Fady Younes, Managing Director Cybersecurity MEA at Cisco discusses the pressing cybersecurity threats, aligning cybersecurity with an evolving workforce and the role of AI. The article delves deeper into the role of AI in cybersecurity and Cisco’s cutting-edge strategies to combat emerging threats.
Can you introduce the current cybersecurity landscape and the challenges it brings?
In today’s dynamic digital landscape, the pressing question lingers: What truly poses the greatest cybersecurity threat to businesses? As devices multiply from mobile gadgets to the Internet of Things (IoT), and organisations embrace multi-cloud infrastructure and remote workforces, a daunting challenge emerges. How can CISOs and cybersecurity experts shield their organisations in this intricate environment?
While external threats like phishing attacks have long dominated discussions, a hidden danger lies within organisations themselves. Surprisingly, despite significant investments in cutting-edge technologies, a recent study reveals that a staggering 85% of CISOs and IT leaders believe their security measures remain insufficient.
Amid this turmoil, Cisco emerges as a leader in this field. They offer unmatched security in hybrid and multi-cloud settings. As organisations navigate the complex multi-cloud landscape, Cisco’s solutions provide comprehensive visibility and policy management enforcement. This empowers organisations to outfox threats, streamline operation and optimise resources.
Furthermore, the evolving workforce demands innovative security strategies. With an alarming 74% of recent breaches linked to human error, Cisco’s Zero Trust approach ensures a balance between heightened security and seamless user experiences.
What is the biggest cybersecurity threat to businesses?
The explosion of devices, whether we talk about mobile or IoT devices and a shift to the multi-cloud and the distributed workforce which has been accelerated by the recent pandemic has brought important consequences. This has created an extremely difficult proposition for CISOs and security professionals to defend their organisations and safeguard this complex environment. Traditionally, phishing attack vectors were leading to vulnerabilities in endpoints, which is an area that cybersecurity experts are currently focusing on. However, it is important to focus on the insider threat and establish whether it is intentional or unintentional. According to a recent study, 85% of CISOs and IT leaders believe that despite all the investments they made into top-notch and leading technologies, they are in fact at greater risk as their security is not adequate to protect their organisation.
How does Cisco help deliver unmatched and secure digital experiences across hybrid and multi-cloud environments?
Over the last few years, there has been a shift to the multi-cloud environment with the SecOps team wanting to have full visibility and control of users, devices and applications. At the same time, users want to have frictionless and seamless access to applications. To address all these needs, Cisco recently announced its Cisco Security Cloud and Cloud Protection Suite by providing organisations with full mapping and visibility on Application Mapping and supplying them with consistent policy management enforcement. We are helping organisations stay ahead of threats before they hit them.
In summary, Cisco’s Security Cloud and cloud protection suite arm organisations in protecting their multi-cloud hybrid environment and enable security teams to help simplify their operations, reduce risks and also optimise the resources.
How is Cisco enabling cybersecurity to align with evolving workforce demands?
There are some interesting insights from recent research that help illustrate this point. Some 74% of recent breaches are related to or involve a human element and some 40% of incidents are related to compromised resources. Phishing-as-a-Service now includes MFA bypass as an option. The sum of this creates a challenging and difficult environment where security teams are sometimes pushing those security aspects and risks to users. But users at the end of the day are not security experts and that is creating a trade-off between enhancing the security efficacy and affecting the user experience.
However, if you have the right Zero Trust architecture in place and apply the right Zero Trust principles, you will be able to find that sweet spot that helps organisations reduce those inside threats and any lateral movements which are associated with these risks. I believe that it will not be possible for organisations to completely eliminate human errors, but they will be able to mitigate them. This can be achieved by applying those Zero Trust principles, which allow users access to applications based on aligning them with their individual needs and the specific context in which it is applied.
How does the development of AI pose a threat to humans? And what are the challenges and opportunities of AI for cybersecurity?
We must investigate both sides of the equation. Cybercriminals are leveraging AI to assess their attack strategy and also to improve the success rate of those attacks. Additionally, cyber-attackers are using AI to enhance the scale, scope and speed of their activities. Now, for me to fight this kind of misuse of AI, Cisco is leveraging the power of AI to equip cyber security teams at organisations with an array of superpowers and mechanisms to fight back.
It would be unreasonable to assume, with the current environment and the high level of sophistication that’s happening from the attackers’ point of view, that we can approach it from one angle. For example, it is not an option to simply and solely rely on the human scale kind of defence. However, on the contrary, we have to start introducing and increasing the machine capabilities to properly protect the organisation. Hence at Cisco, our security AI strategy is threefold; simplify security, prevent attacks and ensure the secure use of large language models. I believe it’s imperative at this point in time to introduce a regulatory framework to govern the public AI tools and the misuse of those tools for offensive purposes.
Click below to share this article