Counting Threats: People Are Your Perimeter
 

Like this? Share it with your network

Share

Counting Threats: People Are Your Perimeter

on

  • 853 views

How Cisco and Intel® are harnessing the collaborative power of people to deliver intelligent threat analysis and response across their organizations, products, and services.

How Cisco and Intel® are harnessing the collaborative power of people to deliver intelligent threat analysis and response across their organizations, products, and services.

Statistics

Views

Total Views
853
Views on SlideShare
853
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Counting Threats: People Are Your Perimeter Document Transcript

  • 1. Unleashing IT Counting threats: People are your perimeter Cisco and Intel® partnering in innovation How Cisco and Intel are harnessing the collaborative power of people to deliver intelligent threat analysis and response across their organizations, products, and services. Too much information is hard to digest. Especially when your role is incident response and you’re called on to provide an informed risk assessment for the latest security threat. With terabytes of data to sift through, a significant amount of resource and time is required and that’s a daunting task for many organizations. So how do you improve your ability to sense, interpret, and act on emerging threats? By engaging the one resource you already have: people. The approach has proven itself at both Cisco and Intel through swift analysis of emerging threats like Stuxnet, quick response to attacks from undisclosed third parties, and increased alertness in general. It also enables security budgets to be directed toward efforts that matter most. “People build intelligence,” says Dixon. “Nothing coming in the door is intelligence. It’s only after our folks put our context on it that it becomes intelligence. That’s the difference between the sky is falling every patch Tuesday versus here’s a threat we have to care about and why.” “If you don’t have people focused on threat analysis and leveraging interested parties—both inside and outside your organization—then you’re leaving yourself vulnerable,” says Jerry Dixon, director of incident response, Cisco. “Technical infrastructure only gets you so far. You need to get the right threat intelligence to the right groups, creating a human intrusion detection system where everyone in the company has a role to play in information security.” Getting Started Building a sensor network requires C-level support from the start. According to Malcolm Harkins, vice president and chief security and privacy officer, Intel, best practices include: • Cisco has similar efforts in place to foster ongoing dialogue between product, security, and incident response teams across its organization. Together they maintain a pulse on emerging threat data and occasionally hold threat summits with external groups, including the research community and industry partners. They also host targeted awareness campaigns internally to ensure every Cisco employee is cognizant of the latest threats and correct response actions. “A sensor network is like a funnel,” explains Malcolm Harkins, vice president and chief security and privacy officer, Intel. “You begin by establishing collaborative groups, then funnel the information they collect into an interpretation or triage exercise, and ultimately push it back out across your company as an informed risk action.” People don’t need ‘information security’ in their titles to be valuable contributors to the sensor network. Pulling together those who are passionate about cyber security, regardless of their day job, adds mind power and eyes to contend with rapidly emerging threats that might otherwise be missed. • Both Cisco and Intel® are already capitalizing on this novel approach. Intel’s Threat Agent Group and Emerging Threat Analysis forum are collaborative groups within Intel open to anyone passionate about security. The groups consist of professionals from varied backgrounds, including manufacturing, product development, legal, human resources, and information security. Their collective insight is coupled with outsight—connections to outside groups and industry peers—to act on emerging threats in a manner that is deemed appropriate to Intel. Demonstrate the connection between enterprise risk and technology risk. Proper management of risks such as food safety or patient safety, for example, is dependent on the integrity of underlying systems and control processes. • Encourage tolerance in your management framework to allow information sharing with trusted peers. • Clearly articulate rules of engagement for information sharing that include privacy controls, oversight, and governance. Complimentary book For a complimentary book, Managing Risk and Information Security, Protect to Enable, available in limited quantities, visit: www.UnleashingIT.com/bookoffer. This article first appeared online at www.unleashingit.com, available after subscribing at www.unleashingit.com/LogIn.aspx. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1309) Intel and the Intel logo are trademarks or registered trademarks of Intel Corporation in the U.S. and/or other countries.