A report from CiscoLive. Good to see Cisco realise that gluing lots of components together is one of their most important tasks. None of the security professionals I talk to complain about lack of data. Turning that morass into something useful is the challenge we face…:
After a few days of meetings, I believe Cisco’s cybersecurity strategy focuses on:
- Product integration. Cisco wants a common cybersecurity product architecture that spans endpoints, networks, data centers, and the public cloud, that can service most of its customers cybersecurity technology needs. As a result, Cisco is busy integrating products and services like AMP, Umbrella, Firepower, Talos, etc. Cisco demonstrated its platform and discussed its future roadmap in detail.
- Openness and programmability. Beyond gluing its own products together, Cisco’s cybersecurity platform is built with connectors and APIs for third-party integration and programmability. To illustrate its technology alliance partner ecosystem, Cisco crowed about dozens of partners including Anomali, IBM, LogRhythm, and McAfee. Cisco’s intent-based networking programmability also extends to security for service providers taking advantage of APIs and building value-added services on top of Cisco security tools.
- A foundation of threat intelligence. CiscoLive started last Sunday with a day-long session by the Talos team on security research and threat intelligence. Beyond the data, the Cisco team focused on teaching customers how to operationalize threat intelligence for threat detection, hunting, and risk management. Clearly, Cisco believes that Talos threat intelligence can give the company a strategic advantage versus narrowband security vendors, so it is anchoring all security products with Talos threat feeds. The company is also bolstering market education to get the Talos word out more broadly.
- Comprehensive cloud security. Cisco wants customers to know that it can protect workloads in the public cloud with a one-two punch of Tetration and StealthWatch cloud. Beyond IaaS and PaaS, Cisco also promoted its CloudLock CASB product for SaaS management and data protection. Finally, Cisco is offering several ‘security from the cloud’ services, such as Umbrella and email security to safeguard mobile workers and branch offices.
- Operational simplicity. When it comes to security operations, Cisco understands that many of its customers are under-staffed, lack advanced skills, have too many point tools and still rely on manual processes. To address these shortcomings, Cisco demonstrated a security operations platform called Visibility, a common SOC analyst workbench for threat detection, incident response, and risk remediation. In its current iteration, Visibility supports a handful of Cisco products, but the company previewed an aggressive roadmap for integration of additional Cisco and third-party products.
- Professional and managed services. What many customers may not realize is that Cisco professional and managed cybersecurity services are growing like a weed. Cisco plans to expand its services portfolio to provide flexible consumption options and help customers benefit further from all its security products.