In a weblog put up final December, I mentioned that the enterprise and IT leaders with whom I meet at all times ask: How can I safe my extremely distributed workforce, who will get extra different and decentralized on a regular basis? How do I present tight safety with out burdening them or impeding enterprise? That hasn’t modified. This nonetheless drives conversations early and sometimes.
Yet that is by no means in isolation. Their deal with bettering finish customers’ expertise sits proper beside their have to make life simpler for his or her IT and safety groups. And in fact, these leaders are intensely working to decrease threat to the group. Simply mentioned, these leaders are saying that they need safety that’s higher for customers, simpler for IT, and safer for everybody. Yet, that straightforward assertion hasn’t traditionally been simple to realize.
In June 2023, we introduced Cisco Secure Access, a safety service edge (SSE) answer that squarely solutions these wants. And since June, we’ve continued to aggressively add performance to deepen and lengthen the methods that you would be able to enhance finish person expertise, simplify safety administration for IT, and tighten safety for everybody. Today, I’m thrilled to share capabilities that we introduced at Cisco Live in Amsterdam only a few weeks in the past.
AI for Security: Increase safety and decrease complexity
We’re excited to announce the AI Assistant for Security in Secure Access. This is a generative AI functionality that can simplify entry coverage creation by mechanically changing conversational English prompts into safety insurance policies. It can take a multi-part immediate and create a classy single coverage. It can mechanically break a fancy immediate into a number of parts and create a set of really useful polices to cowl a whole state of affairs. By default, the AI Assistant creates guidelines in a disabled state to make sure the administrator can tweak, check, and transfer guidelines to manufacturing solely when they’re prepared to take action.
Security directors not want to grasp the coverage engine, formatting, and nomenclature for every safety software and manually create a big quantity of insurance policies. Using the AI Assistant in Secure Access, by way of the only console, safety directors can save vital time throughout coverage creation and administration duties. Additionally, multi-person administrator teams can create a extra constant and efficient coverage set. And, all this pushes the needle on improved operational effectivity and lowered complexity.
Security for AI: Mitigate dangers of utilizing generative AI functions
My feedback above spotlight how Secure Access is utilizing AI to counterpoint the safety functionality it supplies. In addition, we introduced our means to assist organizations safely use generative AI functions inside their organizations to extend worker productiveness with out including safety threat.
Secure Access AI Data Loss Prevention (DLP) performance secures the usage of Generative AI functions by way of discovery, block/permit, granular management, and inline information loss prevention.
Functionality consists of:
- Discover and management use of 70 generative AI apps, together with Bing AI, Google Bard, and ChatGPT — who’s making an attempt to make use of it, how incessantly, and the place.
- Block or permit a number of generative AI functions.
- Enable the secure use of ChatGPT:
- Granularly management which capabilities to permit — or not — and by whom.
- Use DLP to make sure delicate information isn’t leaked to the AI platform.
- Use DLP to dam the obtain of unsafe content material from ChatGPT and notify the person.
Policy administration for each inline and out-of-band DLP is completed by way of Secure Access’s single, unified dashboard, so whereas it’s tightening safety, it’s additionally holding issues easy for the IT/safety workers.
Experience insights will increase person productiveness and IT effectivity
Experience Insights is a set of digital expertise monitoring (DEM) capabilities that allows IT/safety groups to enhance person productiveness by shortly revealing connectivity points and offering the related particulars for sooner decision. It is embedded into Cisco Secure Access and powered by ThousandEyes performance — at no additional value — to allow fast root trigger identification and determination.
Experience Insights displays the well being of work-managed endpoints, their underlay and overlay connectivity, and the applying efficiency of high SaaS functions, resembling collaboration and productiveness platforms.
Example Insights:
- Endpoint efficiency: CPU, reminiscence, Wi-Fi
- Network efficiency: Endpoint to Secure Access to focus on vacation spot, together with native community, person final mile, Internet, and utility community
- Application efficiency for high SaaS apps, resembling Microsoft Office, Salesforce, Gmail, and Notion
- Collaboration efficiency scores per person for Cisco Webex, Zoom, and Microsoft Teams
- View user-specific occasions primarily based on situations, resembling coverage block
Because it’s a element of Cisco Secure Access, directors have a single correlated view to handle the connectivity, safety, and digital experiences of their workforce — no matter the place customers or points are situated — to scale back mean-time-to-response (MTTR). This improves person satisfaction and makes directors, assist desk workers, and finish customers extra productive.
Experience Insights could be simply expanded to full ThousandEyes licenses with an prolonged set of monitoring capabilities and information sharing.
Identity Intelligence sharpens safety
In the final yr, we’ve seen an upsurge in id threats that hit many enterprises laborious. In mild of that, Cisco safety is making id central to its safety technique. We are pioneering new id intelligence that’s all about understanding and managing not solely the who and what of entry, but additionally the when, the place, and how of interactions.
Today, there may be blind belief between authentication and entry — a clean house the place you possibly can’t simply see and reply to id behaviors. By closing that house, we’ll be capable to transfer from asking, “CAN the user get access to resource X?” to the extra necessary query, “SHOULD the user get access based on current identity intelligence?”
In mid-2024, Secure Access will probably be utilizing this deep Identity Intelligence to make smarter zero belief entry selections, empowering safety groups to defend towards identity-based assaults. For instance, Secure Access will be capable to use information from current id and entry administration instruments to allow directors to wash up unused and susceptible identities that depart a door cracked open for account takeover threats.
Identity Intelligence in Secure Access will expose refined shifts in id posture by aggregating prolonged attributes and person conduct components from a variety of Cisco and third-party sources. This will give a transparent image of each id and repeatedly observe modifications that empower directors to create and implement refined Secure Access insurance policies.
This wealthy id intelligence will permit your safety group to dam or problem uncommon id behaviors primarily based on threat. This may then provoke an incremental discount in entry rights or full session termination, shortly containing the impacts of a compromised id.
Infuse ISE’s identity-based context into Secure Access
The integration of Identity Services Engine (ISE) into Secure Access’s VPNaaS functionality is the primary instantiation of ISE integration throughout Secure Access that can present granular, identity-based, posture data to deepen visibility into what customers are doing, when, and the way.
It will allow the administrator to make use of detailed, identity-based data to make proactive governance selections (by way of coverage). For instance, you possibly can know — on a per person foundation — the gadget sort used, its location, its state/posture, is it managed or unmanaged, what’s the time of day, and extra. In the long run, by utilizing AI analytics, Secure Access will be capable to detect anomalies in gadget posture and id after which apply the right coverage.
The upshot? You will be capable to extra exactly implement the proper coverage, for the proper person or gadget, on the proper time.
This is just the start. Cisco is driving towards frequent id throughout merchandise and capabilities, utilized wherever customers work, nonetheless they join (wired or wi-fi), and no matter sources they entry.
Why Cisco?
Scale issues in safety, and Cisco has a confirmed observe document with cloud-delivered safety options. We have over 70 thousand cloud safety prospects, handle 220 million distant endpoints, and safe over 600 billion net requests per day. We know the right way to do safety at scale. To study extra, register to see a reside demo of Cisco Secure Access.
We’d love to listen to what you assume. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share: