Two things have become clear: first, everyone sees the need to offer effective security – simply – through a platform. Second, it’s incredibly complicated to get this right. You need to provide visibility, integration, orchestration within the customer’s existing security stack, and deliver a platform experience that’s effective and easy to use out-of-the-box. Anything else risks adding additional complexity or being little more than a fancy new UI with nothing underneath.
See what Mick Jenkins, Chief Information Security Officer at the UK’s Brunel University had to say on the topic of a platform approach. “We want to keep agile and to keep the SOC team small. We want the instrumentation doing as much of the configuration and automation as possible so that the forensic analysis is quick. It’s all about having integrated operability that allows us to take actions far quicker that enables us to protect our data.”
At Cisco we have engineered a head start for customers like Mick. We’ve been building and partnering to create the industry’s broadest security portfolio for well over a decade; we didn’t become the largest security company overnight. We’ve also been developing our platform capabilities for almost two years with Cisco Threat Response which addresses the Security Operations Center use case and is halving investigation time (or more) for most users. Cisco SecureX continues this platform journey and broadens the use case to NetOps and ITOps. We were able to deliver these capabilities using industry-leading endpoint, network, email and cloud security technology, coupled with advanced traffic and behavioral analytics. We delivered the ability to gain visibility into threats and to take action within the platform; anything less would add to the noise without removing any complexity.
Mick Jenkins adds, “SecureX has come along at exactly the right time. It fits with the journey and vision I have of developing zero trust environments. We have a lot of intellectual property such as research data. A zero trust environment is one of my core objectives alongside the automation and analytics and interoperability so that my small team is able to act, respond and contain incidents quickly.”
Nine thousand customers later and counting, this platform approach has become the fastest-adopted technology in our history. With that said, today’s announcement is really in two parts. We’re incredibly proud to unleash SecureX on the security market and we’re continuing to innovate in the products that underline SecureX being the broadest most integrated platform.
Let’s take a look under the hood at what it takes to get our new announcements to work.
- Cisco SecureX. If you need a primer on SecureX, see my blog from RSA. The way I look at it, before even launching our platform, SecureX has passed the first test and already established that it’s grown way beyond the original SecOps use case. SecureX supports multiple playbooks out of the box, such as phishing, vulnerability management, and most relevant at the moment, secure remote worker. In addition to securing the remote workforce, SecureX playbook can be run to continuously monitor for VPN head-end load so we can get NetOps authorization to automatically spin up a new virtual VPN head-end to reduce and balance out a high load.
- Threat Hunting from Cisco. One of the new capabilities that I am most excited about is our new SecureX Threat Hunting. Now our customers can benefit from expertise of Talos – the largest non-government threat intelligence agency – to hunt for threats in their environment. Threat Hunting is a proactive, analyst-centric approach that uncovers hidden advanced threats – the approach is tailored for each customer environment. If a threat is identified, our threat hunters notify the customers with full details such as how an attack was spotted and more importantly, actions that should be taken to remediate the threat. One of the things that makes Cisco unique is the fact that our threat hunters have access to large volume of threat data and rich telemetry available across security domains through SecureX. To start with, SecureX Threat Hunting will be available as part of our endpoint security offer.
- Addressing the #1 Attack Vector. Introducing at Cisco Live, Cloud Mailbox Defense is a cloud-native email security platform for Office 365 that focuses on simple deployment, easy attack remediation, superior visibility and best-in-class efficacy from Cisco Talos. Cloud Mailbox Defense provides full visibility by stitching together messages which are inbound, outbound, or internal messages. This augments Secure Email Gateways (SEGs) which do not scan internal messages. Many platforms miss key vectors such as email. Cisco has best in class product level capabilities and continues to innovate with the SecureX platform to offer visibility and integrations.
- Combining Endpoint Malware Protection and MFA. The easiest and most secure multi-factor authentication is now integrated with our endpoint security, so only trusted users and trusted devices can access corporate applications. The Duo plus Advanced Malware Protection (AMP) integration brings threat visibility to the authentication process, verifying not only the user but also the posture of the device. If AMP determines the endpoint is in state of compromise, Duo can block access. Not only does this enable defenders to respond quickly to potential breaches, but SecureX prevents that same incident from re-occurring elsewhere on another end point.
- Secure Access Service Edge (SASE). SecureX shows that integration is also required between security products and core infrastructure, not just between security products. Cisco is breaking new ground with a SASE solution that delivers a growing set of security functions from one cloud-native service and provides a unified SD-WAN and cloud security offer. Adding the fastest, easiest security deployment for offices to the most widely deployed branch router and providing direct internet access, Cisco’s secure SD-WAN solution is proven to provide the highest security efficacy. Find out more in this blog.
We’re committed to creating a truly integrated and open platform that delivers a better security experience and protects what’s now and what’s next.
Let’s turn to the words from another incredible customer, in this case Michael Degroote, Infrastructure Consultant at flooring manufacturer Mohawk Industries, based in Georgia. “At Mohawk we really believe in the security approach from Cisco because Cisco connects all the dots together. It gives you the right information in an investigation to handle the threats and be able to react to them as quickly as possible. The integration possibilities we have with third-party solutions will only strengthen this further. We are looking forward to what SecureX brings to us.”
And, as for why we named it Cisco SecureX, see what my colleague Gene Hall has to say, then try SecureX for yourself at cisco.com/go/securex. Also check out Gee Rittenhouse’s blog announcing the availability of SecureX.
by Jeff Reed
Original article can be found HERE
JOIN OUR LINKEDIN LIVE EVENT ON MARCH 11TH
Designing in Automation and Productivity to Support the Modern Workplace