Cisco has announced new innovations across the Cisco Security Cloud to better protect their applications, devices, users and data as well as detect, respond and recover faster from incidents.
Securing today’s complex, hyper-distributed digital landscape can no longer be done at human scale, as attacks become more sophisticated and nearly 90 percent of companies around the world say shortage of cybersecurity talent is a real issue, according to Cisco’s 2024 Cybersecurity Readiness Index. Organisations need to rethink security by building natively with AI and challenging long held conventions to tip the advantage in favor of the defenders.
“At the RSA Conference last year, we delivered enhanced customer efficacy and economics through a true platform approach to security with the Cisco Security Cloud. By minimising point-solutions, customers have realized better end-to-end visibility, uncovered actionable intelligence and automation with AI and simplified management with Cisco’s unified security infrastructure,” says Jeetu Patel, executive vice-president and GM for Security and Collaboration at Cisco. “Since then, our security momentum continues to accelerate. With ‘zero to one’ innovation like Cisco Hypershield and strategic acquisitions like Splunk and Isovalent, the power of Cisco’s security platform is supercharged and unmatched.”
Cisco is helping customers defend against the entire attack chain – from detecting and blocking not just known, but also unknown vulnerabilities with Cisco Hypershield, to stopping the increasing barrage of identity attacks with Cisco Duo, and reimagining the security operations center (SOC) with Splunk for security analysts to move faster and make more informed decisions with contextual insights and automated workflows.
As Cisco and Splunk converge their platforms, there are many opportunities to advance security operations including:
* Integrating Cisco Extended Detection & Response (XDR) with Splunk Enterprise Security (ES): Seamlessly feed high-fidelity alerts and detections from Cisco XDR, purpose-built to detect today’s most common attacks such as ransomware and lateral movement, into Splunk ES to accelerate investigation and remediation. The integration allows organisations to utilise the strength of each solution to create a more comprehensive defense strategy that will improve digital resilience.
* Splunk Asset and Risk Intelligence: A critical solution for the SOC of the future, designed to revolutionise proactive risk mitigation through continuous asset discovery and compliance monitoring. This addresses a pressing need for security teams, as they can’t protect what they can’t see.
* Cisco AI Assistant for Security in XDR: Cisco’s unified AI Assistant for Security is now available in Cisco XDR – one year after Cisco shared its vision for reimagining the security analyst experience with AI on-stage at RSAC 2023. The AI Assistant in XDR empowers security analysts of all skill levels to make faster, more informed decisions about evolving threats by offering contextual insights, guided responses, recommended actions and automated workflows.
* New Cloud Detection and Response Capabilities: Cisco’s Panoptica cloud native application protection platform (CNAPP) now harnesses AI and ML to detect and alert security teams to emerging threats within cloud applications in real-time, while GenAI Dynamic Remediation allows teams to resolve issues quickly by providing prescriptive guidance. The new Search Graph Query feature enables granular query and graph visualisations across multi-cloud environments to allow for deeper investigation into cloud security posture to reduce exposure.
Building on last month’s launch of Cisco Hypershield with Distributed Exploit Protection protecting against known vulnerabilities (like CVEs), Cisco is now introducing capabilities to detect and block attacks stemming from unknown vulnerabilities within runtime workload environments. In addition, suspected workloads can be isolated to limit the vulnerability’s blast radius.
With the rise in identity-based attacks, security solutions must evolve from just asking ‘can’ a user access an application. Instead, they need to continuously assess whether a user ‘should’ be able to do what they are doing – and do so without creating friction for the user. Continuing momentum since the recent launch of Cisco Identity Intelligence, Cisco is bringing together phishing-resistant capabilities in Duo to realise its vision for Continuous Identity Security – stopping identity attacks while simultaneously delivering a simpler, more seamless user experience.
* Eliminate Authentication Fatigue with Duo Passport: Minimise repeated authentication requests to provide interruption-free access to everything a workforce needs without compromising security using Duo Passport, a major leap forward in user experience.
* Cisco Identity Intelligence in Duo: Leverage powerful AI-driven analytics to strengthen posture across your workforce identity infrastructure and to assess and respond to identity risk before, during and after login. Now in limited availability, this addition enables customers to implement Continuous Identity Security that reduces security gaps and addresses today’s most common cyber threat.