Kathy Gibson reports – Artificial intelligence (AI) is dominating the headlines today, but the technology to power the revolution is still being developed – and it is largely still unsecured.
“This is one of the largest platform shifts most of us have experienced in our lifetimes,” says Jeetu Patel, executive vice-president and GM of security and collaboration at Cisco.
While most of us haven’t seen much change since ChatGPT burst on to the scene 18 months ago, there is going to massive change and shifts in the way we work in the medium term, he adds.
For instance, digital agents living in data centres will be available to help workers, and they will operate very differently to how we imagine.
“You can’t address the structural shifts that are coming by changing the things we do already,” Patel. “You have to reimagine everything.”
We haven’t been able to reimagine these things, he adds, because the underlying building blocks have not as yet been available. “But we have some of these building blocks now, that will let us address the problems of the future.”
The first challenge we need to face is security, Patel says. Security issues span the entire ecosystem and can be extremely complicated.
Segmentation and isolation is a major challenge to securing systems, thanks to the proliferation of microservices and multiple platforms.
Meanwhile, the time it takes for an exploit to be executed has shrunk to single-digit days and may shrink further to hours or minutes, says Patel. Since a patch can take up to 45 days, there is a big gap.
And upgrades are hard, especially on outdated infrastructure, he points out. Critical infrastructure is being attacked constantly because it is often not updated.
Those three big challenges need to be solved. “They are all solvable problems,” Patel says. “Foundational solutions are now available, so we can do these things today.”
Cisco is calling its newly-announced Hypershield solution to the security issues the biggest single announcement in its history.
Hypershield is built with technology originally developed for hyperscale public clouds and is now available for enterprise IT teams of all sizes. More a fabric than a fence, Patel says Hypershield enables security enforcement to be placed everywhere it needs to be: every application service in the datacentre; every Kubernetes cluster in the public cloud; every container and virtual machine (VM). It can even turn every network port into a high-performance security enforcement point, blocking blocks application exploits in minutes and stopping lateral movement.
Security enforcement with Hypershield happens at three different layers: in software, in virtual machines, and in network and compute servers and appliances, leveraging the same powerful hardware accelerators that are used extensively in high-performance computing and hyperscale public clouds.
Hypershield is built on three key pillars:
* AI-native: Built and designed from the start to be autonomous and predictive, Hypershield manages itself once it earns trust, making a hyper-distributed approach at scale possible.
* Cloud-native: Hypershield is built on open source eBPF, the default mechanism for connecting and protecting cloud-native workloads in the hyperscale cloud. Cisco acquired the leading provider of eBPF for enterprises, Isovalent, earlier this month.
* Hyper-distributed: Cisco is reimagining how traditional network security works by embedding advanced security controls into servers and the network fabric itself. Hypershield spans all clouds and leverages hardware acceleration like Data Processing Units (DPU) to analyse and respond to anomalies in application and network behavior. It shifts security closer to the workloads that need protection.
Patel says Hypershield can be defined as AI-native cloud-first infrastructure for security, built for today’s era of hyperscale data centres. “We can now take security to where the infrastructure is – regardless of what or where it is.
“This changes not just how we have built a product and brought it to market, but the face of security, and the posture of organisations,” he adds. “Our core underlying proposition is embedding security into the fabric of data centres, whether public or private.
“You will never have to upgrade your infrastructure again.”
Craig Connors, vice-president and chief technology officer of security engineering at Cisco, explains that Hypershield does upgrades by introducing a digital twin at every enforcement point.
“That allows us to test every possible thing that can happen, anywhere.”
Hypershield is expected to solve three key customer challenges in defending against today’s sophisticated threat landscape:
* Distributed Exploit Protection: Attackers are adept at weaponising newly published vulnerabilities faster than defenders can patch. With defenders seeing nearly 100 new vulnerabilities every day, according to Cisco Talos Threat Intelligence, this can lead to catastrophic results. Hypershield delivers protection in minutes by automatically testing and deploying compensating controls into the distributed fabric of enforcement points.
* Autonomous Segmentation: Once an attacker is in the network, segmentation is key to stopping their lateral movement. Hypershield perpetually observes, auto-reasons and re-evaluates existing policies to autonomously segment the network, solving this in large and complex environments.
* Self-qualifying Upgrades: Hypershield automates the incredibly laborious and time-consuming process of testing and deploying upgrades once they are ready, leveraging a dual data plane. This completely new software architecture allows software upgrades and policy changes to be placed in a digital twin that tests updates using the customer’s unique combination of traffic, policies and features, then applying those updates with zero downtime.
Built into the Security Cloud, Cisco’s unified, AI-driven, cross-domain security platform, Cisco Hypershield is expected to be generally available in August 2024.
Cisco is also collaborating with Nvidia to build and optimise AI-native security solutions to protect and scale the data centres of tomorrow.
This collaboration includes leveraging the Nvidia Morpheus cybersecurity AI framework for accelerated network anomaly detection, as well as Nvidia NIM microservices for powering custom security AI assistants for the enterprise. Nvidia’s class of converged accelerators combine the power of GPU and DPU computing, to augment Cisco Hypershield with robust security from cloud to edge.
Frank Dickson, group vice-president: security and trust at IDC, believes there are three fundamental problems that security professionals have to deal with.
The first is complexity and risk, which is the flip side is competitive advantage.
The second is the threat landscape. “This grows continually and is not something we control,” says Dickson. “But what is often unappreciated is the gap between exploits and patches.”
The scale of the issue is the third major challenge – as risks grow exponentially, organisations can’t add resources exponentially, and the move to edge computing makes security hard to manage centrally.
“We have to change and do things differently,” says Dickson. “And, for me, that is the essence of this announcement.”