Cisco Doubles Down on Frictionless Security to Protect Hybrid Work and Multi-Cloud Environments

Rhea-AI Summary

Cisco has announced new risk-based capabilities in its security portfolio, enhancing protection for hybrid work and multi-cloud environments. The Risk-Based Authentication feature allows for user-friendly security, while the Business Risk Observability application offers a comprehensive view of application security. Initial insights from the Cybersecurity Readiness Index reveal a need for improved identity, network, and application security. The index showed that only 20% of organizations are in a mature state for identity protection, highlighting significant gaps in cybersecurity readiness.

Positive

• Launch of Risk-Based Authentication improves user access security.
• Introduction of Business Risk Observability enhances application security.
• Cisco's Cybersecurity Readiness Index reveals need for enhanced identity protection, indicating room for growth in product development.

Negative

• Only 20% of organizations are in the mature category for identity protection.
• More than 50% of companies are still in formative or beginner stages for network protection.

NEWS SUMMARY:

• Finding the balance between usability and security is now easier than ever with the general availability of Risk-Based Authentication – giving users the access they need, secured by real-time contextual signals
• Significant advancement in its applications strategy, Cisco introduces industry-first Business Risk Observability, an enhancement of Cisco's Full-Stack Observability application security solution
• While technology to secure devices is widely adopted, initial findings from Cisco's first-ever Cybersecurity Readiness Index revealed that more progress is needed to protect identity. networks and applications

AMSTERDAM, Feb. 7, 2023 /PRNewswire/ -- CISCO LIVE -- Cisco (NASDAQ: CSCO) customers can now access new risk-based capabilities across Cisco's security portfolio to better protect hybrid work and multi-cloud environments. These advancements demonstrate progress towards realizing the full vision of the Cisco Security Cloud which will protect the integrity of an organization's entire IT ecosystem.

"Security products should provide a frictionless user experience while minimizing risk for the organization," said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. "At the same time, organizations need to look at their security resilience holistically. This is why Cisco is building an end-to-end portfolio of security solutions and integrating them into a single platform. We're excited to share the latest innovations across zero trust, application security, and secure connectivity as we build towards our vision."

Cisco also introduced initial findings from the first-ever Cybersecurity Readiness Index focused on five core pillars of security protection – identity, devices, network, applications, and data. While technology to secure devices is widely adopted, more progress is needed to protect identity, networks and applications.

Zero Trust

Respondents ranked identity and device management as two of the three top cybersecurity threats. Alongside the widespread adoption of technology like multi-factor authentication (MFA), criminals are increasingly targeting the solutions protecting users and devices.

Unfortunately, while we are seeing impressive levels of adoption when it comes to device protection, there is still much work to be done when it comes to identity. The highest level of readiness that companies have across the globe is in securing devices, with nearly half of companies placed in either the 'mature' (31 percent) or 'progressive' (13 percent) stages of adoption. On the other hand, significant progress is needed to meet the challenge of identity verification, with only 20 percent of organizations in the 'mature' category, and more than half falling into the 'beginner' (20 percent) or 'formative' (38 percent) stages.  

Not only are these attacks becoming more frequent and current risk-based signals are failing, but authentication controls are also inflexible, creating too much friction. Security gets in the way, creating usability issues. Several features of Duo Risk-Based Authentication designed to reduce user friction and increase security efficacy in a hybrid work world are now available:

• Users can now authenticate less often in trusted situations without compromising privacy. Remembered Devices and patent-pending Wi-Fi Fingerprint allow users to stay logged in when using familiar applications, devices and networks – without collecting personal or private location information.
• Protect against authentication phishing attacks with the new Verified Push capability. In risky situations where Duo can recognize behavior from known attack patterns, it requires the user to enter a code, instead of just pushing a button to confirm.
• Expanded Single Sign On (SSO) capabilities that cater to modern enterprises and improve productivity by notifying and enabling users to reset their passwords before they expire.

Application Security

According to the Cybersecurity Readiness Index, companies urgently need to act on the security posture of their applications and related workloads. Only 12 percent are in a state of mature application-security readiness, while 65 percent are in the early or formative stages. Cisco's application strategy aims to ensure greater resilience against the growing attack surface of the experience economy where applications are no longer an adjunct, but rather they are the business itself.

A significant advancement in its applications strategy, Cisco has announced the introduction of industry-first Business Risk Observability, an enhancement of Cisco's Full-Stack Observability application security solution. Available through Cisco Secure Application, which is integrated into Cisco AppDynamics, it provides a business risk scoring solution which brings together Kenna Risk Meter score distribution and Business Transactions from Cisco AppDynamics, and also integrates with Panoptica for API security and Talos for threat intelligence.

Secure Connectivity

IT complexity, and the complexity of managing a highly distributed workforce has introduced risk to the organization and increased operational costs. Most enterprise networks can't support the change in traffic patterns driven by SaaS and hybrid work. Only 19 percent of companies are placed in the mature stage of protecting the network, while more than 50 percent are in the formative or beginner stages.

To provide secure access to anything from anywhere - organizations are increasingly adopting Secure Access Service Edge (SASE) architectures. Cisco is thrilled to announce that Cisco+ Secure Connect, the industry's first and leading unified single-vendor SASE solution, is extending support to Cisco SD-WAN powered by Viptela. Cisco+ Secure Connect uniquely converges Cisco SD-WAN fabrics and Cisco's leading cloud security services to provide secure access to anything from anywhere.

Additional Resources:

• Blog: Cisco Secure at Cisco Live EMEA 2023
• Report: Cisco Cybersecurity Readiness Index

About Cisco

Cisco (NASDAQ: CSCO) is the worldwide leader in technology that powers the Internet. Cisco inspires new possibilities by reimagining your applications, securing your data, transforming our infrastructure, and empowering your teams for a global and inclusive future. Discover more on The Newsroom and follow us on Twitter at @Cisco.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.

 

View original content to download multimedia:https://www.prnewswire.com/news-releases/cisco-doubles-down-on-frictionless-security-to-protect-hybrid-work-and-multi-cloud-environments-301740207.html

SOURCE Cisco Systems, Inc.

FAQ

What is Risk-Based Authentication introduced by Cisco?

Risk-Based Authentication provides users with secure access based on real-time contextual signals, improving the user experience while ensuring security.

How does Cisco's Business Risk Observability work?

Business Risk Observability integrates various security parameters to provide a comprehensive risk score for application security, enhancing visibility and management.

What were the key findings of Cisco's Cybersecurity Readiness Index?

The index highlighted that while device protection is widely adopted, identity security remains a significant challenge, with only 20% of organizations being in a mature state.

How is Cisco addressing security for hybrid work environments?

Cisco is enhancing its security portfolio with new features like Risk-Based Authentication and Secure Access Service Edge (SASE) to protect hybrid work setups.

What percentage of companies are mature in network security according to Cisco's findings?

Only 19% of companies are in the mature stage of protecting their network, indicating a need for further advancements in security measures.