Cisco Executive Vice President and General Manager, Security and Collaboration Business Units Jeetu Patel answers questions from BSA | The Software Alliance Senior Vice President of Global Policy Aaron Cooper about how AI tools and systems can help companies like Cisco, develop products for its customers that put privacy protection first and enhance cybersecurity abilities.
1. How is Cisco working toward enhancing privacy and cybersecurity through AI tools and systems in its products?
AI is one of the keys for simplifying cybersecurity and improving efficacy. The reality of our industry is that security has gotten way too complex. The industry has evolved as a patchwork of point solutions, and now most organizations have on average between 50 and 70 point solutions in their cybersecurity stacks. It’s become untenable to manage, and, worse, it’s actually making the world less safe.
That’s why Cisco introduced our AI-powered integrated platform, the Cisco Security Cloud. It’s designed to solve three problems: it protects the user, it protects cloud and cloud infrastructure, and it protects against breaches and helps you respond and recover from incidents as quickly as possible. And it’s built with a pervasive fabric of AI, because security can no longer be done at human scale alone. It must be done at machine scale.
The fact is, security is fundamentally a data problem. The products that have access to the most cybersecurity related data and can effectively correlate it to derive actionable insights are the products that can provide the best security outcomes for customers. And by bringing Cisco and Splunk together, we now have more telemetry, more visibility, more threat intelligence, and the ability to correlate more relevant data than anyone.
2. Cisco recently released the Ten Tech Policies to Power the Future, including AI and cybersecurity. Why is it important for governments to adopt AI to help improve cybersecurity?
One of the big challenges for governments and for the entire industry is the increasing sophistication of attacks and the ways in which bad actors are weaponizing AI. And attacks can disrupt government operations and compromise critical infrastructure like power grids, transportation, and health care. In truth, the adversaries have always had an unfair advantage because they have to be right just once, but the defenders have to be right every single time.
To start tipping the scales in their favor, governments need to adopt technologies that give them an AI and data advantage. And I believe that you can’t be a great security company if you’re not a great AI company, and you can’t be a great AI company if you’re not a great data company. With Splunk, Cisco customers have an AI and data advantage that can help make the world a safer place. And we are committed to working closely with the entire ecosystem to foster an open, collaborative, and responsible approach to how we enable our customers to protect themselves.
3. You recently wrote that AI is a “force multiplier” in cybersecurity. What are some of the basic ways in which artificial intelligence is helping to counter malicious actors, and how is Cisco incorporating AI into its security practices?
If you assume an attacker is already in, and all traffic is encrypted, then the name of the game is to stop lateral movement. And where does lateral movement happen? On the network! And with the Cisco Security Cloud, we have deep insight into the network, real-time visibility, and ways to use AI to protect our customers against lateral movement. Here are some examples:
Autonomous segmentation: Segmentation to prevent lateral movement used to be straightforward with three-tier application architectures tied to physical pieces of hardware, but it’s much harder in hyper-distributed environments with hundreds of Kubernetes containers running in multiple public and private clouds. With AI and real-time visibility, we can automate segmentation by continually learning about application behavior over time, and dynamically adjusting segmentation rules as things change.
Distributed exploit protection: Organizations simply can’t patch vulnerabilities as fast as attackers can exploit them once they’re known. It’s a major gap. With AI and visibility, we can detect a vulnerability and then automatically deploy a compensating control wherever it’s needed, which will shield the vulnerability from being exploited. And once the vulnerability is patched, we can automatically remove the compensating control.
Self-qualifying updates: With only one or two change control windows per year, most organizations can’t keep their infrastructure up to date. An outdated infrastructure is a major risk to critical infrastructure around the world – and therefore people. With AI, we allow customers to test their upgrades in-line, against live traffic, and use AI to compare the results and implement the updates. It makes setting up sandboxes for testing and only updating during change control windows a thing of the past.
4. You also wrote about AI’s ability to “unlearn” data as it relates to privacy. What are some of the safeguards companies like Cisco are building into how you train your AI products?
When it comes to data and AI models, the ability to discard or recalibrate acquired and potentially outdated data and knowledge is just as crucial as the initial learning process. Overly trained models may rely too heavily on historical data, to the point of possibly overlooking more recent developments. In other words, less is more here, and it’s imperative to strike a balance between learning and unlearning to ensure accuracy and relevance over time.
The industry is still very early in developing techniques for models to “unlearn.” Techniques such as Gradient Reversal or Model Pruning are still in their infancy and therefore it becomes really important to invest in inspecting data being sent to and from the model at runtime.
At Cisco, when we build AI into our products, we take care to build security, privacy and relevancy guardrails. We ensure data privacy by design. Our Security offerings anonymize data to protect personal information, and we use appropriate safeguards when handling data during storage, transfer, and processing. Responsible AI is non-negotiable, and that’s how we earn the trust of our customers.
5. Looking more broadly, what does the advent of AI mean for the enterprise software industry? Many of BSA’s members compete on the basis of the highest privacy standards or best security services. Where will AI take the industry?
AI for cybersecurity will simplify the admin experience and help address the skills shortage in a world where 3.5 million cybersecurity jobs are unfilled because of highly technical requirements. By automating tasks and augmenting staff, AI will expand the talent pool and allow organizations to start actively recruiting people with more varied perspectives and experiences — including those with non-traditional and diverse backgrounds and experiences such as designers and liberal arts majors.
Diverse teams bring fresh perspectives on threats, which can pay dividends in AI training effectiveness and help improve an organization’s cybersecurity posture. In fact, the goal in cybersecurity is to protect the 8 billion people in the world, and cybersecurity talent should reflect the people we are protecting.
However, it is imperative to understand that AI will not replace the human element in security. The ability to solve problems, think critically and innovate will be just as important as cybersecurity expertise. Human judgment is still critical for understanding and mitigating risks that AI cannot fully address. Over-reliance on AI is a failure state that must be avoided. There will be areas where humans must be in the loop, and other areas where full automation will be acceptable.
About the author:
Jeetu Patel is Executive Vice President and General Manager of Security and Collaboration at Cisco, where he leverages a diverse set of capabilities to lead the strategy and development for these businesses and also owns P&L responsibility for this multibillion-dollar portfolio. His team is creating and designing meaningfully differentiated products that diverge in the way they’re conceived, built, priced, packaged, and sold.
