Cisco Fortifies Security Cloud with AI-Powered Innovations

By Greg Tavarez, TMCnet Editor  |  May 15, 2024

We’ve gotten to the point where the cybersecurity landscape has outpaced traditional security methods reliant on human intervention; that much is for certain. According to the 2024 Cisco Cybersecurity Readiness Index, nearly 90% of companies globally struggle with a cybersecurity skills gap. This talent shortage coincides with a rise in sophisticated cyberattacks, which only makes it increasingly difficult for organizations to defend themselves.

To address this challenge, a fundamental shift in security strategy is necessary. Organizations must move beyond reactive, perimeter-based defenses and embrace a proactive approach built on AI. Integrating AI natively into security systems automate threat detection, analysis and response at a scale unimaginable for human teams. This allows security professionals to focus on strategic initiatives and incident management, maximizing their expertise.

This transition requires challenging long-held security conventions. The older notion of a single, well-defined security perimeter is no longer effective in today's hyper-distributed digital environment. By leveraging AI and automation, organizations will establish a more dynamic and comprehensive security posture that adapts.

In that vein, Cisco announced advancements across its Cisco (News - Alert) Security Cloud platform, designed to safeguard organizations in the age of AI. These new features strengthen Cisco's unified, AI-driven security platform by allowing companies to fortify application, device, user and data protection while accelerating incident detection, response and recovery.

Cisco's approach tackles the entire attack lifecycle. Cisco Hypershield thwarts known and unknown vulnerabilities, while Cisco Duo safeguards against the growing threat of identity attacks. Furthermore, the company's integration with Splunk (News - Alert) transforms the SOC.

The combined power of Cisco and Splunk offers the industry a comprehensive threat prevention, detection, investigation and response platform. This solution leverages cloud, endpoint traffic and Cisco's network visibility to provide unmatched threat awareness.

Real-time, high-fidelity alerts and threat detections from Cisco XDR (specifically designed to identify prevalent attacks like ransomware) are integrated with Splunk ES. Organizations will leverage the strengths of both platforms for a more comprehensive defense strategy and enhanced digital resilience.

Splunk Asset and Risk Intelligence provides proactive risk mitigation through continuous asset discovery and compliance monitoring. This addresses a need for security teams who cannot effectively protect what they cannot see.

Cisco's AI Assistant for Security is now integrated within XDR. This AI-powered tool allows security analysts of all experience levels to make informed decisions regarding evolving threats by providing contextual insights, guided responses, recommended actions, and automated workflows.

Cisco’s new enhancements also boost cloud detection and response.

Cisco's Panoptica cloud-native application protection platform, CNAPP, now uses AI and machine learning to detect and alert security teams to emerging threats within cloud applications in real-time. Additionally, GenAI Dynamic Remediation will let teams rapidly resolve issues through prescriptive guidance. The new Search Graph Query feature facilitates granular query and graph visualization across multi-cloud environments.

Furthermore, Cisco protects organizations against unknown vulnerabilites.

The time window between vulnerability discovery and exploitation is shrinking rapidly. Traditional security methods struggle to defend against increasingly sophisticated data center threats, especially those exploiting unknown vulnerabilities.

Building upon the recent launch of Cisco Hypershield with Distributed Exploit Protection for known vulnerabilities, Cisco now introduces capabilities to detect and block attacks stemming from unknown vulnerabilities within runtime workload environments. Plus, suspected workloads can be isolated to minimize the potential damage.

Cisco Hypershield is used to secure data centers and clouds in response to the heightened demands of the AI revolution on IT infrastructure. This comprehensive solution safeguards applications, devices and data across public and private data centers, clouds and physical locations.

Lastly, for this round of enhances, Cisco allows for frictionless user protection with continuous identity security

Building on the recent launch of Cisco Identity Intelligence, Cisco integrated phishing-resistant capabilities within Duo to realize its vision for Continuous Identity Security. This approach disrupts identity attacks while delivering a simpler, more user-friendly experience.

Duo Passport minimizes repeated authentication requests and provides uninterrupted access to essential applications without compromising security. With Cisco Identity Intelligence in Duo, organizations will use AI-driven analytics to strengthen their workforce identity infrastructure and assess and respond to identity risks throughout the login process, from pre-login to post-login.

“By minimizing point-solutions, customers have realized better end-to-end visibility, uncovered actionable intelligence and automation with AI and simplified management with Cisco's unified security infrastructure,” said Jeetu Patel, Executive Vice President and General Manager for Security and Collaboration at Cisco. “Since then, our security momentum continues to accelerate. With 'zero to one' innovation like Cisco Hypershield and strategic acquisitions like Splunk and Isovalent, the power of Cisco's security platform is supercharged and unmatched.”

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]