When it comes to network establishment and firewall implementation, companies face significant risks due to the complexity of construction and compliance with regulations. Gartner predicts that 99% of network breaches this year will result from improper configurations, highlighting the crucial role AI can play in assisting Chief Information Security Officers (CISOs) and Directors. Failure to promptly detect breaches is often linked to misconfigured firewalls or intricate network setups.
Cisco, a key player in cybersecurity, has been actively addressing these risks for its clients. The recent launch of the Cisco AI Assistant for Security and the AI-driven Encrypted Visibility Engine demonstrates Cisco’s strategic shift towards utilizing AI to tackle these challenges. By leveraging a vast security-focused dataset and analyzing over 550 billion surveillance activities daily, Cisco has trained its AI Assistant to enhance security measures effectively.
The Encrypted Visibility Engine, a product of Cisco’s extensive networking expertise, aims to inspect encrypted traffic without the risks associated with decryption for inspection purposes. This innovative approach showcases Cisco’s commitment to integrating AI comprehensively across its security infrastructure, as highlighted by Jeetu Patel, the executive vice president and general manager of security and collaboration at Cisco.
In a discussion with VentureBeat, Patel emphasized the strategic integration of AI into Cisco’s security framework, underlining AI’s holistic role in enhancing various aspects of Cisco Security operations.
Addressing the Complexity of Antivirus Solutions
As Cisco prepares for its most comprehensive AI security deployment by the end of 2023, the focus remains on effectively mitigating the threat landscape. Tasks such as setting up firewalls, ensuring timely patch updates, and monitoring vulnerabilities require meticulous attention from CISOs and their teams. However, these critical functions are often neglected due to time constraints and operational challenges.
The complexity of firewalls directly correlates with the increased risk of breaches. Even with robust security strategies and advanced technological stacks, overly complex firewall configurations can compromise the overall security posture. Research from Cybersecurity Insiders indicates that 58% of businesses manage over 1,000 firewall rules, some extending into the millions.
As the cybersecurity landscape evolves, Gartner’s prediction that over 60% of organizations will adopt multiple router types by 2026 highlights the need for innovative solutions. The shift towards hybrid mesh routers signifies a broader trend in firewall technology evolution, with over 30% of new distributed branch-office firewall deployments expected to offer firewall as a service by 2026.
Utilizing AI to Address Security Challenges
“Cisco is using AI to redefine cybersecurity outcomes and tip the scales in favor of defenders,” says Patel, emphasizing Cisco’s integration of AI across channels, cloud environments, applications, and devices to strengthen cybersecurity measures.
The development efforts behind Cisco’s AI Assistant for Security and AI-powered Secure Visibility Engine focus on streamlining network management challenges. Customer feedback emphasizing the need for AI-driven rule set enhancements, improved troubleshooting insights, and automated configuration checks has influenced Cisco’s approach. These initiatives aim to assist in policy identification, troubleshooting, and automating policy lifecycle management processes.
To effectively leverage cutting-edge language models, Cisco has integrated the AI Assistant for Security into their cloud-delivered Firewall Management Center (cdFMC). This tool aims to simplify network administration for both experienced administrators and novice users, providing quick responses using advanced natural language processing (NLP) and machine learning (ML) instead of manual processes.
Cisco’s roadmap includes expanding AI assistants across various security domains within their Security Cloud, reflecting a broader strategy to enhance cross-domain security operations through AI-driven automation.
Balancing AI and Human Expertise
The move towards automating device group operations through AI assistants and addressing complex firewall configuration challenges highlights the importance of ongoing learning and human oversight. These tools must continuously adapt and refine their models based on human input to offer contextually relevant insights.
Merritt Baer, Field CISO at Lacework, stresses the significance of AI-driven engines in interpreting policies to enhance internal user understanding and facilitate external user interactions with security insights. While AI can streamline security processes, human input remains crucial in applying knowledge effectively. Vendors utilizing specialized language models should prioritize transparency regarding their security policies.
In the broader landscape of AI assistants, the focus on human-in-the-middle processes emphasizes the need for adaptable models catering to diverse operational requirements. Cisco’s AI Assistant for Security, along with offerings from industry peers like Airgap Networks, CrowdStrike, Google Cloud, Lacework, Microsoft, and Zscaler, exemplifies this trend by supporting role-based configurations tailored to specific security operations.
In conclusion, the success of cybersecurity providers in enhancing organizational security will depend on their ability to effectively navigate the human-in-the-middle dynamics of AI assistants. By fostering a symbiotic relationship between AI capabilities and human expertise, organizations can maximize the value derived from these advanced security solutions.
