Regain the Upper Hand with Cisco's Automated Ransomware Recovery

By Greg Tavarez, TMCnet Editor  |  August 10, 2023

The Cisco (News - Alert) Talos Incident Response team responded to the highest number of ransomware engagements in more than a year during the second quarter of 2023. Ransomware accounted for 17% of the total number of engagements responded to in Q2 2023, an increase compared to 10% last quarter.

Based on what the Cisco team found, traditional security measures are often inadequate against the sophisticated tactics used by modern cybercriminals. A platform approach is the way to go as it provides a comprehensive and coordinated strategy, integrating various tools, technologies and resources to prevent, detect, respond to and recover from cyberattacks.

This approach is crucial due to the complexity of the evolving threat landscape, enabling organizations to respond quickly, integrate security measures, automate processes and continuously improve their defenses based on the latest threat intelligence. By adopting a platform approach, stakeholders can effectively counter the exponential growth of ransomware and cyber extortion, minimizing the impact of these attacks and maintaining a strong defense against adversarial forces.

Cisco has a vision to build a resilient and open cybersecurity platform that can withstand ransomware assaults and recover with minimal impact, ensuring uninterrupted business operations. Taking a step closer to that goal, Cisco enhanced its extended detection and response, or XDR, solution by adding recovery to the response process. Now, Cisco XDR is redefining what customers should expect from security products.

Cisco XDR takes the fight to the assailants, offering unified visibility regardless of the vendor or attack method. It uncovers intricate threats employing various tactics, techniques and procedures across numerous control points, simplifying incident response.

The platform prioritizes actions utilizing AI and machine learning, delivering risk- and impact-based rankings along with threat correlation, allowing effective response to what truly holds significance. It also enhances productivity through automation and expert guidance, enabling the SOC team to confidently remediate threats and elevate their capabilities.

"As a global infrastructure provider that built the network, Cisco is redefining what a security product should deliver,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Our innovations with automated ransomware recovery are a significant step towards achieving truly unified detection and response data, turning security insights into action."

With the enhancements, Cisco is expanding its initially released, extensive set of third-party XDR integrations to include leading infrastructure and enterprise data backup and recovery vendors. Cisco announced the first integration of this kind with Cohesity (News - Alert)'s DataProtect and DataHawk solutions.

Cohesity is known for its innovative data backup and recovery solutions, offering configurable recovery points and mass recovery for systems under protection plans. The latest enhancements build upon this foundation, allowing the preservation of potentially infected virtual machines for future forensic analysis.

This simultaneous protection of data and workloads, developed collaboratively with Cisco, results in a more secure environment. By integrating with Cisco XDR's detection, correlation and response capabilities, this collaboration delivers accelerated data protection response and automated recovery, benefiting organizations seeking a stronger security posture.

“Cisco and Cohesity have partnered to help enterprises around the world strengthen their cyber resilience," said Sanjay Poonen, Cohesity President and CEO. "Our first-of-its-kind proactive response is a key piece of our data security and management vision, and we're excited to bring these capabilities to market first with Cisco."

Cisco XDR is available globally to simplify security operations in today's hybrid, multi-vendor, multi-threat landscape.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]