Cisco UK & Ireland Blog

7 Points where Security and Software Meet

March 3, 2017

Cybersecurity took centre stage at Cisco’s premiere event for customers and partners in Europe last week: Cisco Live in Berlin. With 45% of UK organisations reporting that their systems were down for over 8 hours after a severe data breach in 2016 (in other countries this is much lower at 34%), it’s clear that there’s more to do to prepare ourselves against the tactics of today’s cyber criminals – specifically, preparing for what happens should an attack make it’s way in.


One of the reasons why the UK suffers more downtime could be because 1 in 3 organisations here receive more than 50,000 security alerts…and that’s on a daily basis. How are organisations supposed to figure out what’s getting in when faced with such a barrage of data?

We need to make things simpler – and that’s what we’re doing with our software offering as well – Cisco One. Purchasing and maintaining license agreements can get complicated, so here are seven ways where Security and Software meet, to make the lives of our customers that little bit simpler and easier.

1) Twenty-seven percent of connected third-party cloud applications introduced by employees into enterprise environments in 2016 posed a high security risk. Open authentication (OAuth) connections touch the corporate infrastructure and can communicate freely with corporate cloud and software-as-a-service (SaaS) platforms after users grant access. (Cisco Annual Security Report)

2) With Cisco One our customers benefit from software version updates automatically, without needing to repurchase. No more legacy software in your network! Vulnerabilities in middleware—software that serves as a bridge or connector between platforms or applications—are becoming more apparent, raising concerns that middleware is becoming a popular threat vector. Many enterprises rely on middleware, so the threat could affect every industry. During the course of a Cisco® project, our threat researchers discovered that a majority of new vulnerabilities examined were attributable to the use of middleware. With Cisco One you can now add specific security bundles like Threat Defence for Data Centre, Threat Defence for WAN & Edge or Policy & Threat Defence for Access, allowing you to specifically protect your infrastructure and base operating system.

3) The cadence of software updates can affect user behaviour when it comes to installing patches and upgrades. According to our researchers, regular and predictable update schedules result in users upgrading their software sooner, reducing the time during which adversaries can take advantage of vulnerabilities.

4) Workers want to improve their productivity and stay connected while on the job. But these shadow IT applications create a risk for enterprises. They touch the corporate infrastructure and can communicate freely with the corporate cloud and software-as-a-service (SaaS) platforms as soon as users grant access through open authentication (OAuth). These apps can have extensive—and, at times, excessive—access scopes. They must be managed carefully because they can view, delete, externalise, and store corporate data, and even act on behalf of users. Cisco ONE combined with a license agreement options such as Advanced or Enterprise Licensing Agreement (ELA) gives you a new level of flexibility in how to consume and use the software you need at your business pace.

5) Cisco researchers, while looking for vulnerabilities in third-party software, discovered an average of 14 new vulnerabilities in software per month. Cisco now allows you to manage all your software licenses as a single package with either an advanced or enterprise license agreement, with a single regular renewal date.

6) For software, the level of use seems to also be an indicator of its vulnerability. When users do not access software often and therefore aren’t aware of the need to patch and upgrade it, the ignored software provides space and time for attackers to operate – highlighting the importance of consolidating your software!

7) Similar questions should be asked about the software and hardware compatibility problem. As compatibility issues multiply, how many different versions of software and hardware—most of which may not be operating effectively— must be managed? And how will security teams handle the multiple certification requirements needed? Cisco ONE allows you to decouple the hardware from the software allowing license portability. Cisco offer mid-cycle refresh packages that take account of your existing hardware and software to enable you to migrate without ripping and replacing hardware that still has years of service left in it. This will reduce your CapEx because hardware refresh will be cheaper. While your Cisco ONE software license and associated annual support becomes predicable OpEx spend.

With about 50 billion devices expected to be connected to the internet by 2020, the enterprise security perimeter is now eroding. There are more entry points than before, and some of these represent blind spots. Also, with more attack surfaces, organisations are deploying more security point products, which in turn makes implementing new policies or even tweaking them a tedious process. But with Cisco ONE comes an advanced security framework, which makes it easier to fortify an organisation’s data centre, WAN and access with simple, predefined suites of key security products and services. This again demonstrates the power of simplicity afforded by Cisco ONE.

More information about Cisco ONE and how it can be a valuable and flexible tool for you to buy software for your data centre, WAN, and access domains can be found on our website.

Leave a comment