Return to New York on June 5th to work with executives to explore comprehensive ways to audit AI models for bias, performance, and ethical compliance across diverse organizations.Find out how to participate here.
Using existing cyber defense systems to attack an organization's endpoints, infrastructure, and threat surfaces may not always be able to identify or stop what the world's deadliest attackers are targeting. not.from Cybercrime organizations leverage AI and machine learning (ML) expertise against the enemies of the nation-state, Recruit the best talent from universities To participate in global cyber warfare, today's organizations must similarly actively pursue resilience.
Resilient networks are now a board-level priority, according to several CISOs VentureBeat spoke to at RSAC 2024 who requested anonymity. Boards want evidence of progress on risk management objectives. A notable takeaway from his CISO discussion at RSAC 2024 is the need for increased effectiveness across the infrastructure and increased visibility at the container and kernel level.
“There is overconfidence in our ability to deal with cyber-attacks; 80% of companies are confident in their preparedness, but 3% Really ready. The negative effects of a lack of resilience are tragic. We need to move to creating the first generation of something completely new,“ Jeethu Patel, executive vice president and general manager of security and collaboration at Cisco, told VentureBeat. 2024 Cisco Cybersecurity Readiness Index.
VentureBeat's conversations with CISOs during RSAC support Patel's point. Their top concerns include increasing the resiliency of their cloud infrastructure, securing their software supply chain, increasing software bill of materials (SBOM) compliance, and increasing the resiliency of their partners and suppliers against constantly new techniques from attackers. Connection protection.
Redefining cybersecurity for a hostile AI world
“What we have to do is use AI natively for defense, because we can’t fight AI weaponized attacks from adversaries at human scale. We need to do it at machine scale. '' explained Patel.
Mr. Patel detailed the many challenges organizations face in becoming more resilient to faster and more sophisticated cyberattacks. Cisco views the challenges of keeping infrastructure up to date, patch management up to date, and containing breach attempts with strong segmentation as tough challenges facing all organizations today. . If left too long, it creates a vulnerable threat surface that attackers will inevitably find and exploit.
Most organizations put off patching and only redouble their efforts after a breach occurs. Ivanti's Recent cybersecurity status report We found that patches that impact mission-critical systems were assigned the highest level of urgency 61% of the time. The majority of IT and security professionals (71%) view patching as: overly complex and time consuming. Additionally, 57% of these professionals say remote work and distributed workspaces are making patch management more difficult, and 62% say patch management is taking a backseat to other tasks. is recognized.
Segmentation is known to be one of them. the most difficult aspect Zero Trust security frameworks should be pursued despite their inherent ability to restrict attackers from moving laterally within your infrastructure. There is also the challenge of updating the infrastructure itself, such as firewalls and network equipment, which often takes a long time due to limited change management windows. Without a more automated approach to keeping infrastructure up to date, critical systems become obsolete and vulnerable.
Why Cisco says cybersecurity needs to change
Defending against adversarial AI-based attacks and the torrent of new tradecraft created by adversaries requires a new approach to cybersecurity. Cisco's Patel and Cisco Senior Vice President and General Manager of Security Tom Gillis spoke to VentureBeat. Cybersecurity must take full advantage of native AI, kernel-level visibility, and hardware acceleration to enable more resilient, self-upgrading security systems.
In their joint keynote, Patel and Gillis expanded on that vision and explained why now is the time to rethink cybersecurity. The time is now: Redefining security in the age of AI. Cisco is strengthening native AI as a core part of its future cybersecurity strategy. It starts with his recently introduced HyperShield, a new hyper-distributed framework that acts as an enterprise-wide security fabric.
“If AI is thought of as an afterthought, it's very difficult to go out and do something about it. You have to think about it. the AI used,” Patel emphasized in his keynote address.
Gillis told VentureBeat that we need to rethink cybersecurity to support more context-aware and intelligent autonomous segmentation, automated patch management, and more efficient and secure ways to keep infrastructure up to date. He said that customers are aware that there is.
„We're talking about an infrastructure that upgrades itself. HyperShield applies compensating controls, protects against known vulnerabilities, removes those controls after patching, and provides lifecycle management. You can,” Gillis said. „This is definitely not just building the next version of something that already exists. We're building the first version of something entirely new. And that's a completely reimagined architecture for hyper-distributed security,“ Patel said. added.
Three technology shifts will transform cybersecurity
“There are three important technological changes happening today that will fundamentally change how we solve these problems: AI, kernel-level visibility, and hardware.” wear acceleration,” Patel said. Patel said these three technological changes form the foundation of Cisco's new generation of cybersecurity hyperdistributed frameworks, including HyperShield.
Mr. Patel and Mr. Gillis discussed changes in technology and their impact on why and how we need to rethink cybersecurity. A summary of each shift is as follows:
aArtificial intelligence (AI). Gillis and Patel predict that AI will incrementally improve the accuracy and performance of security operations centers (SOCs). Therefore, implementing native AI is essential to the success of any cybersecurity platform. “These AI tools are doing great things when it comes to security. It's not a small increase, it's a quantum leap in efficiency. We'll always build on user trust. „It has a semi-automatic mode that says to the user, 'I'm about to make this decision, and here's why,'“ Gillis told VentureBeat.
Kernel-level visibility. „You can't protect what isn't visible. That's why I think Extended Berkeley Packet Filter (eBPF) will become a very important technology. This allows you to peer into the heart of your server and operating system to see what's going on without actually going inside the operating system. '' Patel told his VentureBeat.
Gillis adds, „eBPF allows you to examine your application to understand its internal workings and find out if there have been any changes. Has the app been updated? Is this a new version? Has anything changed since then that you can tighten the restrictions again? The better you understand your application, the more confident you can be in saying whether these rules are accurate. ”
hardware acceleration. Gillis and Patel see rapid advances in graphics processing units (GPUs) and data processing units (DPUs) as catalysts that will continue to reimagine and redefine cybersecurity. “We talked about hardware acceleration with the GPU. Think about the DPU as well…it can significantly accelerate the throughput of security operations and I/O operations…connection management that can run 1,000 times faster than before Encryption is possible,” Patel said. He goes on to say that „hardware acceleration, such as his DPU, a subsystem specialized in computing I/O operations and repetitive network functions such as connection management and encryption, makes him more efficient than traditional means.“ „We will now be able to deliver a 1,000x higher performance environment.“