Skip Links

Cisco's John Stewart on the latest security threats … and what enterprises can do to fight back

By Susan Perschke, Network World
February 13, 2012 09:58 AM ET

Network World - Freelance writer Susan Perschke recently sat down with Cisco Vice President and Chief Security Officer John N. Stewart for an in-depth discussion of the state of enterprise security.

Stewart leads Cisco's security operations, product security, and government security functions. He is also responsible for overseeing security for, the infrastructure supporting Cisco's $40-plus billion business, WebEx, the collaboration service providing 73 million online meetings per year, among other Cisco functions. Stewart holds a Master of Science degree in computer and information science with honors from Syracuse University, Syracuse, N.Y.

In this wide-ranging discussion, Stewart describes the most troubling threats facing enterprises today, and talks about how companies can protect themselves by deploying what he calls "composite security." He delivers specific advice and gets into areas like mobility, identity management, and the need for companies to begin planning for IPv6.

With network security threats continuing to evolve, what are Cisco customers reporting as their top security challenge?

To give you a little bit of history, I've been in the computer security industry for almost 25 years, and the responsibilities I hold are the traditional corporate information security functions. I also co-chair the products security board and am involved in a significant portion of the way we do government work around the globe, with implementation for military intelligence and public sector customers. So I end up having three views of the security challenges we face. My observations and what we hear most from customers, at least circa 2012, is that their challenges breaking down essentially into a "triad of triads," with one of those aspects most often causing them the most significant fits.

IN THE WORKS: Cisco's project 'Futurama' targets consumerization of IT

The first triad essentially dissects the attacking community, if you will, into three main sets of perpetrators. We have individuals that are working on their own behalf for any number of reasons, trying to get into corporations or businesses, or to affect online services. We have organized groups that, more often than not, are funded, and that could be a traditional crime-based group, it also could be a country, and I'm trying to objectify or abstract those groups as ones that are organized, and well-funded and with purpose. Then there's a third group, that emerged in 2011 that I don't think was easily predictable, and it's this thinking, "I'm not financially motivated, I'm not working as an individual, I'm just going to group together at a moment's notice and have a purpose and attack motive." So I put that in the first part of that tri-graph, which means that we have quite a collision of accelerated threats with different purposes. One could be curiosity, one could be monetary or disruptive, and the third could be just purely "I have a political purpose against you." So all of our customers, for all intents and purposes, are very worried about each of them, and they're not precisely in educated or equal quantities as to which they should go after first, or protect against, or understand next. So that triad is the externalization of those threats and who is doing them.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News