Highlights:
- Over 26% of Cisco Talos Incident Response engagements in the past year witnessed adversaries employing compromised credentials on legitimate accounts.
- The latest enhancements in Secure Access include automated intellectual property detection and protection as it traverses in and out of AI systems.
Cisco Systems Inc. recently unveiled the latest enhancements to its Cisco Security Cloud, which streamline security processes using artificial intelligence and offer protection against identity-based attacks.
First in line is Cisco Identity Intelligence, a novel solution heralded by Cisco as the industry’s first endeavor to integrate identity, networking, and security functionalities. According to the company, this amalgamation protects organizations’ intricate identity stacks, safeguarding them against the progressively sophisticated techniques employed by attackers.
Cisco contends an inherent blind trust exists between authentication and access solutions today. Due to this vulnerability, threat actors compromised numerous prominent organizations in 2023 by exploiting these weaknesses. Over 26% of Cisco Talos Incident Response engagements in the past year witnessed adversaries employing compromised credentials on legitimate accounts.
As observed by Cisco, the issue lies in that a single user is frequently associated with numerous digital identities and accounts. This situation significantly amplifies the entry points for attackers and enhances the potential for lateral movement across identities. Frequently, legacy permissions remain intact, and security teams lack crucial context regarding historical identity behavior, actions across systems, and current risk levels essential for making trusted access decisions.
This is precisely where the new Cisco Identity Intelligence solution comes into play.
While operating atop customers’ existing identity stores, the solution offers unified visibility and employs AI-driven analytics to enhance security measures. With this solution, customers can effectively uncover their entire identity population, address vulnerable accounts, eliminate unused and risky privileges, identify behavioral anomalies, and thwart high-risk access attempts without replacing existing solutions.
Identity Intelligence is constructed upon an identity graph aggregating data from pre-existing third-party sources responsible for managing identity and access. Organizations can implement a graduated response strategy by harnessing AI-driven behavioral analytics and extending into the network. This may involve actions such as quarantining an identity, terminating active sessions, or isolating the network, utilizing the capabilities of the Cisco Identity Services Engine.
The solution furnishes insights from existing solutions, including Smart Authentication with Cisco Duo, which identifies abnormal patterns through behavior analysis and third-party signals. Smart Access with Cisco Secure Access is utilized to validate authentication decisions and mitigate unusual or high-risk behaviors. Smart Threat Detection with Cisco XDR also correlates identity signals to furnish essential information that traditional endpoint and network security solutions might overlook.
Chief Technology Officer and General Manager of Security and Collaboration at Cisco, Jeetu Patel, concurred, “Organizations need to adopt an identity-first approach to security, which, among other things, allows them to evolve from just asking ‘can’ a user access a system to continuously assessing whether a user ‘should’ be able to do what they are doing once they are authenticated By analyzing the entire attack surface of an organization’s users, machines, services, apps, data and their behaviors, Cisco Identity Intelligence bridges the chasm between authentication and access.”
Artificial Intelligence
In conjunction with the introduction of Cisco Identity Intelligence, Cisco also revealed an expansion in AI capabilities within the Cisco AI Assistant for Cloud. Unveiled in December, the service is tailored to bolster cybersecurity measures through advanced data analysis, policy recommendation, and automated task management functionalities.
The enhanced features encompass AI Assistant in Secure Access, a novel tool harnessing generative AI to empower customers in formulating security access policies through natural language prompts. Embedded within Cisco’s Secure Services Edge solution, the assistant provides a more intuitive interface for policy creation.
The latest enhancements in Secure Access include automated intellectual property detection and protection as it traverses in and out of AI systems. Moreover, Cisco Email Threat Defense now leverages AI to concurrently assess various sections of incoming emails for indicators of malicious intent.
Lastly, Cisco has announced the integration of its robust networking capabilities with Cisco Secure Access. Experience Insights, powered by Cisco’s ThousandEyes, enhances productivity for hybrid workers by promptly identifying connectivity and application issues, thereby facilitating swifter resolutions. This feature does not incur additional costs, as it is included in all Secure Access licenses.