Articles
Silent Risk? Why We Must Upgrade Network Software 
The longer a network goes without upgrades and attention, the longer the list of accumulated exploits to which it may be vulnerable.
CSO said Cisco security is growing up
In this Networkworld article, CSO John Stewart describes how Cisco is handling the growing pains associated with protecting the enterprise.
Secrets stolen? No, just the intellectual property
Cisco senior security advisor provides a humorous and frustrating account of how his own intellectual property has been stolen.
Believing That Technology Alone Can Solve All Security Woes
CMP's ChannelWeb Network article wherein John Stewart provides perspective on the "Dangerous Security Mistakes That Can Take Your Company Down."
Creating the Culture of Security: Cisco Systems Offers 10 Tips for Building a Business of Pervasive Security (PDF - 340 KB)
Supplement in the August 2006 issue of CSO Magazine
Disclosure of Vulnerabilities
Executive perspective article by John Stewart on the topic of responsible vulnerability disclosure.
Experts who keep computers safe just as vigilant guarding their kids online 
John Stewart stands on the front line of the war on spam, viruses, botnets, phishing scams and all manner of other online threats at work and home.
How to Combat Five Network Security Compliance Risks
Web article from November 2007 CSO Online wherein Atchison Frazer and Brian Dennis provide practical ideas for "court-proof" security in areas of common corporate weakness.
Innovation and its Implications for Security: CSOs do their part to minimize risk and bring innovation to fruition (PDF - 3.9 MB)
Supplement in the December 2007 issue of CSO Magazine.
On Their Toes
Fed Tech describes how technology companies make sure employees always have security on the brain.
Precision security fighting at Cisco
CSO John N. Stewart worries most about stealthy, targeted attacks -- Forget those mass-mailer Trojan horses.
Protecting Critical Infrastructure (PDF - 205 KB)
Supplement in March 2007 issue of CSO Magazine
Security Meets Total Quality Management
Executive perspective article by Jeff Platon on using TQM methods to measure security perceptions.
The Best Defense: The Evolution of the Self-Defending Network (PDF - 198 KB)
CSO magazine supplement regarding the current threat landscape and how the Self-Defending Network (SDN) 3.0, including wide traffic inspection, is an effective approach to security in this landscape.
The Evolving Role of the Chief Security Officer — and 5 Secrets to CSO Success (PDF - 280 KB)
Supplement in the October 2006 issue of CSO Magazine
What Every Company Must do to Safeguard Business Data and Resources
John N. Stewart discusses essential security practices.
Brochures
Cisco Security Awareness (PDF - 530 KB)
This brochure shows how to create an effective security culture through awareness.
Podcasts
The Evolving Security Landscape part 2: Securing the Collaborative Enterprise
Cisco Vice President and Chief Security Officer John N. Stewart and Professor Andrea M. Matwyshyn of The Wharton School at the University of Pennsylvania discuss the enterprise-security impact of Web 2.0 and collaboration tools.
The Evolving Security Landscape part 1: Current Trends and Threats
Cisco Vice President and Chief Security Officer John N. Stewart and Professor Andrea M. Matwyshyn of The Wharton School at the University of Pennsylvania discuss the business, regulatory, and legal impact of the current network security environment.
Embedding a Culture of Security into Your Organization
Bob Bragdon, publisher of CSO Magazine, interviews John Stewart, Cisco vice president and chief security officer, on how CSOs must focus on building a "culture of security" to make their organizations more secure.
Federal News Radio's "Ask the CISO" radio program
John Stewart was interviewed on Federal News Radios "Ask the CISO" program on June 21 where he shared his personal insight into Cisco's Security practices and discussed how the federal government could benefit from commercial best practices for security.
Global Infrastructure Security - Public-Private Partnerships
Chief Security Officer John N. Stewart explains the value of public-private partnerships in building and protecting public sector infrastructures.
Good Governance Deserves Good Security
Join John N. Stewart, Vice President and Chief Security Officer at Cisco, for a candid and interactive audio Q&A on IT security.
Risky Business (61 mins) (MP3 - 18.3 MB)
CSO John Stewart keynotes on the importance of embedding security to minimize risk at a federal government information security conference in Washington D.C.
The Evolving Role of the CSO
Bob Bragdon, publisher of CSO Magazine and Brad Boston, senior vice president of the Cisco Global Government Solutions Group, discuss how the role of the CSO is changing to focus on creating a pervasive security culture in the enterprise.
The Evolving Security Landscape Part 1: Current Trends and Threats (13:06 mins)
Cisco Vice President and Chief Security Officer John N. Stewart and Professor Andrea M. Matwyshyn of The Wharton School at the University of Pennsylvania discuss the business, regulatory, and legal impact of the current network security environment.
The Evolving Security Landscape part 2: Securing the Collaborative Enterprise (15:53 mins)
Cisco Vice President and Chief Security Officer John N. Stewart and Professor Andrea M. Matwyshyn of The Wharton School at the University of Pennsylvania discuss the enterprise-security impact of Web 2.0 and collaboration tools.
The Role of Public-Private Partnerships
CSO Magazine publisher Bob Bragdon speaks with Cisco VP and CSO John N. Stewart about the benefits of public-private partnerships between businesses and law enforcement/government.
Total Quality Security Management (Part 1) (6:55 mins) (MP3 - 4 MB)
MIT researchers found gaps between the perceived importance of security and the success of security efforts in corporations.
Total Quality Security Management (Part 2) (7:37 mins) (MP3 - 4.5 MB)
Remote workers regularly engage in risky online behavior, despite being aware of the security consequences they pose to their employers and themselves.
Total Quality Security Management (Part 3) (5:26 mins) (MP3 - 3.1 MB)
What defines good security? Companies having well-integrated technology and business teams that communicate openly about risk and business needs.
United We Stand: Collaborating on Security (Part 1)
Network World correspondent Mark Gibbs interviews John Stewart, to examine why traditionally guarded companies increasingly need to share information and resources to best protect their intellectual property and assets.
United We Stand: Collaborating on Security (Part 2)
In part II, John N. Stewart continues to show why there is an increasing need to share information and resources with customers, suppliers, vendors and even competitors to protect intellectual property and assets.
What Every Company Must do to Safeguard Business Data and Resources (Part 1) (9:36 mins) (MP3 - 8.79 MB)
John N. Stewart, Cisco VP and CSO, talks about how security issues are getting more severe, and what organizations can do to safeguard valuable business assets.
What Every Company Must do to Safeguard Business Data and Resources (Part 2) (9:31 mins) (MP3 - 8.72 MB)
In part II, John N. Stewart further discusses what organizations can do to safeguard valuable business assets.
Videos
Preventing Data Leakage (Part 1)
Learn from Cisco security experts about common mistakes that lead to data loss.
Preventing Data Leakage (Part 2)
Cisco security experts explore new policies and procedures for minimizing data loss.
Preventing Data Leakage (Part 3)
Discover how to minimize risk associated with insider threats to data with tips from Cisco security specialists.
Cisco Security Champions
This award-winning training—tied to the Cisco Code of Business Conduct and meeting law mandates for security awareness training—educates users on specific proactive behaviors needed to protect Cisco and you.
Total Quality Security Management (Part 1)
Bob Gleichauf, John Stewart, and Jeff Platon discuss the MIT research showing gaps between the perceived importance of security and successful security efforts.
Total Quality Security Management (Part 2)
Remote workers regularly engage in risky online behavior, despite being aware of the security consequences they pose to their employers and themselves.
Total Quality Security Management (Part 3)
Bob Gleichauf, John Stewart, and Jeff Platon describe the companies that are doing the best job instilling a strong culture of security in their organization.
We are the Targets
This 2006 Marcom Creative Award winning video stresses the importance of information and physical security awareness at large venues.
White Papers
Integrated Security Architectural Framework white paper (PDF - 310 KB)
Cisco implements an integrated IT security framework that ties business processes to risk while identifying gaps in regulatory standards, industry standards, and security policy compliance.
Vulnerability Analysis and Best Practices for Adopting IP Communications (PDF - 337 KB)
This paper describes issues relative to IP Communications security and the tools, techniques and technologies available to mitigate the challenges.
Cisco 2007 Annual Security Report (PDF - 501 KB)
The report covers seven major security risk categories with recommendations from Cisco security experts and predictions of how identified trends will continue to unfold in 2008.
Business Resiliency: Making Risk and Recovery a Major Component of Business Strategy (PDF - 147 KB)
Considerations for business resiliency include safeguarding employees, protecting the company's market, stakeholders, reputation, as well as maintaining critical business operations.
Intellectual Property and Beyond: Why Protecting It Is Everyone's Business (PDF - 200 KB)
By considering the entire ecosystem of trust relationships both inside and outside the organization, a company can do a better job of protecting its most important assets: the innate qualities that make the business unique, viable, and valuable.
Measuring and Evaluating an Effective Security Culture (PDF - 300 KB)
Today's businesses need to continually measure and assess the effectiveness of their security efforts. Defining metrics for measuring the effectiveness of a security culture requires a closer look at the dynamics of the organization.
Perceptions and Behaviors of Remote Workers
New study provides the keys for building a secure enterprise.
