Cisco AI boosts cloud security

  • December 6, 2023
  • Steve Rogerson

Cisco has unveiled a way to make artificial intelligence (AI) pervasive in the Security Cloud, the firm’s unified, AI-driven, cross-domain security platform.

The AI Assistant should help users make informed decisions, augment their tool capabilities and automate complex tasks.

“To be an AI-first company, you must be a data-first company,” said Jeetu Patel, executive vice president at Cisco. “With our extensive native telemetry, Cisco is uniquely positioned to deliver cyber security that allows businesses to confidently operate at machine scale, augmenting what humans can do alone. This announcement is a monumental step forward. This advancement will help tip the scales in favour of defenders, empowering customers with AI built pervasively throughout the Cisco Security Cloud.”

As cyber attacks continue to evolve, organisations’ defences must too. Ransomware and extortion attacks continue to persist at a steady pace, making up a fifth of Cisco Talos Incident Response engagements this year, according to the Cisco Talos 2023 Year in Review report. Talos also observed an increase in sophisticated attacks on networking devices this past year, particularly by state-sponsored actors. The increased speed and sophistication of malicious actors requires the adoption of machine scale defences.

With visibility across the network and security, Cisco works with more machine-driven telemetry and on a scale larger than most in the industry. The AI Assistant for Security is trained on one of the largest security-focused data sets in the world, which analyses more than 550bn security events each day across web, email, endpoints, networks and applications. It can understand event triage, impact and scope, root cause analysis, and policy design. With these data, the AI Assistant aims to close the gap between cyber-security intent and outcomes.

The AI Assistant for Security is first going live within the Cisco Cloud-delivered firewall management centre and defence orchestrator to solve the problem of setting and maintaining complex policies and firewall rules. Administrators can now use natural language to discover policies and get rule recommendations, eliminating duplicate rules, misconfigured policies and complex workflows with increased visibility as well as accelerated troubleshooting and configuration tasks.

Most data centre traffic today is encrypted and the inability to inspect encrypted traffic is a key security concern. Decrypting traffic for inspection is resource-intensive and fraught with operational, privacy and compliance issues. With the 7.4.1 operating system now available across the entire Cisco secure firewall family, users see AI go even further via the encrypted visibility engine.This engine leverages billions of samples, including sandboxed malware samples, to determine if the encrypted traffic is transporting malware. It can tell which operating system the traffic is coming from and what client application is generating that, all without the need for decryption.

“The ability for AI to reshape our daily lives and professional landscapes is immense,” said Graham Robinson, chief technology officer at Australian firm Data#3 (www.data3.com). “As a longstanding Cisco partner, we’re excited about the new Cisco AI Assistant for Security and how this will empower our customers with AI-driven efficiencies. The introduction of the AI Assistant to Cisco firewall management centre will help our customers quickly and easily configure policy changes. When combined with the new features in the 7.4.1 software release and the encrypted visibility engine, this offers a truly compelling overall experience.”

To learn more, visit cisco.com/go/security.