Cisco customers can now access new risk-based capabilities across Cisco’s security portfolio to better protect hybrid work and multi-cloud environments.
These advancements demonstrate progress towards realising the full vision of the Cisco Security Cloud which will protect the integrity of an organization’s entire IT ecosystem.
“Security products should provide a frictionless user experience while minimising risk for the organisation,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “At the same time, organisations need to look at their security resilience holistically. This is why Cisco is building an end-to-end portfolio of security solutions and integrating them into a single platform. We’re excited to share the latest innovations across zero trust, application security, and secure connectivity as we build towards our vision.”
Cisco also introduced initial findings from the first-ever Cybersecurity Readiness Index focused on five core pillars of security protection – identity, devices, network, applications, and data. While the technology to secure devices is widely adopted, more progress is needed to protect identity, networks and applications.
Respondents ranked identity and device management as two of the three top cybersecurity threats. Alongside the widespread adoption of technology like multi-factor authentication (MFA), criminals are increasingly targeting solutions protecting users and devices.
Unfortunately, while we are seeing impressive levels of adoption when it comes to devise protection, there is still much work to be done when it comes to identity. The highest level of readiness that companies have across the globe is in securing devices, with nearly half of the companies placed in either the ‘mature’ (31%) or ‘progressive’ (13%) stages of adoption. On the other hand, significant progress is needed to meet the challenge of identity verification, with only 20% of organisations in the ‘mature’ category and more than half falling into the ‘beginner’ (20%) or ‘formative’ (38%) stages.
Not only are these attacks becoming more frequent and current risk-based signals are failing, but authentication controls are also inflexible, creating too much friction. Security gets in the way, creating usability issues. Several features of Duo Risk-Based Authentication designed to reduce user friction and increase security efficacy in a hybrid work world are now available:
- Users can now authenticate less often in trusted situations without compromising privacy. Remembered Devicesand patent-pending Wi-Fi Fingerprints allow users to stay logged in when using familiar applications, devices and networks – without collecting personal or private location information.
- Protect against authentication phishing attacks with the new Verified Push In risky situations where Duo can recognise behaviour from known attack patterns, it requires the user to enter a code instead of just pushing a button to confirm.
- Expanded Single Sign On (SSO)capabilities that cater to modern enterprises and improve productivity by notifying and enabling users to reset their passwords before they expire.
According to the Cybersecurity Readiness Index, companies urgently need to act on the security posture of their applications and related workloads. Only 12% are in a state of mature application-security readiness, while 65% are in the early or formative stages. Cisco’s application strategy aims to ensure greater resilience against the growing attack surface of the experience economy where applications are no longer an adjunct but rather they are the business itself.
A significant advancement in its applications strategy, Cisco has announced the introduction of industry-first Business Risk Observability, an enhancement of Cisco’s Full-Stack Observability application security solution. Available through Cisco Secure Application, which is integrated into Cisco AppDynamics, it provides a business risk scoring solution which brings together Kenna Risk Meter score distribution and Business Transactions from Cisco AppDynamics, and also integrates with Panoptica for API security and Talos for threat intelligence.
IT complexity and the complexity of managing a highly distributed workforce has introduced risk to the organisation and increased operational costs. Most enterprise networks can’t support the change in traffic patterns driven by SaaS and hybrid work. Only 19% of companies are placed in the mature stage of protecting the network, while more than 50% are in the formative or beginner stages.
To provide secure access to anything from anywhere – organisations are increasingly adopting Secure Access Service Edge (SASE) architectures. Cisco is thrilled to announce that Cisco+ Secure Connect, the industry’s first and leading unified single-vendor SASE solution, is extending support to Cisco SD-WAN powered by Viptela. Cisco+ Secure Connect uniquely converges Cisco SD-WAN fabrics and Cisco’s leading cloud security services to provide secure access to anything from anywhere.