position of the community is vital within the AI period — it’s your biggest asset, your major goal, and your most important line of protection. Cisco leaders Jon Woolwine and Jack Klecha share how Cisco embeds safety straight into the community to maintain tempo with AI-driven threats. Preserve studying and watch the quick to listen to extra.
Within the AI period, protection begins with the community
Cloud, hybrid work, IoT, and now an explosion of AI brokers — these aren’t simply added complexities of at the moment’s digital surroundings, they’re potential entry factors on an ever-growing assault floor. Our digital footprint is increasing quicker than we will safe it. And attackers comprehend it.
As our current processes wrestle to maintain up, visibility fragments, and insurance policies and safety controls drift — creating precisely the gaps attackers search to use.
That is compounded by a shift in attacker technique: years of hardening person endpoints have led attackers to the community as their new goal of selection. And with AI, they’re now shifting at machine velocity and scale that conventional defenses weren’t constructed to deal with. AI innovation essentially modifications how attackers uncover and act on vulnerabilities, shrinking the time to use from weeks to hours. And with new, extra highly effective frontier fashions rising, that threat will proceed to extend.
As a result of the community is the frequent thread by way of all of this — connecting customers, knowledge, and purposes throughout each department, campus, knowledge heart, and cloud — it’s the final prize for attackers, and the final word threat for the enterprise.
Dangerous actors are additionally harvesting encrypted community site visitors at the moment — storing it till quantum computing makes it readable. We should act at the moment to forestall threats tomorrow.
That’s the reason Cisco IT and Safety groups view the community as our vital line of protection.
From reactive to resilient: How Cisco fuses safety into the community
Bolting safety instruments onto an current community provides complexity and leaves gaps. Our strategy is completely different: we embed safety straight into each layer of the community, from the campus and department to the information heart and cloud.
This enables us to make use of the community to see, authenticate, and defend each connection in real-time, making a unified, interconnected cloth. Here’s a take a look at our unified strategy:
- A resilient infrastructure basis: If the infrastructure is compromised, each safety software above it’s bypassed. We harden working techniques and boot processes throughout our infrastructure in order that the muse itself can’t be compromised. And we’re integrating post-quantum cryptography to get forward of ‘harvest now, decrypt later’ dangers. When vulnerabilities are discovered within the community infrastructure, we’ll have the ability to put compensating controls in place with Cisco Dwell Shield.
- Id-first entry management: With the muse safe, the following query is: who, or what, is connecting to the community? It’s not simply people, however hundreds of IoT units and AI brokers. We take an identity-first strategy — repeatedly verifying each id and granting least privilegeaccess
- Limiting the blast radius: Even with robust preventative measures in place, we put together for a breach. Segmentation is our major protection in opposition to lateral motion. We moved previous static VLANs to software-defined segmentation. Utilizing Cisco Id Providers Engine (ISE), and TrustSec to we will determine, profile, and implement coverage on each connection, compartmentalizing the community. If an attacker does get in, lateral motion is contained in a single, remoted space.
- Safety prolonged from campus to department to the information heart and past: A breach on the perimeter can’t be allowed to change into a full compromise. Right this moment, we deploy Safe Firewalls to manage site visitors throughout our knowledge facilities — defending our most important purposes and knowledge from east-west threats. As we prolong towards Hybrid Mesh Firewalling, that very same constant safety might be distributed to our purposes and infrastructure in all places they dwell, throughout knowledge facilities, cloud, and hybrid environments — enforced at scale, with out gaps.
- Visibility and insights throughout the surroundings: By centralizing alerts from ThousandEyes and our community controllers into Splunk, we get a real-time, cross-domain view of each gadget, connection, and dependency — inside our partitions and past. That visibility is what offers each different layer of this structure its enamel.
These layers operate as an interconnected cloth—if a risk bypasses one, the following is already there. However conventional human-led processes alone can’t operationalize this on the velocity required.
Working at machine velocity—throughout each layer
Every layer of this structure is barely as robust because the coverage behind it — and solely as efficient because the operations supporting it. AI-driven threats have uncovered the breaking level of conventional approaches: fragmented insurance policies create gaps, and guide processes can’t reply at machine velocity.
Our work towards Widespread Coverage will enable us to outline as soon as and implement constantly in all places — from department entry switches to knowledge heart firewalls — changing the fragmented, system-by-system strategy that creates gaps attackers exploit.
The place Widespread Coverage defines the what, our developments towards AgenticOps will deal with the how and when— autonomously detecting modifications, triaging incidents, and implementing updates at machine velocity. This may enable us to resolve multi-week ticket processes in simply minutes — a vital functionality to maintain tempo with AI threats.
Safety is a crew sport: How Cisco IT and Safety win collectively
Expertise is barely a part of the equation. The groups operationalizing it must be simply as robust.
Historically, networking groups concentrate on uptime whereas safety groups concentrate on threat discount — incidents are tossed over the fence, creating gradual response instances and fragmented protection.
When the community is the first goal, safety is a efficiency and uptime difficulty. A breach isn’t only a safety alert — it’s a enterprise disruption that impacts everybody.
At Cisco, we deal with safety as a crew sport. Our IT and Safety groups share visibility, planning, and targets — not due to an org chart, however as a result of a breach is a community outage, and a community outage is everybody’s drawback. We conduct quarterly planning collectively, function with shared metrics, and transfer as one crew. Aligning our groups has allowed us to cease taking part in protection and begin constructing resilience to guard the longer term.
The impression of converging safety and networking
This mix of getting safety deeply embedded within the community and unified groups has allowed us to cease firefighting yesterday’s threats and concentrate on proactively defending our future. We’ve seen a 50% enchancment in our incident response SLA — not due to a single software, however as a result of we eradicated the guide handoffs that when slowed us down. It’s constructed a basis for operational excellence that enables our groups to innovate at velocity.
AI-driven threats don’t cease at our partitions — and neither do our learnings. By work with Venture Glasswing and OpenAI Dawn, we’re stress-testing our personal community at unprecedented scale and velocity, sharing what we uncover as repeatable, confirmed practices each group can use to construct stronger defenses.
The takeaway is straightforward: the community is the muse of our enterprise; it should even be the muse of our protection. We’ve moved past the perimeter to safe the whole cloth, utilizing our personal telemetry to show our biggest threat into our strongest asset. That’s the solely approach to obtain true digital resilience in an AI-driven world.
Watch the quick video about Cisco’s inside strategy to safe networking:
Dive deeper: Watch the total one-hour dialog
Extra sources:
