In response to the rapid surge in cyber threats targeting identities and identity providers in 2023, Cisco is prioritizing identity within its security strategy. Introducing pioneering identity intelligence capabilities driven by data analytics and AI, Cisco aims to enhance organizations’ understanding and management of identity information. This encompasses access details, interactions, and patterns, enabling a comprehensive view of vulnerabilities and threats associated with identity behaviors.
Latest News: Cisco Announces AI Innovation and Partnerships at Cisco Live Amsterdam
Bridging Security Gaps: Cisco Identity Intelligence
Addresses the Impact of Compromised CredentialsÂ
According to the Talos 2023 Year in Review report, compromised credentials were responsible for a quarter of Cisco Talos Incident Response engagements. Last year’s headlines underscore this trend, with major manufacturing companies and identity providers falling victim to breaches, resulting in significant financial losses for organizations.
The current reliance on access and identity solutions has created blind trust, undermining the principles of zero trust. Organizations are grappling with identity sprawl, as identity management tools are scattered across disparate providers and toolsets. To address this challenge, enterprise customers require a layer of identity intelligence that integrates seamlessly with existing identity stores, bridging the gap between authentication and access.
Cisco’s Identity Intelligence aims to illuminate the gap between authentication and access, enhancing visibility into active identity behaviors. Instead of solely questioning a user’s ability to access resources, organizations should assess whether access is warranted based on real-time identity intelligence.
By integrating identity, networking, and security, Cisco Identity Intelligence enhances solutions like Cisco Duo, Extended Detection and Response (XDR), and Secure Access, offering advanced insights to combat the growing threat of compromised credentials.
Latest News: Cisco Collaborates with Microsoft and Samsung to Deliver Superior Meeting Room Experiences
Enhances SecurityÂ
Cisco’s latest offering, Identity Intelligence, seamlessly integrates with customers’ diverse directories and identity management tools, offering invaluable insights into active identity usage. Paired with Trust Monitor, Risk-Based Authentication, and other security data within Duo, this integration empowers security teams with actionable insights and automated policy enforcement at scale. Through this comprehensive approach, organizations can effectively detect, remediate, and prevent identity compromises and account takeovers.
Currently available in private preview, Cisco Identity Intelligence will soon be accessible in the Duo Advantage and Premier editions. This advancement grants organizations a unified interface for enhanced visibility into their identity infrastructure, enabling them to monitor user access, safeguard user identities, detect changes in activities, and respond promptly to posture risk and security threats.
Strengthens Security with Identity Intelligence in XDR
In a significant advancement, Cisco is integrating Identity Intelligence, the same technology used in Duo, into its XDR solution.
This integration enhances Cisco’s XDR solution by providing in-depth insights into user behaviors and access patterns. By leveraging Identity Intelligence, organizations gain a more holistic understanding of potential security threats.
Already proficient in email, web, endpoint, and network security, Cisco XDR now offers a pioneering Identity Threat Detection and Response (ITDR) stack. This groundbreaking solution is tailored to organizations of all sizes, offering unparalleled security capabilities.
Improves Secure Access
Cisco is integrating Identity Intelligence into its Secure Access solution, ushering in smarter zero-trust access decisions and bolstering defenses against identity-based attacks.
Before deploying Cisco Secure Access, Identity Intelligence gathers data from existing identity and access management tools. This allows administrators to identify and rectify vulnerabilities, enhancing zero-trust readiness and minimizing exposure to account takeover threats.
Moreover, Identity Intelligence aggregates extended attributes and user behavior factors from various Cisco and third-party sources to track identity posture shifts effectively. This comprehensive identity graph enables administrators to craft and enforce sophisticated Secure Access policies.
Furthermore, Identity Intelligence empowers security teams to identify and respond to unusual identity behaviors based on risk. In the future, this capability will assess unpredictable behaviors against user and peer baselines, enabling the detection of user-based risks. This proactive approach could trigger a gradual reduction in access rights or terminate sessions entirely to mitigate the impact of a compromised identity.
Cisco Advances Security Operations with AI Integration
Cisco is driving efficiency and effectiveness in security operations through innovative AI integration across its Secure Access platform.
- AI Assistant for Security: At Cisco Live Amsterdam, the unveiling of the AI Assistant for Security marks a significant leap. This assistant simplifies access policy creation by converting conversational English phrases into security policies automatically. Administrators can leverage this tool to streamline operations, save time, and reduce complexity.
- Data Loss Prevention (DLP) for Generative AI: Secure Access introduces DLP capabilities tailored for Generative AI applications. This addresses the escalating risks associated with AI adoption in enterprises, enhancing security protocols.
- Integration with Cisco’s Identity Services Engine (ISE): The integration leverages AI-driven identity intelligence from ISE to empower administrators in making proactive governance decisions based on detailed identity information.
- Secure Access with Experience Insights: This feature addresses health and performance issues across users, applications, and network connectivity. By swiftly identifying connectivity problems, IT and security teams can optimize user productivity.
- Email Threat Defense Enhancements: AI takes center stage in Email Threat Defense, utilizing multiple detectors to simultaneously assess different parts of incoming emails for potential malicious intent.
- Enhanced Cisco XDR: Cisco XDR now offers real-time MITRE ATT&CK mapping, streamlining the automated mapping of adversary behaviors into XDR detections for heightened threat detection capabilities.
Latest News: Cisco Launches Motific, Enabling Organizations to Navigate the Complex World of Generative AI Deployment
FAQs
1. What is the significance of compromised credentials in the cybersecurity landscape?
Compromised credentials have emerged as a major threat, contributing to a significant portion of cybersecurity incidents. According to the Talos 2023 Year in Review report, compromised credentials accounted for a quarter of Cisco Talos Incident Response engagements.
2. How does Cisco plan to address the challenge of identity sprawl?
Cisco aims to combat identity sprawl by introducing identity intelligence, which integrates seamlessly with existing identity stores. This initiative bridges the gap between authentication and access, offering new insights while leveraging information already present in organizational environments.
3. What are the key features of Cisco’s Identity Intelligence solution?
Cisco’s Identity Intelligence offers detailed insights into user behaviors and access patterns. It enhances security solutions like Cisco Duo and Extended Detection and Response (XDR), enabling organizations to detect, remediate, and prevent identity compromises and account takeovers.
4. How will Cisco Identity Intelligence benefit Secure Access and XDR solutions?
By integrating Identity Intelligence into Secure Access and XDR solutions, Cisco aims to enhance zero-trust access decisions and bolster defenses against identity-based attacks. This initiative empowers administrators with comprehensive visibility into identity infrastructure and enables proactive governance decisions.
5. What additional advancements is Cisco making in cybersecurity operations?
In addition to Identity Intelligence, Cisco is streamlining security operations with AI innovations. These include the AI Assistant for Security in Secure Access, data loss prevention for Generative AI applications, and real-time MITRE ATT&CK mapping in XDR. These advancements aim to simplify policy creation, address emerging threats, and optimize cybersecurity processes.
[To share your insights with us as part of editorial or sponsored content, please write to sghosh@martechseries.com]
