In its year-end report for 2024, Cisco Talos found that nearly 70 percent of ransomware attacks used valid accounts to gain access.
For security teams, that translates into a full-on identity crisis.
But now there’s a unique solution to counter it.
Building on its successful multifactor authentication (MFA) and other capabilities, Cisco Duo has evolved to meet these challenges head on — with its recently unveiled Duo Identity and Access Management (IAM).
Because while MFA has been one of the most effective protections against security threats, it’s no longer enough. Attackers are already stealing passwords. And many are capturing second-factor credentials, with the help of AI, phishing, and other social engineering schemes.
The end result? With fake IDs, bad actors can slip into networks undetected.
Cisco’s Duo IAM solution builds security into the foundation of identity, instead of bolting it on as an afterthought. Here are five ways the reimagined Cisco Duo protects identities, supports overwhelmed security teams, and frustrates cyber criminals:
It’s security first. IAM solutions have traditionally been built to manage identities, not secure them. Hackers know this. By integrating a user directory — along with its existing capabilities including MFA and Single Sign On (SSO) — Duo offers a super powerful, integrated solution, at no extra cost for the combined security and identity features. For security teams, that means a highly effective tool that’s easier to manage and deploy.
It makes end-to-end phishing resistance a reality. Proximity verification is a new capability within Duo IAM. Since a scammer won’t be anywhere near an authentic user, Duo uses Bluetooth Low Energy (BLE) to verify that the real user’s mobile and access device are proximate to one another when authenticating. At the same time, with enhancements to Duo Passport, Session Theft Protection guards against the mining of data from cookies within browsers, preventing session hijacking. Additional features like Duo IAM’s passwordless option ensure seamless, trusted authentication for users without having to use or remember a password.
It’s open and flexible. Duo IAM integrates effortlessly with third-party identity systems. This is enabled by a new Identity Routing Engine, which allows Duo to integrate with many identity providers either as an identity broker or as a secondary identity provider. Incorporating security by default, Duo IAM frustrates attackers, while improving user experience and cutting management costs. User experience is further enhanced by the Cisco AI Assistant, which is embedded in Duo for real-time support at any stage of deploying or managing the solution.
It unifies identity intelligence. Identity infrastructure is complex and often disconnected, creating blind spots where attacks and vulnerabilities go unnoticed. To help organizations continuously monitor and respond to changes in identity risk, Duo IAM integrates with Cisco Identity Intelligence, connecting identity and access data across the Cisco Security Cloud platform. With AI-driven behavioral analytics and Cisco's unmatched reach into the network, organizations gain comprehensive visibility, threat detection, and the ability to take graduated responses — like increasing identity access, quarantining identities, and killing active sessions.
It builds trust (and customer confidence). Nothing erases customer or employee trust like a security breach or ransomware attack. Many organizations and individual users fear they are constantly in the crosshairs of cybercriminals, with data, identities, and brand equity at stake. With a reimagined Cisco Duo, Cisco believes it can help restore trust in identity security, upon which so much in our modern economy depends.
To learn more, visit https://Duo.com
