffic will reach 2.8 trillion Gigabytes (or 2.8 Zettabytes) per year.

Even with multiple Zettabytes crossing the network each year, there are some things that dwarf even the Internet. We started the Global Cloud Index (GCI) seven years ago in order to capture the scale of data more generally, as it relates to the advent of the cloud. In our most recent report, there are five categories of data that meet or exceed Internet traffic volume by 2021.

Friday, 9 February 2018

Better design for simpler, more effective security

Few will contest the notion that security is complex.

Evolving threats.  Clever, motivated attackers.   And all too often, vendor-inflicted complexity of managing security from the mismatched consoles from dozens of vendors.

In this case, not only must users jump between consoles but the actions that become familiar in one console are not at all helpful or relevant in another.  Each new console amounts to a new security management process – adding to greater complexity.

Wednesday, 7 February 2018

Secure by Design: Enhanced Interfaces Improve Email Security and Malware Analysis

In the infosec world, it’s well established that time is a precious commodity. Time to detection and time to resolution are critical concepts that can mean the difference between a minor incident and making the news. In order to be effective, security teams need to be able to quickly access data, gather insights and take the necessary actions to keep their organizations safe. To that end, we’re committed to simplifying our user interfaces and making it easier to manage security effectively across an enterprise. Cisco Email Security and Cisco Threat Grid are two prime examples.

Sunday, 4 February 2018

Cisco Container Platform – Kubernetes for the Enterprise

Developed by Google to shepherd their in-house container clusters, Kubernetes has been vying for the attention and adoption of cloud architects. For the past several years, Docker Swarm, Mesos and Kubernetes have engaged in the duel to bring orchestration nirvana to containerized applications. While there are other participants in the fray and while Mesos has had a longer showing, Kubernetes seems to be capturing the pole position according to this research. This assertion is reinforced by the recent addition of support for Kubernetes to Apache Mesos, to Pivotal Container Service and to Cloud Foundry. The most recent admission of market realities is Docker’s seamless integration of Kubernetes into their Enterprise Edition offering. Whichever container orchestrator eventually arises as the de facto standard, it is clear that enterprises are looking for more and more infrastructure abstraction so they can laser focus on core business objectives.

Friday, 2 February 2018

Network Visibility for Mergers and Acquisitions

Mergers and acquisitions bring major challenges to nearly every aspect of a business, but integrating two different networks while maintaining enterprise security is perhaps one of the most demanding trials an organization can undergo.

Every organization has their own security policies, and applying new ones to hundreds or even thousands of new machines and users can be a logistical nightmare. On top of that, increasing the size of a network also increases its threat surface, potentially giving attackers new avenues to gain access and compromise sensitive data.