Join us for the live broadcast of Cybersecurity Insights Live starting Thursday 7 March at 9:30am AEDT. Live sessions including Tech Talks, Threats Insights, Customer and Business Insights

Watch Cybersecurity Insights sessions from our digital broadcast at Cisco Live Melbourne 2019. Click on the session title to view the video and other related content

The Journey to Zero Trust

Cisco Threat Response

Tim Snow (Technical Solutions Architect) hosted by Ben Munroe (Director, Product Marketing)

The home phone rings… You answer.. The panicked voice on the phone says “the systems are all flashing alerts, BIG nasty red ones… We’re under attack” It’s your after-hours Operations team. Looks like you’ll be heading into the office on the weekend… Again. Unless you had Cisco Threat Response. Then your SOC team could have easily taken information from the disparate systems, triaged and taken care of this on their own… In this session we’ll stepping through the capabilities of Cisco’s Cyber Threat Response (CTR) tool, exploring integrations across Cisco and 3rd party systems and running through use cases via demonstrations. We will also be exploring the API and how this tool can be integrated into your existing operational toolset.

Zero-Trust Model: A Model for More Efficient Security

Aaron Woland (Principal Engineer, Distinguished Speaker) hosted by Ben Munroe (Director, Product Marketing)

Zero Trust (ZT). Zero Trust Networking (ZTN). Forester's Zero Trust eXtended (ZTX). Gartner's Continuous Adaptive Risk and Trust Assessment (CARTA), Google's BeyondCorp, Jericho Forum, Cisco Trusted Access. What does any of this really mean to the security practitioner? There is so much marketing hype in our industry today, where everybody who has a security product is now somehow providing you with Zero Trust solutions. Come hear from Aaron Woland, Principal Engineer in Cisco’s Security team, where he will provide clarity to all this noise, and demystify all these terms, and explain how a ZT approach to security can provide for very efficient security and why it is complimentary to a threat-centric security strategy.

Applying Security in a 5G World

Mike Geller (Principal Engineer, Distinguished Speaker) and Pramod Nair (Consulting Systems Engineer)

5G networks will require the data to be delivered faster with lower latency and connect millions of IoT devices using various architectures such as MEC, CUPS, Network Slicing and CRAN. This network transformation of mobile networks brings in various threat surfaces. This session would take the audience through the threat surfaces during the network transformation and how threats can be mitigated using Cisco’s end to end security architecture for Mobile Network Operators. We will focus on securing new evolving architectures such as Distributed architectures (MEC), Network Slicing &V2X. It would also cover aspects of securing virtualized infrastructures including NFVi.

Cisco Domain Protection and Advanced Phishing Protection: Making the Most of the Next Layer in Email Security

Robert Sherwin and Alex Chan (Technical Engineers)

This session will provide Cisco Email Security customers a look into securing their email gateway at the next level with DMARC, DKIM, and SPF technologies that are now available from Cisco Domain Protection and Cisco Advanced Phishing Protection. Customers are encouraged to engage and provide their design and feature challenges.

Firepower Platform Deep Dive

Andrew Ossipov (Principal Engineer, Distinguished Speaker) hosted by Chris Reay (Business Development Manager, Cybersecurity Sales)

This discussion will touch upon key features and benefits of the Firepower multi-services security platforms. It will start with an overview of the key design principles behind Firepower 2100, 4100, and 9300 platforms. The new multi-instance capability on Firepower 4100 and 9300 appliances will be covered as well. Several performance optimization features, such as TLS hardware acceleration and Flow Offload will be addressed. In conclusion, a brief overview of NGFW clustering capability will be presented. Working knowledge of ASA and FirePOWER NGIPS features and deployment scenarios is required; working FTD knowledge is recommended.

A Matter of Trust – Cloud Workload Protection

Remi Philippe (Principal Engineer, Tetration Analytics) hosted by Dave Robbins (Regional Manager, Intent-Based Networking)

Our customers have a workforce always on the go, app workloads in many clouds, and devices outside their control, so knowing who and what to trust is a critical IT security challenge. In this session, we will focus on the implications as it relates to Data Centre and Cloud environments. The reality for many organisations is that genuinely understanding the workloads in their Data Centre – in order to better trust and secure them – is already a challenging task. However, app workloads are becoming increasingly distributed across multiple clouds, developers are accelerating the use of new, highly iterative development models, and architectural approaches including container-based and server-less computing are now reaching production status – meaning that the need for a new approach is more urgent than ever. This session will review practical challenges customers are facing, and review compelling new ideas that are rapidly changing our ability to better protect our application workloads.

Threat Hunting with AMP

Gary Spiteri (Security Engineer, Advanced Threats) hosted by Marc Blackmer (Product Marketing Manager, Cybersecurity)

The last couple of years have been rough on Cyber Security Practitioners as we have all realised that being “protected” isn’t enough – that something bad will happen, regardless of our efforts to protect ourselves against cyber threats. As a result, we need to take onboard a new capability, we need to hunt for the threats that get through, we need be prepared to response to threats in real-time and with confidence. In this Cybersecurity Insights Discussion, we’ll breaking down this response capability, by discussing what’s needed to be able to respond rapidly and with confidence, and how technologies can Cisco AMP can help.

DUO Security: Journey to Zero Trust

Karl Lewis (Solutions Engineer) and Brian Biggs (Virtual Sales Specialist)

It's no secret that the network perimeter is blurry and expanding, so having the ability to secure applications, users, and devices with a zero trust architecture has become increasingly important for organizations. In this presentation, we will discuss how many organizations are achieving zero trust over time by leveraging Duo's platform. We will also present industry best practices when maturing into a zero trust model.

Simplifying IoT Security

Simon Finn (Security Solutions Architect) hosted by Marc Blackmer (Product Marketing Manager, Cybersecurity)

IoT security remains the largest inhibitor to businesses harnessing the innovation and growth potential of digitization. Whether it be deploying new networks and sensors or connecting OT networks, navigating the complexity of IoT security can be daunting, balancing business need against cyber resilience. Join Simon Finn to learn Cisco's view and approach to IoT security. This session will showcase a combination of tools, techniques and adopted frameworks to help manage IoT and cyber risk.

Building an Efficient Security Operations Center

Kerry Singleton (Director of Security Operations, Cybersecurity Sales) and Doug Browne (Director of Security Operations, Advanced Threat Solution)

SD-WAN Security

Sarav Radhakrishnan (Distinguished Software Engineer)

As branches open up to direct cloud connections and run business critical applications over the internet, the traditional approach to securing the WAN, where traffic is back-hauled to the corporate firewall, is inefficient and costly. That’s because traditional WAN platforms were primarily designed to connect branches directly to data centers. They do not have the flexibility to deal with simultaneous connections to multiple cloud platforms, automatically selecting the most efficient and cost-effective routes. Organizations need a comprehensive and flexible software-defined architecture to secure the WAN while simplifying distributed network management and lowering connection costs. In effect, every WAN device must become software defined and secure. Therefore, we launched an advanced SD-WAN security stack with capabilities that solve critical edge security challenges. Cisco is providing IT with highly effective and scalable security for SD-WAN that is easy to manage, deploy, and maintain, enabling businesses to use cloud services of their choice with confidence. Cisco SD-WAN seamlessly connects devices and people to any cloud, providing a superior application experience while delivering consistent unified threat protection from branch to cloud. This session will talk about the use cases and the approach to address the specific use cases around SDWAN security.

Security Analytics in Practice: Detecting Illicit Cryptomining

Matthew Robertson (Principal Engineer, Distinguished Speaker) hosted by Wasim El-Omari

In this session will discuss methods of detecting illicit Cryptomining activity, 2018’s Cyberthreat of the year, leveraging Cisco’s Security Analytic portfolio.

Leveraging Security Feeds to Keep the Threats Away

Raghunath Kulkarni (Technical Services Engineer) hosted by Vasudeva Krishnamurthy (Security Marketing Manager)

Attackers leverage known bad IP's, URL, Domains and Files to get into the network and compromise the target. With Security Intelligence Feeds both from Cisco TALOS and Open Source (STIX and TAXII), comprising of IP,URL,DNS and SHA's we can block the known threat right before they enter your network. With Firepower Threat Defense and Firepower Management Center, we use this information that gets constantly updated for defending the network from the malicious actors.

Session Related Documents & Links

What’s New with Email Security

John Damon (Product Marketing Manager) hosted by Marcelo Bussacarini (Cybersecurity Marketing Manager, APJ)

This session will discuss the latest innovation with the Cisco Email Security product. Topics covered will include Release 12.0, Securing O365, CES data centers in the Asia Pacific region, Cisco Threat Response (CTR) and more.

Hunting Down Cyber Attacks in the Cloud with Cisco Umbrella and Cisco Investigate

Jonathan Noble (Technical Marketing Manager, Distinguished Speaker) hosted by Shaun Coulter (Consulting Systems Engineer)

Cyber criminals are increasingly exploiting internet services to build agile and resilient infrastructures to launch attacks. The internet is an open system, but fragments of data broken up and spread across the web are not immediately visible. And, as more organisations move data and workloads to the cloud, cyber criminals are targeting those cloud services as a new entry point into companies. How can you gain visibility into what attackers are staging for future threats, protect your users anywhere they work, and also uncover the risk your organisation faces with cloud apps? This session explores how Security Analysts and Security Administrators can use Cisco Umbrella and Cloudlock to correlate internet data on multiple levels (DNS, BGP, ASN, Prefixes/IPs, file hashes) to build and deliver a new model of security that is pervasive and predictive, and expose attackers' infrastructure. We’ll also discuss how you can identify and thwart potential attacks against critical SaaS apps being used by your employees.

Are your Endpoints / IoT Assets Safe?

Krishnan Thiruvengadam (Technical Engineer) hosted by Gary Spiteri (Security Engineer, Advanced Threats)

Ransomware and IOT proliferation have exponentially increased the risk of breaches facing most enterprises and have highlighted the need for better visibility and security policy enforcement. Visibility of endpoints and applications is paramount and is often the first step towards securing your network. In this session we cover how Identity Services Engine(ISE) can help you bring visibility of IT and OT assets in your enterprise and reduce the number of unknown endpoints in your network. We will discuss the science behind profiling and how it can help you classify endpoints. We will also look into ways to gain visibility of applications and other contextual data collected through the ISE ecosystem.

NGFWv and ASAv in Public Cloud

Anubhav Swami (Technical Engineer) hosted by Chris Reay (Business Development Manager, Cybersecurity Sales)

This session is focused on securing your workloads in public cloud (Azure and AWS). You can now extend your on-premises security model in public cloud using Cisco NGFWv and ASAv in Azure and AWS.