• Homepage
• Prepare for Work
  • » Cisco Learning Partners
  • » Webinars
  • » Job profiles
    • » Inside Sales Channel Account Manager
    • » Inside Sales Account Manager
    • » IT Support Technician
    • » Systems Engineer II
    • » Systems Engineer Manager
    • » Systems Engineer I
    • » Account Manager
    • » Data Centre Specialist
    • » IT Security
    • » Network Engineer
    • » Sales Manager
• Know the Industry
  • » IT in Focus
    • » Seven Things You May not Know about Video
    • » Borderless Networks
    • » Anti-Spam
    • » Encrypted Email
    • » Packet Tracer 5.0
    • » Going Greener
    • » Product Testing
    • » New Threats
    • » Mobility
    • » Telepresence
    • » Internet Protocol Version 6:
    • » The Home Connection
  • » Webinars
  • » Women in IT
    • » Profile: Vimala Veerappan
    • » Cisco Lycéennes Bureaux
    • » Whats The Big Deal?
    • » Girls Get Networking
• Listen to the Experts
  • » My Week at Work
    • » Lead Instructor
    • » Customer Support Engineer
    • » Systems Engineer
    • » Development Team Manager
    • » Senior Technical Consultant
    • » Principal Support Engineer
    • » Senior IT Project Manager
    • » Snr Quality Assurance Tester
    • » Associate Technical Manager
    • » Web Experience Manager
    • » Software Architect
    • » Call Centre Team Leader
  • » What is my job
    • » Cisco Intern
    • » Former Head of NASA
    • » Chief Technical Officer
    • » Global Head BT
    • » YAHOO founder
    • » Head of Research
    • » Managing Director
    • » Founder and Chairman
• Work for Cisco/Partners
• Job Search
  • » Register
  • » We are Recruiting!
    • » nscglobal
    • » Total Jobs
    • » aap3
    • » Panduit
    • » Dimension Data
    • » StepStone
    • » CommScope
    • » Randstad
  • » I Got a Job
    • » Latin America
      • » Daniel Mendez Chavez
      • » Maria Del Pilar Muñoz
    • » Europe
      • » Youssef Bengelloun-Zahr
      • » Stephane Gouverneur
      • » Toby Henness
      • » Tsiyona Kabada
      • » Aoife Dowling
      • » Claudio Sarto
      • » Daniel Falemo
      • » Concepción Díaz
      • » George Kosnetzof
      • » David Konopek
      • » Dominik Krummenacher
      • » Nir Bar Natan
      • » Ana Dankman
      • » Dawn Breen
      • » Serena Ramovecchi
      • » Martina Marganingsih
      • » Béatrice Rollin
      • » Gordon McCallum
      • » Yann Jouanin
      • » Stefan Angerer
      • » Olga Torstensson
      • » Michele La Rosa
      • » Jorma Heikkinen
      • » Jeroen Wittock
      • » Guillem Vega
      • » Bapi Lagardo
      • » Roger Young
      • » Christophe Fauveau
      • » Figen Ehliz
      • » Chintan Ranchhod
    • » Central and Eastern Europe
      • » Agata Sledzinska
      • » Luděk Veselý
      • » Pavel Stefanov
      • » Mariya Andonova
      • » Kristina Angelova
      • » Yasen Spasov
      • » Cristian Mateiescu
      • » Selim Kolgec
      • » Teodora Spasova
    • » Russia
      • » Alexander Biryukov
    • » Middle East
      • » Nada Al-Ameri
      • » Mohammad Al-Kady
      • » Saïda Aït Mamma
      • » Nevin Mohamed Moheb
      • » Loay Abdulaziz Alayadhi
    • » Africa
      • » Elizabeth Ndegwa
      • » Stephen Ondiek
      • » Ernest Wambari
      • » Kerry-Lynn Thomson
      • » Alfonse Moses Opira
  • » Find Candidates

Philippe Roggebande is Cisco's Security Product Manager for Emerging Markets.

"A Hacker is a general term in computing that refers to a computer programmer who takes advantage of the faults in the design of computer software or hardware (commonly referred to as "weaknesses") in order to:

• gain further knowledge about the internal workings of the software or hardware,
• gain access to some previously locked or hidden function of the software or hardware,
• disable some previously functioning part of the software or hardware so that it no longer works in the way it was originally intended, or
• command the software or hardware to perform an additional task that it was not originally designed to do." Wikipedia.

[ back to top ]

Hackers themselves are changing. Modern attacks are overwhelmingly motivated by money. As more and more transactions move online, a parasitic threat economy has grown around them.

We now have producers of malware (spy programmes - trojans, worms and so on) who sell their production (often paid with stolen credit card details) to middle men - they implement distributed infrastructure composed of 'zombies' installed on unaware users' PCs. Zombies are rented out for denial of service attacks or mass identity theft. The key driver here is profit.

[ back to top ]

• Writers: skilled programmers who the write attack code and tools [widely known as exploits].
• 1st Stage Abusers: use the writer's tools to attack and control computers, and harvest information useful for scams.
• Middle-men: help to sell control of compromised computers. Broker stolen information.
• 2nd Stage Abusers: generate revenue by spamming, extortion through DoS attack, installing adware, etc. These are the end-users of the compromised computers, and stolen data, sold by middle-men.

Reacting to attacks is now a routine part of network management, not a rare one-off event. And the way networks are defended is by adapting to cope with this.

[ back to top ]

Security professionals are adopting formalised processes to identify attacks. As exploits are identified, security products can use rules can detect and block them. Firms like Cisco maintain vast attack signatures database for their security products.

New threats are constantly emergings: the evolutions of existing threats, like Word macros viruses - which are "often bug fixes of old exploits - and threats targeting security gaps new immature technologies, such as RFID hacks, or viruses attacking mobile phones.

A good source of information here is http://www.wisdom.weizmann.ac.il/%7Eyossio/rfid/. It shows that RFID tags could be deactivated with a normal mobile phone.

[ back to top ]

To keep pace, today's network administrators have to consider their systems as a whole. Security needs to be built into infrastructure in the same way that management systems are. For each type of threat, there is a defence mechanism, or combination mechanisms which can be used to control it. The basic tools of a good security system are:

• Firewalls to secure IP infrastructure
• VPNs to protect remote access links
• Intrusion Prevention Systems to block known attacks
• Monitoring tools such as MARS to identify attacks in progress
• Even unknown attacks can be guarded against simply by recognizing abnormal system behaviour.

[ back to top ]

Security is a multi-million dollar business. It is integral to the health and prosperity of any business, large or small. Network Security remains the critical differentiator between a world class profession network and the rest.

As a network security manager, the world needs your skills.

Cisco has a wealth of information about security applications, the technology behind them, case studies and impact on the industry. Just go to http://www.cisco.com/web/about/ciscoitatwork/case_studies/security.html

• Twitter
• Delicious
• Digg
• Facebook
• Send to a friend