Networking lynchpin Cisco is further cementing its dual role as a security supplier with a proposed acquisition of risk-based vulnerability management specialist Kenna Security, alongside a number of additions and enhancements to its security portfolio.
Announced alongside the annual RSA Conference – which returns this year as a hybrid conference after the 2020 edition turned into an early Covid superspreader event – Cisco said it was setting out its intent to “advance [its] commitment to radically simplify security and help customers improve their security posture”.
California-based Kenna Security uses machine learning tech and data science practice to track and predict exploits in the real world, helping defenders navigate their way through the fast-changing threat landscape and prioritise risk. It will be folded into Cisco’s SecureX threat intelligence platform, with the intent of quicker time to detection, and improved collaboration between security and IT teams.
Cisco said the ability for security teams to prioritise vulnerabilities based on threat intelligence and business impact had become even more important in the past 12 months, as the shift to remote work heightens reliance on employee-owned devices and cloud services, significantly expanding potential attack surfaces and causing security professionals a headache.
“Hybrid work is here to stay, and the increasing complexity of cyber security is our customers’ biggest challenge,” said Jeetu Patel, senior vice-president and general manager, Cisco Security and Collaboration. “We must radically simplify security to stay ahead of the evolving threat landscape.
“Our goal is to unify all critical control points into a single platform. With the addition of Kenna Security, we will fundamentally strengthen our platform experience by giving customers the ability to prioritise vulnerabilities based on a robust risk methodology that is tuned to their unique needs.”
Karim Toubba, CEO of Kenna Security, added: “Cisco is on a mission to reshape the way we think about security, and together we have a unique opportunity to fundamentally transform how organisations effectively manage risk at scale.
“As malicious actors continue to evolve their methods, we need to make it easier than ever for customers to predict, detect, prioritise and respond to the security threats that matter. The breadth and scale of Cisco, coupled with Kenna Security’s mastery of machine learning and data science, will reshape how the entire industry addresses cyber risk.”
At the same time, Cisco made a number of announcements to improve its extended detection and response (XDR) capabilities and expand its secure access surface edge (SASE) offering – again in response to fundamental shifts in the way people work.
Its SecureX XDR platform will – besides the addition of Kenna Security’s capabilities – gain new capabilities around device insights, enabling customers to consolidate their inventory from multiple sources, providing visibility and context for IT and security operations.
Alongside this comes more advanced investigation and response capabilities, with new advanced search tools offering more than 200 out-of-the-box endpoint queries to help security teams get real-time answers in threat investigations, hunting and other IT ops use cases.
Cisco is also making it easier for customers to move from its EDR to XDR, with new pre-built workflows, integrations and orchestration capabilities.
Its Umbrella SASE architecture, meanwhile, is gaining new capabilities to enable faster deployment of cloud security tools across the software-defined wide area network (SD-WAN), intrusion prevention systems (IPS) in cloud-delivered firewall, backed by its Talos threat intel unit, and simplified packages to help customers buy and unify point solutions.
“Security has to be at the heart of everything in the new world we live in,” said Cisco CEO Chuck Robbins in an RSA keynote. “We believe it needs to be done with a platform approach that is simple, comprehensive and based on intelligence.
“There is really no perimeter in the enterprise to defend any more. We need visibility across endpoints, users and applications, as well as securing critical control points with continuous passwordless authentication.”