シスコがサイバーセキュリティの最大の課題に取り組む

Cisco SecureSVPおよびGMGee Rittenhouseによると、セキュリティ業界が直面している最大の課題は複雑さです。The biggest challenge facing the security industry is complexity, according to Cisco Secure SVP and GM Gee Rittenhouse. “We see it every day where attackers are increasingly going between the gaps of security protection and exploiting these things in complicated ways,” he said, in an interview with SDxCentral in advance of this week’s Cisco Live event. “We’ve taken it upon ourselves to lead the industry in reducing the overall complexity for our customers so that they can protect themselves, but also respond, if necessary, very, very quickly. That’s the fundamental problem we’re trying to solve.” Cisco is working to solve this challenge across four components of customers’ security environments: users, devices, networks, and applications and data, Rittenhouse said. And the cornerstone for this effort is its SecureX product, which Cisco announced last year. Cisco started talking about SecureX, its consolidated security platform that is included with every Cisco security product, at the RSA security conference in February 2020. It then made the platform available last June. SecureX integrates Cisco’s network, endpoint, cloud and application security products, as well as threat intelligence from Cisco Talos, in a cloud-native platform. The platform also connects to third-party security tools for investigations, and it provides extended detection and response (XDR) capabilities. “We continue to see 1,000 customers per month adopting this platform, and when we say adopt, it’s using it at least once a week,” Rittenhouse said. Today at Cisco Live, Cisco announced new SecureX capabilities in addition to a new secure access service edge (SASE) architecture and passwordless identification that Rittenhouse says advance the vendor’s effort to simplify networking and security. The Secure X enhancements reduce dwell time for SecOps and automates tasks involved with detecting and remediating threats. New automated workflows include SolarWinds supply chain attack, phishing investigations, and threat investigations using intel from Cisco Talos. These additions reduce time to detect threats by 95% and time to remediate by 85%, according to the vendor. Cisco also added new technology integrations that span email security to threat intel and provide turnkey configuration with third-party technologies including Google, ServiceNow, and Splunk. “We continue to take a look at the tooling that the enterprise is using, and then integrate into that larger tool suite on behalf of our customers to just make security really, really simple,” Rittenhouse said. The vendor also announced integration and automation at the endpoint. Cisco Secure Client, a new unified agent connector for Cisco Secure Endpoint, AnyConnect, and Umbrella, simplifies deployment and management for greater efficiency and efficacy, Rittenhouse said. Additionally, Cisco Secure Client serves as a local control point and early warning system for advanced SASE and XDR threats. And while Umbrella, Cisco’s SASE platform that combines cloud security and SD-WAN, has always integrated with SecureX and provided telemetry and control points for XDR threat hunting and response, Cisco is also advancing its visibility and security-policy capabilities between the two platforms, Rittenhouse said. “As we get into more of the visibility component, we’re starting to get into policies and making sure that those policies are right around a secure web gateway and SD-WAN policies,” he said, adding that those integrations will happen at a later date. “It’s a continued integration of Umbrella capability as the full SASE stack, both on the SD-WAN side and the security side, get integrated into SecureX.”