Cisco unveiled the Cisco AI Assistant for Security, marking a major step in making artificial intelligence (AI) pervasive in the Security Cloud, Cisco’s unified, AI-driven, cross-domain security platform. The AI Assistant will help customers make informed decisions, augment their tool capabilities, and automate complex tasks.
“To be an AI-first company, you must be a data-first company. With our extensive native telemetry, Cisco is uniquely positioned to deliver cybersecurity solutions that allow businesses to confidently operate at machine scale, augmenting what humans can do alone,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Today’s announcement is a monumental step forward. This advancement will help tip the scales in favour of defenders, empowering customers with AI built pervasively throughout the Cisco Security Cloud.”
As cyber-attacks continue to evolve, organisations’ defences must, too. Ransomware and extortion attacks continue to persist at a steady pace, making up 20 percent of Cisco Talos Incident Response engagements this year, according to the new Talos 2023 Year in Review report. Talos also observed an increase in sophisticated attacks on networking devices this past year, particularly by state-sponsored actors. The increased speed and sophistication of malicious actors requires the adoption of machine- scale defences.
With unmatched visibility across the network and security, Cisco works with more machine-driven telemetry and on a scale larger than most in the industry. The new Cisco AI Assistant for Security is trained on one of the largest security-focused data sets in the world, which analyses more than 550 billion security events each day across web, email, endpoints, networks, and applications. It can understand event triage, impact and scope, root cause analysis and policy design. With this data, the AI Assistant aims to close the gap between cybersecurity intent and outcomes. All of Cisco’s AI capabilities are built securely and align with Cisco’s Responsible AI Framework.
Continuing the rapid pace of innovation, today Cisco is introducing:
– AI Assistant for Firewall Policy: The Cisco AI Assistant for Security is first going live within the Cisco Cloud-delivered Firewall Management Centre and Cisco Defence Orchestrator to solve the big challenge of setting and maintaining complex policies and firewall rules. Administrators can now use natural language to discover policies and get rule recommendations, eliminating duplicate rules, misconfigured policies, and complex workflows with increased visibility as well as accelerated troubleshooting and configuration tasks.
– AI-powered Encrypted Visibility Engine for All Firewall Models: Most data centre traffic today is encrypted and the inability to inspect encrypted traffic is a key security concern. Decrypting traffic for inspection is resource-intensive and fraught with operational, privacy and compliance issues. With the 7.4.1 Operating System now available across the entire Cisco Secure Firewall family, customers see AI go even further via the Encrypted Visibility Engine. The Encrypted Visibility Engine leverages billions of samples, including sandboxed malware samples, to determine if the encrypted traffic is transporting malware. It can tell which operating system the traffic is coming from and what client application is generating that – all without the need for decryption.
“The ability for AI to reshape our daily lives and professional landscapes is immense. As a longstanding Cisco partner, we are excited about the new Cisco AI Assistant for Security and how this will empower our customers with AI-driven efficiencies,” said Graham Robinson, Chief Technology Officer, Data#3. “The introduction of the AI Assistant to Cisco Firewall Management Centre will help our customers quickly and easily configure policy changes. When combined with the new features in the 7.4.1 software release and the Encrypted Visibility Engine, this offers a truly compelling overall experience.”