After a uniquely challenging year in which the future of work arrived seemingly overnight, organizations are doubling down on digital agility. That means becoming faster, smarter, more innovative and, of course, highly secure.
Because nothing undermines agility like a cyberattack. As Senior Vice President and General Manager of Cisco’s Security Business Group, Dr. Gee Rittenhouse has some strong ideas about the challenges — and critical innovations — that are transforming cybersecurity today and into the future.
At Cisco, which was just named “Cybersecurity Company of the Year” by SC Media Awards, that innovation goes beyond thwarting the ever-increasing volume of cyber threats. In fast-evolving hybrid-work environments, simplicity and ease of use are equally critical for security teams and end users alike.
In this Q&A, Rittenhouse shares key insights on the overall picture of cybersecurity in 2021, Cisco’s trusted role as a security partner, and why its groundbreaking innovations are transforming how organizations protect their most vital assets.
Cisco was just named the “Cybersecurity Company of the Year” by SC Media Awards. What do you attribute this recognition to?
Cisco Security’s mission is to be our customers’ most trusted partner by providing effective security solutions. Every day we are entrusted with protecting hospitals, governments, schools and businesses. It is a lofty responsibility, but it is one that we take to heart.
To be a trusted partner, it means showing up for our customers in their time of need. An example of how we have done that is when we extended free security to customers at the onset of the pandemic so that they could keep their businesses up and running as they transitioned to remote work.
We believe that to provide effective security, it must also be simple to use. Complexity is still customers number one challenge when it comes to securing their enterprises, so we want to build technology that lessens the burden on often understaffed and overworked security teams.
This culminated in last year’s launch of Cisco SecureX, a cloud native platform that connects our integrated security portfolio and customers’ security infrastructure to provide a simple and consistent experience across users, devices, network, applications & data.
Prior to the pandemic, we knew SecureX would be transformative for the industry, but we could have never predicted how instrumental it would be to security and IT professionals over the last year. With businesses operating in a dynamic environment and at a once unthinkable pace, there is a massive need for simplification and automation, which are the tenants that the platform was built on.
We are fundamentally changing the way teams experience security and creating a more secure work environment, which has had a lot of resonance in the industry.
How does the Cisco Security strategy tie into this?
Our strategy has three key parts. First, we deliver market leading products in the critical security control points of users; devices; networks; apps and data. Next, we take that broad portfolio and integrate the backend with our market leading threat intelligence from Talos, so our products talk to each other and can see and respond to the threats faster. We also integrate the frontend with SecureX to provide a unified experience that delivers simplicity, visibility and efficiency. The final piece is to reimagine access control with our zero-trust architecture, which means enforcing access security policies both before the user logs in to an application and after the login.
The way we work and live has changed a lot over the last year. As we move to a hybrid working environment, what is top of mind for our customers and how we are supporting them?
The future of work is hybrid and even after the pandemic is over, employees will continue working from home some of the time. For most organizations, securing their remote workers is their top concern. When we interviewed customers for our Future of Secure Remote Work report, we learned that lack of employee awareness and education and too many security tools were the top challenges. Ultimately, both issues go back to the need for security to be more approachable for the people who use it and the people who manage it.
When we think about security from an end user perspective, employees are often not being willfully careless, but the technology is too complicated and/or does not fit seamlessly into how they work. A good example of this would be passwords. Over time, we have created hundreds of them, which are hard to remember and can be easily compromised. At Cisco Live in March, we announced passwordless by Duo, which is a method of authentication that does not rely on passwords but instead uses biometrics like TouchID, FaceID, security keys or specialized mobile apps like Duo to verify identity. This provides employees with a frictionless login experience and stronger security.
When we talk about too many security tools, we are helping customers by creating a unified experience through SecureX, which we talked about earlier.
Regarding passwordless, do you envision a world without passwords, and what needs to happen before we see this adopted broadly?
With passwordless authentication, we are moving towards a future where we will be far less dependent on passwords, but it should be viewed as a journey not something that can be enabled overnight. There are still legacy tools using older technologies, which can only be solved through infrastructure upgrades and that can be a years-long process. That said, the consumerization of biometrics through TouchID and FaceID are making a passwordless future much more of a reality. According to the 2020 Duo Trusted Access Report, 80 percent of mobile devices used for work have biometrics configured, up 12% the past five years.
At Cisco Live, the company also announced its vision for Secure Service Access Edge (SASE) and plans to make it easier to consume. Can you tell us more about how Cisco is making networking and security simpler for our customers?
The hybrid work environment has expanded the attack surface and added complexity across IT, security, and networking teams. Our SASE vision is to deliver seamless, secure access to any application, over any network or cloud, anywhere users work. We do that by combining our best-in-class networking, client connectivity, security, and observability capabilities into a single subscription service. It will be straightforward to procure, easy to set up, and simple to use — all brought together through a single cloud dashboard.
Can you give us a sneak peek into RSA and what we can expect?
RSA is always one of our favorite events, and this year is especially exciting because Chuck will be delivering a keynote address on day one of the conference titled, “Cybersecurity for an Inclusive Future.” I hope everyone will tune in to hear him speak and to see what other exciting announcements we have to share during the show!
- See also: Watch Gee’s discussion with SC Media’s Editor in Chief on how the threat landscape drove demand for and development of new capabilities
We welcome the re-use, republication, and distribution of "The Network" content. Please credit us with the following information: Used with the permission of http://thenetwork.cisco.com/.