Al and ML will be key to making security simple and predictive in digital-first world
CXOToday has engaged in an exclusive interview with Mr. Raj Chopra, SVP, Product Management & Design, Security Business, Cisco
Q1. How is Cisco simplifying its security experience through its innovative strategy and product design?
The simplification that users experience comes from being very precise about the use cases, being very precise about the workflows, and the outcome that we’re trying to drive. And that is where we have a very healthy team of user researchers who do a world-class job of capturing the intent of the user that we distill into a design. This is how we’re bringing that simplification by using precision of what it is that the customer is meant to experience and what they’re trying to accomplish. And we can then hone that entire solution to exactly what the customer needs.That’s where the simplification comes in.
Q2. How is Cisco aiding its partners in achieving their digital transformation goals through their Cisco secure portfolio products?
Beyond developing technology that is superlative and making sure that the quality at scale is available, in addition to that, we are promoting various forms of integration – some pre-built by us; some that they can put together with well-scale, well-authenticated API’s that are available for either our partners or our customers to build on. There are numerous ways that we are both consuming as well as sharing information in real-time – threat intelligence telemetry, so that we can produce higher value security outcomes for our joint customers.
Q3. How is Cisco delivering industry innovative solutions in the Secure Access Service Edge (SASE) market and leading the future of cloud, network, and workload with security as a priority?
If you look at the world of cloud-first kind of infrastructure, there are, broadly speaking, three elements that architecture requires. It needs a very strong and proliferate footprint on the endpoint. It requires an access endpoint because everything else is encrypted. And within the cloud, it requires the security of the workloads that are running in the cloud, which could come through segmentation or ingress or egress traffic. So, across all those architecture elements, Cisco security has the most broadly deployed assets.
We have endpoints that are deployed on as many as 80-plus million endpoints with AnyConnect, which gives us a fantastic footprint for us to build a lot of the telemetry and capabilities for the user from an edge perspective and from an access perspective. We are building this cloud that is going to be globally accessible with the shortest possible latency for the user population. Then we have a robust set of capabilities that we have developed for workloads that are in the cloud. So, by taking these components and architecting them into a solution through validated designs is what customers love and expect from Cisco. That is a fundamental way that we differentiate in the market.
Q4. What are the technology trends that will shape the security landscape in the coming years?
I think there are two trends that are going to happen. One is going to be how much ML and progressively AI is going to aid our understanding of the context that a particular access is being done. So, the telemetry that we talked about, it is going to be almost predictive at this stage. We’ve done quite a bit of good work with secure workload, where ML is already providing a pretty good understanding of applications. We have done more things with encrypted visibility engine that we lovingly call Eve on the firewall side, which also takes advantage of ML in a big way. These are things that we believe are going to be a very strong pillars of security solutions going forward.
Then the other category of solutions or trends is about connectivity. I think 5G availability is going to open up richness of access that we’ve not seen before. Some of this inspection progressively is going to move closer and closer to the edge given that it is encryption that is pervasive in the environment. Much of this sort of access has moved closer and closer to the edge.
Q5. How is the present geo-political climate affecting businesses from a cybersecurity front and what are companies doing to drive cyber awareness within their organizations?
I think the international, nation-state kind of trends have existed forever. We see a few of these amplified but this is nothing new. It’s an amplification of what we’ve seen in the world before. Cisco is both proud as well as honored to be with the Talos intelligence team to be providing threat intelligence to many democratic nations in the world. And we’re proud of that.
I think the sharpest end of cyber awareness comes from when people interact with systems that are semi-trusted. Case in point – email. All of us have email and email is one of those things that anyone can send anybody – any kind of email impersonating the display name to be whatever. This is why we see a vast swath of things that come over email. So, cyber awareness goes a little bit beyond the posters that are displayed in the hallway. But how are we training our end user community in a continual way? I think that’s a big component of it.
The second component, in my opinion, is that cyber awareness gets measured – because what gets measured, will improve. And it starts all the way from the board level where, if the CISO is reporting to the CEO, they’re going to have both the access as well as the inspection of what exactly is happening in our environment. So, end-user awareness through means where they interact with semi-trusted things like email and then having the leaders that are responsible for security reports at the right level in the organization – those are critical ways that people are living the cyber awareness aspect, not just talking about it.
