- Related Stories
Cisco readies security updatesFebruary 13, 2006
RSA confab: Boom times for securityFebruary 13, 2006
Allchin: Buy Vista for the securityJanuary 27, 2006
Cisco squashes VoIP, router bugsJanuary 18, 2006
Employee gadgets pose security risk to companiesNovember 15, 2005
Cisco squashes 'critical' Net attack bugNovember 2, 2005
Bug hunters, software firms in uneasy allianceSeptember 6, 2005
Cisco warns customers of site breachAugust 3, 2005
Hackers rally behind Cisco flaw finderJuly 30, 2005
Hacking for dollarsJuly 6, 2005
The lawsuit was retaliation for disclosing research into the security of software that runs Cisco routers and switches. The networking giant was already a target for cyberattacks, but that move probably put even more heat on its security team.
For example, shortly after Cisco sued, and settled, with the researcher, its Web site security was breached. The company alerted customers and advised them to change their passwords.
John Stewart is Cisco's chief security officer and heads up the company's IT security team, among other security-related groups. With his staff, Stewart secures a network used by about 40,000 people with more than 60,000 PCs and countless other network connected devices, including 50,000 voice over Internet Protocol, or VoIP, phones.
On the day before the annual RSA Conference security confab in San Jose, Calif., Stewart talked to CNET News.com about his responsibilities.
Q: There is a big bull's-eye on Cisco as an organization. What do you do to defend yourself against being attacked by hackers? Is there a simple solution?
Stewart: I don?t think there is a simple solution. Probably the best way to describe it is that we never stop trying to think like our attackers. The best way to think about a defense is to think about the offense. The means by which we approach it go from everything from technology to how we educate and train people toward being aware of the risks and ideally to get security as a piece of every network element and into every person's mind.
A lot of people tend to talk about security as the latest security patch or the latest vulnerability that's out there. Do you see security in that way?
Stewart: No, those are a great deal about a known class of threats and usually there is a technology answer to your problem. We have a tendency to think about whole classes of problems. Patching is an availability problem just as much as it's a security problem. A virus is just as much a user awareness issue as it is a technology threat. In focusing on trying to handle classes of problems like that, we want to take people issues first, define it and then get a technology answer toward mitigating classes of problems.
What would you say are some of the key issues you face in terms of security at Cisco and in defending the Cisco network?
Stewart: The types of threats that we all face now are motivated by true financial gain. Often times what we had was an annoyance, or a disruptive kind of threat, something that was not really trying to damage or steal, but we have moved away from that now. This is about mitigating theft and mitigating true damage. That's most different then what we faced in the last few years.
If you can describe some of the attacks that you face, what types of attacks are those and do you see many?
Stewart: We face distributed denial of service attacks against our Web site, sometimes right towards the end of our quarter. That's a level of business knowledge that an attacking team has. In an attempt to disrupt electronic commerce, we will get an attack near the end of our quarter. That's a different style then we've seen in the past. We certainly face a lot of the more common ones, or the more frequently talked about ones, be it spam, be it the viruses and worms, but we have mitigated to a great degree the risks associated with those.