Cisco's Executive Vice President for Security, Jeetu Patel, has announced the introduction of artificial intelligence (AI) enhancements designed to strengthen security. At the Asia Pacific edition of the Cisco Live event in Melbourne, Patel highlighted the integration of predictive AI capabilities in the company's security approach. While attackers require success only once, defense systems must perform flawlessly at all times. Cisco aims to shift the focus of security teams from mere defense and response to proactive prediction using AI.
Predicting and Preventing Attacks
Cisco's new AI-driven methodology – called Cisco AI Assistant for Security – enables timely prediction of potential cyberattacks, allowing for automatic response measures to intercept threats. This advancement is expected to challenge providers of standalone security solutions, which emerged because traditional security systems failed to offer comprehensive visibility of at-risk resources.
These solutions often lead to management complexity due to multiple overlapping tools. Cisco asserts its intention to simplify this scenario by consolidating alerts from different products through AI processing. This integration will identify serious threats by analyzing a combination of mid-level alerts that might otherwise be regarded as low priority.
An administrator can use natural language to interact with the AI Assistant and perform tasks such as finding and listing all the policies that govern access to an application, creating a new policy or rule for the administrator, and applying the policy. The AI Assistant can also detect and suggest solutions for security policies that are redundant or incorrect among thousands of existing policies. This is amazing because it shows a level of intelligence that is not achievable without AI.
AI Assistant for Firewall Policy
The company has introduced an AI Assistant for Firewall Policy, currently available in preview, which assesses existing firewall rules. Administrators can interact with this tool through a natural language interface to pinpoint policies that may need adjustments or removal. A demonstrated use case included the Assistant evaluating enterprise application firewall policies and spotlighting inefficient or redundant rules for optimization. Moreover, Cisco has incorporated AI-based malware detection into encrypted traffic processing with the latest Secure Firewall OS update.
Cisco developed a generative tool that makes firewall management easier for both experienced admins and new users. It is built inside Cisco's cloud-delivered Firewall Management Center (cdFMC) and uses the latest large language models (LLMs). It uses advanced natural language processing (NLP) and machine learning (ML) to give answers in seconds instead of making an administrator waste their time on sorting dependencies, network maps, and documentation. A change ticket that used to take two hours to finish in the past, can be done in a fraction of the time — we're talking minutes — thanks to the context-based AI.
Monetizing AI Security Services
Patel emphasized that such AI-centric services would bear a cost due to the computing power required. Cisco plans to include a baseline AI feature set within its offerings. However, the company will implement a monetization model for more extensive AI services. Prices have not been announced as Cisco is still determining user behavior patterns to estimate service costs. Despite this, Patel assures cost will not inhibit AI adoption, expressing Cisco's commitment to widespread usage and adoption.
Cisco's strategic move towards AI in cybersecurity signifies an important development in the field, harnessing technology to stay ahead in the perpetual arms race between defenders and attackers. This innovation aims to not only enhance the robustness of cyber defenses but also streamline security management, marking a significant step forward for the industry.