The National Academies Press

Currently Skimming:

5 Cisco's Approach to Software Updates
Pages 30-35

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 30... ... As a center for security innovation, his teams also develop embedded security technologies, which are deployed broadly across Cisco's full portfolio. Examples of these technologies, which are mandated by CSDL, include CiscoSSL, trust anchor modules, secure boot, and image signing, as well as many other hardware- and software-based security technologies. Read the entire page →
From page 31... ... CISCO'S APPROACH TO ADDRESSING VULNERABILITIES Paradise detailed how Cisco handles security incidents. Vulnerabilities can be identified through a variety of mechanisms, including internal testing and validation, customer notification, or open-source notification. Read the entire page →
From page 32... ... Tens of thousands network infrastructure of products were affected, and because of that large companies to create number, it took a long time to complete all the necessary verifications. relationships with IoT Forum Chair Fred Schneider asked Paradise providers to improve to describe the extent to which Cisco controls its software and how it is used, and the extent to which device security. Read the entire page →
From page 33... ... He suggested that companies might overcome this limitation by working together to scan devices for security issues or breaches as an added service to companies and individuals, thus increasing transparency and alerting Internet service providers to potentially harmful traffic. Paradise agreed that these issues present an opportunity for Cisco and other network infrastructure companies to create relationships with IoT providers to improve device security, including a multi-tier "IoT ready" certification program. Read the entire page →
From page 34... ... Richard Danzig, Johns Hopkins University Applied Physics Laboratory, asked about the role of psychology in determining how people perceive security. He pointed to the cognitive psychologists Amos Tversky and Daniel Kahneman (whose collaboration is the subject of the recent Michael Lewis book The Undoing Project2) Read the entire page →
From page 35... ... Paradise suggested that part of the solution is that customers need to be taught better questions to ask about security features when they are buying new equipment. While software companies are motivated to incorporate new features into their software in order to woo customers and grow revenue, unfortunately, "we don't have a large base of our customers asking for those security features," he said. Read the entire page →

From page 30...

... As a center for security innovation, his teams also develop embedded security technologies, which are deployed broadly across Cisco's full portfolio. Examples of these technologies, which are mandated by CSDL, include CiscoSSL, trust anchor modules, secure boot, and image signing, as well as many other hardware- and software-based security technologies.

Read the entire page →

From page 31...

... CISCO'S APPROACH TO ADDRESSING VULNERABILITIES Paradise detailed how Cisco handles security incidents. Vulnerabilities can be identified through a variety of mechanisms, including internal testing and validation, customer notification, or open-source notification.

Read the entire page →

From page 32...

... Tens of thousands network infrastructure of products were affected, and because of that large companies to create number, it took a long time to complete all the necessary verifications. relationships with IoT Forum Chair Fred Schneider asked Paradise providers to improve to describe the extent to which Cisco controls its software and how it is used, and the extent to which device security.

Read the entire page →

From page 33...

... He suggested that companies might overcome this limitation by working together to scan devices for security issues or breaches as an added service to companies and individuals, thus increasing transparency and alerting Internet service providers to potentially harmful traffic. Paradise agreed that these issues present an opportunity for Cisco and other network infrastructure companies to create relationships with IoT providers to improve device security, including a multi-tier "IoT ready" certification program.

Read the entire page →

From page 34...

... Richard Danzig, Johns Hopkins University Applied Physics Laboratory, asked about the role of psychology in determining how people perceive security. He pointed to the cognitive psychologists Amos Tversky and Daniel Kahneman (whose collaboration is the subject of the recent Michael Lewis book The Undoing Project2)

Read the entire page →

From page 35...

... Paradise suggested that part of the solution is that customers need to be taught better questions to ask about security features when they are buying new equipment. While software companies are motivated to incorporate new features into their software in order to woo customers and grow revenue, unfortunately, "we don't have a large base of our customers asking for those security features," he said.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

5 Cisco's Approach to Software Updates Pages 30-35

5 Cisco's Approach to Software Updates
Pages 30-35