Ready to further increase your brand’s visibility? Consider becoming a sponsor of The AI Impact Tour.Learn more about opportunities here.
Configuration complexity and rules are one of the most critical and accidental risks to organizations when configuring networks and firewalls. Gartner predicts that misconfigurations can cause issues such as: 99% Of all firewall breaches this year. This is the perfect use case to prove the value of AI to CISOs and CIOs. A poorly configured hybrid cloud or a misconfigured firewall can lead to a breach that no one discovers until it’s too late.
Cisco has been fighting these risks on behalf of its customers for many years. They decided to go all-in on AI to tackle these challenges with the recently announced Cisco AI Assistant for Security and the AI-powered Encrypted Visibility Engine. The AI assistant is trained on one of the world’s largest security-focused datasets, analyzing over 550 billion security events every day.
Cisco leveraged its deep networking expertise by launching the Crypto Visualization Engine. It is designed to allow inspection of encrypted traffic without the operational, privacy, and compliance issues typically associated with decrypting traffic for inspection, the company told VentureBeat. That’s what it means.
“One of the things we wanted to do was make sure that AI was pervasive as part of the core fabric of the Cisco Security Cloud, and we’ve been working on that in every aspect of what we do at Cisco Security. ,” said Jeetu. Patel, Cisco’s executive vice president and general manager of security and collaboration, told his VentureBeat in a recent interview.
VB event
AI Impact Tour
Connect with the enterprise AI community at VentureBeat’s AI Impact Tour in a city near you.
learn more
When it comes to firewalls, complexity kills
Cisco has chosen the right threat surface with the most comprehensive AI cybersecurity release to close out 2023. CISOs and their team members agree that it’s important to have firewalls in place, maintain current patches and policies, and stay aware of potential opportunities. Common vulnerabilities and their dangers (CVE) is often ignored because it is time consuming.
The more complex a firewall, the more likely it is to be breached. Complexity can undermine even the most effective cybersecurity strategy and well-implemented technology stack. Cyber Security Insider We found that 58% of organizations have more than 1,000 firewall rules, with some having millions.
Firewalls are a technology category that has been around for decades and is ripe for further innovation. Gartner predicts that by 2026, 60% of organizations will deploy multiple types of firewalls, driving the adoption of hybrid mesh firewalls. By the same year, 30% The share of new distributed branch office firewall deployments will be firewall-as-a-service, up from less than 10% in 2022.
Control policy chaos with AI
“Cisco is leveraging AI to reshape how organizations think about cybersecurity outcomes, steering the needle in favor of defenders. We combine a wide range of telemetry across infrastructure, applications, internet, email, and endpoints,” said Patel.
Cisco is developing an AI Assistant for Security and an AI-powered encryption visibility engine based on our customers’ top priority of streamlining firewall management. When Patel and his team talk to customers, they say they hear the same challenges over and over again.
Patel added that customers want a more automated approach to reviewing configuration details, more insight when troubleshooting, and an AI-based approach to optimizing rulesets. Patel explained that customer needs drove his three use cases that his DevOps and engineering teams focused on. These include assistance (policy identification and reporting), enhancement (troubleshooting), and automation (policy lifecycle management).
Cisco chose to develop AI Assistant for Security within the cloud-delivered Firewall Management Center (cdFMC) to take advantage of the latest large-scale language models (LLMs).
Raj Chopra, Senior Vice President and Chief Product Officer, Cisco Security Business Group write“We have created a generative tool designed to simplify firewall management for both experienced administrators and novice users. By leveraging advanced natural language processing (NLP) and machine learning (ML), , admins don’t have to spend time sorting through dependencies, network maps, and documents; they get answers in seconds.”
It’s clear from the way AI Assistant for Security is designed that Cisco plans to integrate more assistants across a wide range of roles into the security cloud. The goal is to build a cross-domain security platform with an AI assistant that can be leveraged to automate security analysis and reporting tasks.
AI still requires human intervention to function
The rush to use AI assistants to solve complex firewall policy problems and automate and streamline SOC team workflows has a common thread. The hallmark is that the models in all these tools must continue to learn and course-correct through human input, while providing context-specific and useful information.
VentureBeat spoke with field CISO Merritt Baer. lace knittingthe company recently introduced Lacework AI assist. He told his VentureBeat that his AI-driven engine designed to parse policies will help internal users better understand their privileges and give external users more security insights and analysis. He said he was able to operate it properly.
“Security product professionals believe that this type of reasoning and querying capabilities will help users better understand layers of policy that are difficult for humans to reason about, and that this will help them do security more effectively.” It’s not a panacea. You still need to do something with that information. And if you use a custom LLM like this, you should ask your vendor about their internal security policies. ” says Baer.
More broadly, VentureBeat observes in most AI assistant briefings that man-in-the-middle workflows are a key element in their product designs. This is evident in the fact that it is designed to be flexible between different roles. Cisco’s AI Assistant for Security follows this paradigm and supports several standard configuration roles at launch.
Just as AI assistants such as Airgap Networks, CrowdStrike with Charlotte AI, Google Cloud Security AI Workbench, Lacework AI Assist, Microsoft Security Copilot, and Zscaler can be configured for different roles, Cisco’s AI assistant can be configured for different roles in security. Flexible from one role to another. No need to reconfigure your operations center (SOC).
CrowdStrike’s Charlotte AI also supports role-based AI definition workflows that integrate multiple best-of-breed AI models, whether third-party, open source, or internally developed, to ensure the best LLM is used for a given task. You can make it happen. Racework AI Assist is designed to scale across a variety of roles, typically within her SOC. RaceWork AI Assist is unique in its ability to customize and personalize insights while coordinating between novice and expert cybersecurity professionals to quickly interpret and act on complex security data.
Bottom line: How effectively cybersecurity providers plan for the man-in-the-middle dynamics of their AI assistants will directly impact their adoption and long-term contribution to securing their organizations.
VentureBeat’s mission will be a digital town square for technical decision makers to gain knowledge about transformative enterprise technologies and transactions. Please see the briefing.