Everybody – at least every multinational that Cisco checked out for its 2014 Annual Security Report – is hosting malware of some kind, and there aren't enough security professionals to go around. Along with its Managed Threat Defense service launched this week, Cisco also launched the latest publication (here with registration …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Thursday 24th April 2014 03:38 GMT Tom 35

Abridged version

Cisco: Buy our stuff.

5 0
1. Thursday 24th April 2014 09:22 GMT dogged
  
  Re: Abridged version
  
  (DISCLAIMER: I DO NOT WORK FOR CISCO OR ANY OF THEIR AFFILIATES)
  
  To be fair, Cisco stuff is pretty bloody good at what it does.
  
  1 1
  1. Thursday 24th April 2014 14:49 GMT Hit Snooze
    
    Re: Abridged version
    
    To be fair, Cisco stuff is pretty bloody good at what it does.
    
    I agree, it is very good, flexible, reliable, and there are tons of documentation/forums for Cisco equipment (major advantage), but it is expensive which really sucks.
    
    1 0
  2. Friday 25th April 2014 00:22 GMT Trevor_Pott
    
    Re: Abridged version
    
    "To be fair, Cisco stuff is pretty bloody good at what it does."
    
    Can't disagree, but for most areas of Cisco's endeavors, there are others that area as good that cost less. Really, that's the bit that matters.
    
    1 0
Thursday 24th April 2014 05:43 GMT big_D

My thoughts too. Here is our new security product, oh and we just compiled a report that shows you have malware and don't know what is going on in your network.

0 0
Thursday 24th April 2014 08:29 GMT Anonymous Coward

Is this the same Cisco...

... that had open email relays on their network for several months which accounted for a significant percentage of all spam being seen by spamcop?

2 0
Thursday 24th April 2014 12:07 GMT Captain Scarlet

Erm

"Java is the undisputed king of endpoint vulnerabilities, Cisco claims"

Cisco Desktop desktop apps are mostly built in java, our Cisco phones have java runtime on them and pretty sure the backend servers must have at least some java in them.

I wonder if they will move away from Java usage?

3 0
Thursday 24th April 2014 13:11 GMT Peter2

100% of IT Depts they tested were probably Cisco customers using Cisco VOIP phones that seemingly require a server to be connected to the network, but not managed, patched, firewalled or otherwise managed by IT.

. . . Which is why I don't have a Cisco telephone system.

1 2
1. Thursday 24th April 2014 14:42 GMT Hit Snooze
  
  100% of IT Depts they tested were probably Cisco customers using Cisco VOIP phones that seemingly require a server to be connected to the network, but not managed, patched, firewalled or otherwise managed by IT
  
  Each business chooses who will manage their VOIP systems, and IT has always managed VOIP in every place of business that I have worked for. So your complaint is invalid.
  
  Also, Cisco has a very good VOIP system that is easy to patch, manage, and is rock solid.
  
  2 2
Thursday 24th April 2014 22:25 GMT NileH

Anyone who thinks that IT security is a priority should take a look at the job adverts dotted around the content you're reading right now.

If you've got the Technojobs ad, it'll reflect the current contents of the page - IT security - and it'll have three or four 'Information Security Analyst' vacancies at £35-45k, and one or two security consultant or senior manager roles at £65-75k.

That's OK for IT, but not exactly stellar. It's *way* less than the banks are paying programmers who write the security vulnerabilities, and it doen't sound like the pay rate for doing something particularly difficult, or critical to the company's success.

And Cisco? It's nice that they've woken up to the commercial case for security. But I doubt that the firmware and embedded systems in their hardware is anywhere near secure, and I am certain that every single router on sale today, from every company, everywhere, has a backdoor waiting to be discovered.

0 0