Unpacking Cisco AI Defense: its implications for customers and the company – News

Cisco Systems Inc. this week held its first AI Summit, a thought leadership event on the pivotal topics shaping the future of artificial intelligence — this one focused on the security of AI systems.

The summit was small and intimate, with about 150 attendees, including executives from about 40 Fortune 100 companies. I understand why the interest from top companies was so high, as the speaker list was impressive and included AI luminaries such as Alexandr Wang, founder and chief executive of Scale AI Inc.; Jonathan Ross, founder ad CEO of Groq Inc.; Aaron Levie, co-founder and CEO of Box Inc.; Brad Lightcap, chief operating officer of OpenAI; David Solomon, CEO of Goldman Sachs; and many others.

From a product perspective, Cisco leveraged AI Summit to announce a new tool called Cisco AI Defense, which, as the name suggests, safeguards AI systems. According to Cisco’s 2024 AI Readiness Index, only 29% of organizations feel equipped to stop hackers or unauthorized users from accessing their AI systems. AI Defense aims to change that statistic.

The product’s release is well-timed, as AI security is now at the top of business and information technology professionals’ minds. This week, I also attended the National Retail Federation show in New York. There, I attended three chief information officer events, with a combined attendance of about 50 IT executives.

Every IT executive at the three events was highly interested in AI. The primary thing holding most of them back was security, particularly for regulated industries such as healthcare, retail and financial services.

Cisco’s AI Defense is designed to give security teams a clear overview of all the AI apps employees use and whether they are authorized. For example, the tool offers a comprehensive view of shadow AI and sanctioned AI apps. It implements policies restricting employee access to unauthorized apps while ensuring compliance with privacy and security regulations.

One common theme from my IT discussions is that no one wants to be the “department of no,” but they also understand that without the proper controls, the use of AI can put businesses at risk. Also, it has been shown over time that when IT departments say no, users find a way around it. It’s better to provide options for users, and Cisco AI Defense offers the visibility and controls required for workers to be safe.

The tool is also helpful for developers because applications can be secured at every stage of the application lifecycle. During development, it pinpoints weaknesses in AI models so potential issues can be fixed early. This helps developers create secure apps immediately without worrying about hidden risks.

When it’s time to deploy those apps, AI Defense ensures they run safely in the real world. It continuously monitors unauthorized access, data leaks and cyberthreats. The tool provides ongoing security even after deploying an app by identifying new risks.

One of the tool’s unique attributes is its continuous validation at scale. One of the challenges of security AI is that while a company could use traditional tools to secure the environment at any point, guardrails will have to be adapted if the model changes. Cisco AI Defense uses threat intelligence from Cisco Talos and machine learning to continually validate the environment and automate the tool’s updates.

This also builds on Cisco’s security portfolio, which is taking shape nicely as a platform. In the analyst Q&A, I asked Cisco Chief Product Officer Jeetu Patel (pictured, left, with Cisco CEO Chuck Robbins), about the “1+1=3” effect if you use AI Defense with Hypershield. He corrected me and said four technologies created a “1+1+1+1=20.” These include Cisco Secure Access, Hypershield, Multi-Cloud Defense, and AI Defense.

“These four work in concert with each other, Patel said. “If you want visibility into the public cloud or what applications are running, Multi-Cloud Defense ties in with AI Defense and gives you the data needed to secure the environment. If you want to ensure enforcement on a top-of-rack switch or a server with an EBPF agent, that can happen as AI Defense is embedded into Hypershield.”

What’s more, he added, “we will partner with third parties and are willing to tie this together with competitor products. We understand the true enemy is the adversary, not another security company, and we want to ensure we have the ecosystem effect across the industry.”

DJ Sampath, Cisco’s vice president of product, AI software and platform, added, “AI Defense data would be integrated into Splunk, so all the demonstrated things will find their way into Splunk through the Cisco Add-On to enrich the alerts you see in Splunk.” Given the price Cisco paid for Splunk Inc., integrating more Cisco products and data into it will create a multiplier effect on revenue.

I firmly believe that share shifts happen when markets transition, and AI security provides a needle-moving opportunity for Cisco and its peers. AI will create a rising tide for the security industry, but the company that nails doing it easily will benefit disproportionately. The vision of what Cisco laid out is impressive, but the proof will come when the product is available. We shouldn’t have to wait long, since it’s expected to be available this March.

For those who missed it, the event will be rebroadcast next Wednesday, Jan. 22.

Zeus Kerravala is a principal analyst at ZK Research, a division of Kerravala Consulting. He wrote this article for  News.

Photo: Zeus Kerravala