During Cisco Live EMEA, taking place this week, risk-based capabilities were announced as available across Cisco’s security portfolio to better protect hybrid work and multi-cloud environments.
“Security products should provide a frictionless user experience while minimizing risk for the organisation,” said Jeetu Patel, executive vice-president and general manager of security and collaboration at Cisco.
“At the same time, organisations need to look at their security resilience holistically. This is why Cisco is building an end-to-end portfolio of security solutions and integrating them into a single platform.
“We’re excited to share the latest innovations across zero trust, application security, and secure connectivity as we build towards our vision.”
Business Risk Observability
Firstly, the introduction of Business Risk Observability comes in response with a growing trend of security and observability gradually converging, with organisations now able to leverage a business risk scoring solution via Cisco Secure Application, in Cisco AppDynamics.
This first-of-its kind solution is planned to enhance Cisco’s Full-Stack Observability application security solution, combining Kenna Risk Meter score distribution and Business Transactions from Cisco AppDynamics, as well as integrating with Panoptica for API security and Talos for threat intelligence.
According to Cisco’s Cybersecurity Readiness Index study, only 12 percent are in a state of mature application-security readiness, while 65 percent are in the early or formative stages.
Risk-based Authentication
While authentication often proves effective when it comes to preventing unauthorised access, there is always a danger of user fatigue developing as a result of too many constant requests.
To help mitigate this, Cisco has launched Duo Risk-Based Authentication, which utilises remembered devices and a Wi-Fi fingerprint to determine legitimate users based on commonly used Wi-Fi networks, while preserving privacy by not storing location data.
Expanded Single Sign On (SSO) capabilities, meanwhile, cater to modern enterprises and improve productivity by notifying and enabling users to reset their passwords before they expire.
In addition, users will be able to protect against authentication phishing attacks with a new Verified Push capability – a mechanism that calls for a code coming up on screen to be entered, as opposed to pushing a button to confirm.
With criminals increasingly targeting multi-factor authentication, respondents to Cisco’s Cybersecurity Readiness Index ranked identity and device management as two of the three top cybersecurity threats.
However, the highest level of readiness that companies have across the globe is in securing devices, with nearly half of companies placed in either the ‘mature’ (31 percent) or ‘progressive’ (13 percent) stages of adoption.
Conversely, when it comes to identity, only 20 percent of organisations were found to be in the ‘mature’ category, with over half falling into the ‘beginner’ (20 percent) or ‘formative’ (38 percent) stages.
SASE connectivity
Also announced at Cisco Live EMEA was new support for SD-WAN architecture with unified single-vendor SASE solution Cisco+ Secure Connect, which will be powered by subsidiary Viptela.
This availability will converge SD-WAN fabrics and Cisco’s cloud security services to provide secure access that is adaptable to changing network parameters.
Only 19 percent of companies surveyed by Cisco are placed in the mature stage of protecting the network, while over 50 percent are in the formative or beginner stages.
6,700 respondents across 27 countries and over 18 industries were surveyed by Cisco on how they measured up in solutions across the five core pillars of cybersecurity protection: identity, devices, network, application workloads, and data.
Related:
How Cisco Webex will help businesses track sustainability efforts — During its Cisco Live EMEA conference, Cisco has released its new Carbon Emissions Insights tool to help businesses improve sustainability efforts.
Cybersecurity predictions for 2023 — Cyber attacks will become even more prevalent this year, predict experts, with attackers not only going after cloud hosting services but also hacking the Metaverse. We talk to seven experts about their cybersecurity predictions in 2023.