 |
| Source: Cisco. Cisco has made a number of innovation and partnership announcements directed at securing AI. |
Cisco has made several innovation and partnership announcements that will help secure and harness the power of AI. An increasingly sophisticated threat landscape combined with an expanding talent shortage means the need has never been greater for machine scale security and response, the company said.
According to Cisco’s upcoming 2025 Cybersecurity Readiness Index, companies worldwide underestimate the complexities of securing AI, with 86% saying their organisations have experienced AI-related security incidents in the past 12 months. These announcements further its commitment to developing these AI security capabilities for customers through ecosystem partnerships and for the broader community through open-source security models and tooling.
“The cybersecurity threat landscape has never been more dynamic and complex, with adversaries constantly emboldened and enabled by AI to drive new attacks and exploits,” said Jeetu Patel, Executive VP and Chief Product Officer, Cisco.
“To fight back, understaffed security operations and IT leaders need AI power of their own. Cisco is continuing its mission to secure AI and leverage AI for security with novel open-source models and tools, new AI agents, and IoT advancements, alongside the full breadth of the Cisco Security Cloud. Together, these innovations will help level the playing field and deliver AI innovation that makes all businesses more secure.”
Improved threat detection and response
Cisco XDR addresses this challenge of too many threat alerts by correlating telemetry across network, endpoint, cloud, email, and more, using agentic AI to surface what matters most to organisations. Integrating several new features, Cisco XDR will deliver decisive, AI-powered responses to stop attacks faster than ever, the company said.
The new Instant Attack Verification integrates data from the Splunk platform, endpoints, networks, threat intelligence, and more – and uses agentic AI to automatically create and execute tailored investigation plans. This feature swiftly investigates, confirms threats, and enables security teams to automate responses with confidence to stop attacks.
New automated XDR Forensics capabilities provide deeper visibility into endpoint activity, increasing the accuracy of investigations. Additionally, a new XDR Storyboard visualises complex attacks, empowering security teams to understand threats in seconds and respond faster.
To further help organisations strengthen their digital resilience, Splunk Enterprise Security (ES) and Splunk SOAR 6.4 enhance defenses against known and unknown threats for better visibility, accurate detections, and integrated and automated workflows that increase efficiency. Organisations that combine Splunk ES and SOAR with Cisco XDR will gain enhanced network visibility and detection to expedite investigations and stay ahead of threats.
With this breadth of solutions, Cisco helps organisations build a security operations centre (SOC) of the future that harnesses agentic AI to identify threats faster, accelerate resolutions, and realise productivity gains, the company said. Splunk SOAR 6.4 is generally available, and Splunk Enterprise Security 8.1 will be available in June.
“Cisco XDR has fundamentally changed how we deliver security services, and we're eager to leverage the enhancements in our vision for the future,” said Omar Zarabi, CEO, Port53, which has customers around the world.
“Building on its network-centric and open XDR approach, the emphasis on clarity, decisiveness, and speed – delivered through Instant Attack Verification powered by agentic AI, and automated XDR Forensics – will further streamline our operations and deliver even better results for our customers.”
"Cisco XDR aims to address key challenges in the SOC with its focus on Clear Verdict. Decisive Action. AI Speed,'" said Frank Dickson, Group VP, Security & Trust, IDC.
"The combination of Instant Attack Verification, XDR Storyboard visualisations, and automated XDR Forensics offers a streamlined approach to threat management. The effectiveness of these features in improving security outcomes will depend on real-world deployment and integration within existing security ecosystems."
Security for AI and AI for Security
Building on the recent launch of AI Defense, Cisco is continuing its commitment to help customers tackle the growing challenges of managing AI security risks. Cisco announced a new integration as part of a deepened relationship with ServiceNow to jointly provide platform-based approaches that not only solve the challenges presented by AI, but also empower businesses to move even faster.
The first integration will bring together Cisco AI Defense with ServiceNow SecOps to provide more holistic AI risk management and governance. Cisco AI Defense, acting as an enforcement layer, will identify threats and vulnerabilities specific to AI. ServiceNow SecOps will provide the workflows, automation and collaboration IT and security teams need so they can effectively respond to the new kinds of AI-related threats that AI Defense has surfaced.
Mutual customers of Cisco and ServiceNow can expect to take advantage of this integration in 2H25. Additional
integrations of Cisco and ServiceNow capabilities are planned for later in 2025.
Cisco also introduced Foundation AI, a team of leading AI and security experts that joined through the Robust Intelligence acquisition, focused on developing cutting-edge technology to address the fundamental security issues of the AI era.
The Foundation AI team has released the first open-source reasoning model built specifically for enhancing security applications. They will also debut novel benchmarks to evaluate cybersecurity models on real-world security use cases, plus additional tools and building blocks for teams to leverage in adapting the models. These models and tools will encourage collaboration among first-class security experts and machine learning engineers, while delivering essential infrastructure that cybersecurity teams can immediately leverage.
Additionally, a new set of AI Supply Chain Risk Management security controls will help customers secure AI application artifacts. Even before deploying models in production, enterprises are exposed to security vulnerabilities, like malware in AI model files and poisoned datasets, that are downloadable from open-source repositories.
By combining AI model threat assessment and detection with comprehensive network enforcement, enterprises can confidently accelerate their AI adoption and innovation. This includes identifying and blocking malicious AI model files before they enter the enterprise; automatically detecting and blocking AI model files with risky or restrictive open-source software licenses that pose intellectual property and compliance risks; and flagging and enforcing policies against AI models originating from prohibited suppliers.
Enhanced Industrial Internet of Things (IoT) security
As industry digitisation accelerates and industrial AI emerges, critical infrastructure and industrial networks are constantly exposed to cyberthreats. Enhancing the Cisco Industrial Threat Defense solution and further extending IT security to industrial settings, new integrations with Cisco Cyber Vision include:
- Cisco Vulnerability Management and Splunk Asset and Risk Intelligence to help prioritise operational technology (OT) cyber risks;
- Cisco Secure Firewall to help automate industrial network segmentation to better protect operations; and the
- Splunk OT Security add-on in Splunk ES to unify IT and OT visibility within the SOC.
SOAR is short for security orchestration, automation, and response, and XDR is an acronym for extended detection and response.
Hashtag: #RSA2025
No comments:
Post a Comment