By Barry Fisher Security Reimagined — Solving an Old Problem with a New Approach
A decade ago this January, Steve Jobs challenged the conventional wisdom about tablets, unveiling the iPad with the words, “What this device has done is extraordinary.” Coming on the heels of iPhone’s smashing success three years earlier, the tablet, however, wasn’t a new idea.
Others had tried and failed, including Apple (remember Newton, Apple’s take on personal digital assistants?). Tablets, in fact, had been discredited as a computing category.
But with the iPad, Apple reimagined the tablet. And it was just getting started. As its ecosystem expanded with more devices, Apple has since redefined our experience as consumers. We expect a consistent, simplified way of interacting with our technology and consuming content, and we expect everything to work together and provide even more value as a group.
Security today is ripe for having its “iPad moment.” We need to challenge conventional wisdom — that every new threat vector requires a new solution. That you have to keep adding new tools and methodologies — and consequently, more people — in order to protect across users, devices, apps, and networks.
It’s time to reimagine security.
At Cisco, we’ve been doing that with SecureX, an open, integrated platform approach that simplifies our customers‘ experience, enables automation, helps them accelerate their business, and protects their future. Like Apple did with iPad, we want to redefine the user experience. And that’s just for starters.
Security platforms, of course, are not a new idea either. While other security vendors have been here before — that is, have tried to solve problems with a platform approach — much like Newton, those platforms have fallen short.
What we’re doing differently is:
Redefining how you experience your security environment.
Improving outcomes by accelerating investigations and remediation.
Addressing the complexity by integrating your security for you.
Here’s how we’re doing that, at a high level.
Redefining the user experience
At its core, SecureX enables all your security solutions to work together harmoniously while uniting both products and users into a consistent experience.
It’s not unlike using Apple’s ecosystem. When you own multiple Apple devices, you can seamlessly move between them as you consume content. And while Apple has its own apps, you can still use others, if you prefer — say, Google Maps or Microsoft Outlook.
Just like Apple’s devices work seamlessly together, an integrated, streamlined platform enables your security solutions to work as a team and share context — while users can move seamlessly from one app or interface to the next. No more swiveling chairs, conflicting alerts, or inconsistent policy management.
And just like Apple devices provide more value as a group, the more natively integrated platform solutions you use in SecureX, the more value you derive. At the same time, you can bring your own “apps” — use the security solutions you already have. We don’t expect to be your only security vendor, and interoperability is our goal.
Accelerating threat investigation and remediation
When your SecOps receives an alert about command-and-control attempts, how long does it take an analyst to investigate? Chances are, it’s more than half a day’s work. Here’s the reality:
A typical SecOps team uses a sprawling number of siloed security solutions — which means multiple consoles, separate controls, conflicting information, and manual processes. That’s why 66% of IT and security professionals surveyed by the Enterprise Strategy Group say threat detection and response is challenging due to multiple independent point tools.
Limited visibility and context are a challenge in this heterogeneous environment. In our scenario, it means the analyst has to reach out to ITOps and email teams to search for the suspicious file. In the meantime, the users‘ personal or corporate assets are staying exposed, putting them at risk.
With SecureX, the analyst’s response and remediation time would be cut by more than 50%. The analyst could immediately isolate the endpoint as a precaution; use the unified security dashboard to see a list of all users, devices, and applications; and quickly determine that the root cause is an executable file making phishing and authentication attempts.
The analyst would additionally see what other users were targeted and block the file across all threat vectors without engaging additional teams. And once the initial endpoint is back to its normal state, it can be reconnected to the network with one click.
Addressing the complexity of your environment
Today, having a collection of best-of-breed point solutions is unavoidable. You’ve invested in these tools through the years. Integration is how you can leverage these investments to improve outcomes — but therein lies the rub. As one CISO told us, “I don’t want to be in the business of integration. I want to be in the business of security.”
Your teams are already overworked. You’re constantly fighting for talent. Doing complicated and resource-intensive integrations is just another burden.
And that is where Cisco comes in. SecureX is built around the idea that not only do your solutions need to work together, but you should be able to take advantage of the investments you have today and will make tomorrow.
If you want to use mobile device management from Palo Alto and a SIEM from Splunk along with Cisco AMP for Endpoints and Umbrella, you can do that and still leverage SecureX. Certainly, the more natively integrated Cisco Security solutions you use, the better your SecureX experience — but you can derive value from SecureX even with one Cisco product. SecureX comes with every Cisco Security product.
Stay ahead of the curve
While it will take some time for us to implement all the bold ideas we have for SecureX, you can stay ahead of the curve by signing up for the SecureX waitlist. We’ll notify you when we reopen our beta program for new users, as well as send you news and updates about our integrated portfolio.
The post Security’s Vicious Cycle appeared first on Cisco Blogs.
Source:: Cisco Security Notice