At the recent Cisco Live 2023 event in Las Vegas, Cisco announced new AI-powered security capabilities and a security service edge solution. This move follows a growing trend of major security companies integrating generative AI-based capabilities into their security portfolio.
One of the new AI offerings from Cisco is a support system for security operations centre teams. It allows them to query data collected across the organization, identify patterns and determine the best approach for remediating security issues. This assistant can describe what happened during a security incident, correlate intelligence and contextualize events across email, web, endpoints, and the network. It can generate an incident summary after the event. The company plans to launch the SOC assistant in mid-2024.
Another AI assistant helps security teams develop granular security policies and evaluate implementation options. By letting administrators describe the reasoning behind their desired controls, the assistant can identify gaps and create cleaner policies. This feature will be available later in the year.
The use of generative AI in cybersecurity has gained popularity as it presents an opportunity to simplify security tasks. Analysts and administrators can use natural language to find what they need without navigating complex menus or working through different commands.
Cisco plans to expand its AI capabilities across the security portfolio following a recent announcement of its intent to acquire the security startup Armorblox. Armorblox specializes in using large language models and natural language understanding.
The security challenges associated with securing access to applications in private and public clouds were also highlighted at the event. Users can have varying experiences accessing business apps, depending on factors such as the device they are using and the network. To address these issues, Cisco has launched Secure Access, which will be in limited availability starting in July and generally available in October.
Cisco Secure Access provides zero-trust network access and enables VPN for other connections, without disrupting the user experience. It also integrates with Cisco’s existing security portfolio, including threat intelligence from Talos, and threat detection, response, and visibility capabilities from ThousandEyes.
Overall, the advancements made by Cisco signal growing interest in AI-based solutions in the cybersecurity industry. As companies aim to align with changing digital landscapes, AI-powered security solutions are likely to become increasingly important in maintaining robust security measures.