The News: Cisco previews Cisco Identity Intelligence, slated for availability in July 2024, enhances its AI Assistant for Security, and augments Cisco Secure Access with enhanced networking capabilities. Additional detail is available in Cisco’s press release.
Cisco Bolsters Identity Security in Its Security Cloud
Analyst Take: Security Cloud is Cisco’s overarching umbrella that provides AI-driven and cross-domain security. With its most recent updates, Cisco is bolstering its identity intelligence and control capabilities—in large part to support the move away from network-centric and perimeter-based security models in favor of a Zero Trust approach that is centered on identities.
Cisco Identity Intelligence intends to bridge authentication and access with greater visibility and control. The offering will run on top of customers’ third-party identity stores to provide centralized visibility and value-add, AI-based analytics. It will tap Cisco’s range of network visibility, extended detection and response (XDR) orchestration, and Secure Access and Duo access capabilities. For example, key use cases include:
- Cleaning up vulnerable accounts (e.g., quarantining an identity)
- Eliminating unused and risky privileges
- Uncovering anomalous and potentially malicious behavior, when integrated with Smart Authentication with Cisco Duo
- Blocking risky access attempts, when integrated with Cisco Secure Access
- Killing active sessions or isolating the network, when integrated with Cisco Identity Services Engine (ISE)
These capabilities are important because identity management is more complex than ever before, sprawling across the variety of accounts and other digital identities in use by users. This sprawl represents a key potential entry point and source for lateral movement for attackers. Security teams require the ability to obtain historical context into identity behavior, to oversee and remove legacy permissions, and to understand risk levels.
In addition to the AI capabilities being added with the Cisco Identity Intelligence solution, Cisco is enhancing its AI Assistant for Security, which it launched in December 2023 to allow customers to automate key security-related tasks and to take more informed action. Specifically, it added the ability to use natural language prompts to create access policies when used in conjunction with Cisco’s Secure Services Edge (SSE) solution, as well as AI-based detection to evaluate incoming emails for markers of malicious intent.
AI will play an increasingly important role in cybersecurity during 2024. It will increasingly be used from an offensive perspective by attackers to craft more innovative, adaptive, and effective approaches. In response, AI capabilities like those being brought to market by Cisco will become increasingly necessary for cyber-resiliency, allowing customers to further build up their walls and respond more quickly when attacks inevitably penetrate their environment.
Finally, Cisco is integrating additional networking capabilities into Cisco Secure Access, which is a cloud-delivered SSE solution for secure user access to applications and resources. Specifically, Cisco’s 2020 acquisition of ThousandEyes helps to uncover connectivity and network issues for applications. Additionally, Cisco Secure Access now integrates Catalyst SD-WAN capabilities for additional Zero Trust capabilities, including granular access controls and workload segmentation.
In conclusion, Cisco Identity Intelligence represents a step forward in securing the complex landscape of digital identities. By integrating with existing infrastructure and leveraging AI-powered analytics, it empowers organizations to clean up vulnerabilities, manage permissions effectively, and detect threats proactively. Further investments in AI capabilities across its security portfolio demonstrate Cisco’s commitment to building robust defenses against increasingly sophisticated and adaptive cyberattacks. With the addition of ThousandEyes and Catalyst SD-WAN capabilities to Cisco Secure Access, a holistic Zero Trust approach becomes achievable, strengthening access control and network resilience. As threats evolve, these innovations will help customers to navigate emerging security challenges more confidently.
Disclosure: The Futurum Group is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of The Futurum Group as a whole.
Other Insights from The Futurum Group:
Cisco Partner Summit 2023: AI, Security, and Observability Shine
Cisco Q1 2024: AI, Security, Cloud, and Observability Fuel Results
Cisco’s Strategic Move: The $28 Billion Splunk Acquisition Unpacked
Author Information
With a focus on data security, protection, and management, Krista has a particular focus on how these strategies play out in multi-cloud environments. She brings approximately 15 years of experience providing research and advisory services and creating thought leadership content. Her vantage point spans technology and vendor portfolio developments; customer buying behavior trends; and vendor ecosystems, go-to-market positioning, and business models. Her work has appeared in major publications including eWeek, TechTarget and The Register.
Prior to joining The Futurum Group, Krista led the data protection practice for Evaluator Group and the data center practice of analyst firm Technology Business Research. She also created articles, product analyses, and blogs on all things storage and data protection and management for analyst firm Storage Switzerland and led market intelligence initiatives for media company TechTarget.
