Cisco's Pioneering Identity Intelligence Defends Against Most Persistent Cyber Threat

• 06 Feb 2024
• TM Team
• 0 Comments

Cisco, the leader in security and networking,  unveiled new innovations within the Cisco Security Cloud as part of its mission to simplify security. First-of-its kind Cisco Identity Intelligence and continued innovation in artificial intelligence (AI) capabilities are the latest milestones towards its vision of a unified, AI-driven, cross-domain security platform.

Cisco is introducing an industry-first approach that brings together identity, networking and security to better protect organizations' complex identity stack against increasingly sophisticated attacker techniques.

Today there is blind trust between authentication and access solutions, and threat actors have successfully compromised some of the largest organizations in the world in 2023 by targeting these weaknesses. In fact, more than 26% of all Cisco Talos Incident Response engagements in 2023 involved adversaries using compromised credentials on valid accounts.

A user is often mapped to many digital identities and accounts - drastically increasing entry points for attackers and the possibility of lateral movement "across" identities. Too often legacy permissions have not been removed, and security teams are missing crucial context about historical identity behavior, actions across systems and current risk levels that are needed to make trusted access decisions.

Cisco Identity Intelligence runs on top of customers' existing identity stores and provides unified visibility, as well as AI-driven analytics. Customers can discover their whole identity population, clean up vulnerable accounts, eliminate unused and risky privileges, detect behavior anomalies and block high-risk access attempts – without ripping and replacing their current solutions.

While multifactor authentication (MFA) remains a critical first line of defense against identity-based attacks, malicious actors are using new and creative ways to steal credentials. According to the 2024 Duo Trusted Access Report, Cisco Duo processed 16 billion authentications in 2023, up 41% annually, and saw weaker forms of MFA like SMS and phone calls dip to an all-time low of 5%, yet the volume of identity attacks is higher than ever.

"Identity is the fabric that connects humans, devices and applications in the workplace, and has become an easy target for modern cybersecurity attacks. Organizations need to adopt an identity-first approach to security, which among other things allows them to evolve from just asking 'can' a user access a system to continuously assessing whether a user 'should' be able to do what they are doing once they are authenticated," said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. "By analyzing the entire attack surface of an organization's users, machines, services, apps, data and their behaviors, Cisco Identity Intelligence bridges the chasm between authentication and access. We are the first vendor bringing together identity, networking and security into a complete solution to address the largest cyber challenge of modern times."

Cisco Identity Intelligence is built on a powerful identity graph that pulls data from customers' many existing third-party sources that manage identity and access. With AI-driven behavioral analytics and Cisco's unmatched reach into the network, organizations can take a graduated response, such as quarantining an identity, killing active sessions or isolating the network leveraging Cisco Identity Services Engine (ISE). Cisco customers will gain visibility with these critical insights through their existing solutions, including:

• Smart Authentication with Cisco Duo: Detect unusual patterns based on behavior and third-party signals.
• Smart Access with Cisco Secure Access: Verify the authentication decision and block unusual or high-risk behaviors.
• Smart Threat Detection with Cisco XDR: Correlate identity signals to provide missing information that traditional endpoint and network security solutions miss.

Cisco Identity Intelligence will be available July 2024. With the addition of Identity Intelligence to the Cisco Security Cloud, customers will get even more value from their existing investments.

"Hybrid work and modern multi, hybrid cloud IT architectures have evolved the perimeter to be based on Identity. The reality is that this modern identity includes islands of embedded legacy identity and corresponding directories, creating a complex, forever-evolving problem. Thus, a zero-trust future does not exist without identity having a prominent seat at the cybersecurity table," said Frank Dickson, Group Vice President, Security & Trust, IDC. "Cisco now bridges the two worlds of identity and security to offer actionable visibility."

"Identity is the new perimeter to protect and it's an ongoing challenge for enterprises as witnessed by recent security breaches. Identity threat detection and response (ITDR) aims to converge identity and security, strengthening controls tied to authenticated access leveraging multiple data sources and analytics," said Will Townsend, Vice President & Principal Analyst, Moor Insights & Strategy. "Cisco's announcement is a step forward, combining identity intelligence and actionable insights with its existing network visibility, XDR orchestration, Secure Access and Duo access capabilities."