Professional Documents
Culture Documents
Digital Transformation
December 2017
Our Presenters
Amy Henderson is the Security Services Taslimm Quraishi has several years of
portfolio manager for Advanced Services at experience developing, managing, and
Cisco. She has over 5 years of experience as delivering security and risk-based services
a product manager developing IT-based to Fortune 500 companies, with vertical
services to help clients simplify their lives, expertise in communications/service
and meet their business objectives. provider.
a
Agenda Evaluating if you are ready
3 Questions
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Digitization is creating opportunities
Telco, cable, and web: Digitization leading to cloud, 5G, IoT
More cloudification
4x cloud traffic increase
More IoT
Half connected devices Are M2M
$ Sizable $
More video
Service Provider 8x mobile traffic increase
economic opportunity
5G rollouts begin
4.7x traffic of LTE
Key Security Challenges for Service Providers
34% of service providers said they lost revenue due to attacks in 2016*
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Your network is your business
EMPLOYE
BRAND
E DATA
Telco Gaming
WAN
Building &
Assessing
Evaluating your secure
if you are foundation?
ready?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
How do you know when you’re ready?
Mergers and
CISO transition
acquisitions
Executive Security
Current State Risk Security
Target State GapsSecure Secure
Secure Network
Management Intelligence Management Assurance Systems Applications
Maturity Level Key
Security Security Resilience Secure Network
Responsibility, 1 Risk Management 3 M Design and
Level 0
Charter&Governance Program Architecture
Absent 0
Privileged Identity Regulatory & Internal Secure Access
Security Metrics & Security Incident Security Enclave Level 1 Data Privacy and
Reporting
and Access 1 Response and DDOS
4Compliance H
Provisioning
Management 1
Protection
Management Management Capability Initial
Level 2
OSS and2BSS
Activity and Vendor, Partner, & Customer/Subscrib
Architecture Strategy Business Continuity Virtualized Network &
Repeatable
& Management
Infrastructure Log 1 & Disaster Recovery
3Virtual Operator erM
Access
Cloud Environments Security
Management Management Management Level 3
Defined 3
Network Intrusion
Security Education/ / Threat / and Fraud Backup and Customer Software
Awareness Training 0 Asset Classification
3Penetration Testing
H
Recovery
Defenses & CleanLevel 4
and App Security
Activity Analytics and Management and Red Teaming Pipe Managed 4
Physical Configuration, Encryption / Level 5
Infrastructure
Vulnerability
1 Change & Patch 3Customer Trust
M
Data
Secure Orchestration
Optimal 5
Data Exfiltration
Management Management & Automation Defense
Security Management Masking
Building &
Assessing
Evaluating your secure
if you are foundation?
ready?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Example Penetration Test Progression
Customers Internet
SP Infrastructure
PE Int. Int.
Peer Peer
R1
iACL Applied
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Build a secure foundation
Infrastructure ACL (iACL)
Steady-State – Traffic destined to infrastructure:
Blocked!
Internet
SP Infrastructure
PE Int. Int.
Peer Peer
R1
iACL Applied
Blocking Traffic
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Maintaining your
Where are you in digital solution?
your Digital
Transformation
journey?
Building &
Assessing
Evaluating your secure
if you are foundation?
ready?
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Making sure you’re prepared – maintain security
Organization’s
testing/development Attackers maintained C2 malware zero A/V
Targeted attack by a network environment persistence in the detection rate, which was
nation state actor targeted, which lacked environment for 5+ utilized for persistence
security controls and months into environment
monitoring
Attack and investigative timeline
C2Malware.exe
identified
10th
1st – 4th 30th 14th 15th 12th
11th
July January February
Our approach
Deployed Visibility Tools
• Deployed StealthWatch into existing
Visibility infrastructure to identify other
Tools potentially malicious traffic
Testing Results
Testing
Results • App Pen Testing group conducted
application hardening post-incident
response
Communication
• Prescribed mechanism, rhythm, and Communicatio
n
audience for each level of incident
severity
Could this have been prevented or minimized?
Communication and
Incident Response Plan Collaboration Test the IR Plan
•Descriptive IR Plan
Where are you in
Remember… Maintaining your
•Communication
digital solution?
your Digital •Periodic Table Top
Transformation Exercises
journey?
•Segmentation
Building &
•People •Manage
Assessing
Evaluating Passwords
your secure and
•Process
if you are Patching
foundation?
ready?
•Technology •Visibility
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Approach:
Best of Breed Integrated Architecture
SP Security
Services Network
UTM Analytics
Secure
Internet
Email Gateway
NGFW/ Web
WWW
NGIPS
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
What first step can I take to gain visibility into my SP networks?
Security Online Visibility Assessment (SOVA)
What is a SOVA?
• SOVA is a “free” 14-day non-intrusive cloud based network and
security visibility offer for all our customers. It works by deploying a
lightweight virtual SOVA Collector in the network that forwards
network telemetry in passive mode to the SOVA cloud for analysis.
After (14) of collecting real time data (internal & external), the cloud
generates a confidential standard report for the customer free of
charge consisting criteria such as Internal Monitored Networks, SMB
& Telnet Risks, Remote Access Breach, etc.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
For more information on Cisco
Security Services, please visit
http://cisco.com/go/securityservices
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential