cisco security manifesto: 2015 annual security report
TRANSCRIPT
Five Basic Principles of the Cisco Security Manifesto:
1. Security must be considered a growth engine for the business
2. Security must work with existing architecture and be usable
3. Security must be transparent and informative
4. Security must enable visibility and appropriate action
5. Security must be viewed as a “people problem”
1. Security must be considered a growth engine for the business
Security can’t stand in the way of user
productivity and business innovation. It is less
likely to become a roadblock if security teams
are included in conversations about new
technology deployments.
“As some countries place significant restrictions
on who can handle their citizens’ data, there is
the potential that they will cut themselves off
from the global talent pool and possibly risk a
loss of innovation that comes from cross-
pollination of new ideas.”Source: 2015 Cisco
Annual Security Report
2. Security must work with existing architecture and be usable
“Architecture overload” is what drives users to
circumvent security architecture, leaving the
organization less secure.
“Architectures, by nature, are constraining.
Organizations should not have to change the
way they do business to accommodate new
security technologies.”Source: 2015 Cisco
Annual Security Report
3. Security must be transparent and informative
If users can’t take a certain action because of
security, they should be told why — and be
offered a safer way to achieve their goals, if
possible.
“VPNs are evolving to provide more visibility,
while producing a more transparent user
experience in order to provide better endpoint
security.”Source: 2015 Cisco
Annual Security Report
4. Security must enable visibility and appropriate action
Security teams need to be able to verify that
the security solutions the organization relies
on are truly effective.
“Endpoint Visibility, Access, and Security (EVAS)
Controls gather actionable intelligence
that can be shared with other security and
network applications to improve
workflows, streamline operations, and
prioritize remediation activity.”Source: 2015 Cisco
Annual Security Report
5. Security must be viewed as a “people problem”
People, processes, and technology together
must form the defense against today’s threats.
Security technologies are merely tools.
“Security teams need to educate users about
safe habits that they should apply no matter
where they are using technology – at the office,
at home, on the road – so they can make good
decisions and feel empowered to seek timely
assistance when they think something is wrong.”Source: 2015 Cisco
Annual Security Report
The Cisco Security Manifesto is a call for change.
In the real world, security technology, policies, and
best practices should raise the average level of security
for everyone in the organization, and help the business
make more informed risk decisions — down to each
individual user.
Learn more about how you can
protect your organization: