“Why hack in…when you can simply log in?” - Cisco unveils Identity Intelligence to combat social engineering breaches
Combatting malicious innovation with...innovation
The latest offering from Cisco could help stop identity theft and social engineering attacks in its tracks.
According to Jeetu Patel, EVP & GM, Security and Collaboration Business Units at Cisco, cracking through a firewall is old news as it is now easier than ever to exploit the human factor.
This is where Cisco’s Identity Intelligence can help provide a new layer of network observability and security.
The difference between ‘if’ and ‘should'
With how advanced social engineering attacks have become, it has never been easier for a hacker to impersonate your voice, disable your multi-factor authentication (MFA), and add their own device onto your network to steal your intellectual property (IP) and ransom your data.
Speaking as Cisco Live in Amsterdam, Patel states that hackers have switched to the mindset of, “why log in… when you can hack in?”
This is especially relevant, he added, when 74% of attacks utilize a human element to breach an organizations network, such as the example above, or through phishing and malicious emails.
Traditionally, internal access is granted on the basis of asking ‘if’ a user can access a network, but Patel argues that the question should be changed to ask ‘should’ a user have access to a network, and this should be based on their behavior.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
This latest security offering from Cisco provides the ability to monitor human and machines/services within a network to identify threats based on their behaviors and interactions. The Identity Intelligence platform will generate an identity graph to correlate the behaviors of users, machines and applications.
These behaviors will be based on the role of the users, their physical location and device to identify if there is a threat potential. For example, a user may have previously accessed the network on an old device and forgot to log out.
If this device begins exhibiting unusual behavior on the network, such as existing in a different location or attempting to access applications and services outside of the users role, the device will be flagged as a potential intrusion.
The identity graph will provide observability on old devices and access permissions, allowing network administrators to quickly decommission both of these vulnerabilities through the Cisco Security Cloud.
The platform’s ease of use is further enhanced by access to an AI Assistant in CISCO Security Cloud which provides natural language prompts to generate security access policies for their network and firewall, alongside an AI-based email threat detection.
Speaking on the announcement, Patel said, “Identity is the fabric that connects humans, devices and applications in the workplace, and has become an easy target for modern cybersecurity attacks.
“By analyzing the entire attack surface of an organization’s users, machines, services, apps, data and their behaviors, Cisco Identity Intelligence bridges the chasm between authentication and access. We are the first vendor bringing together identity, networking and security into a complete solution to address the largest cyber challenge of modern times.”
The Identity Intelligence platform will be available as an embedded part of the Security Cloud from July 2024.
More from TechRadar Pro
- Cisco teams up with Nvidia to help businesses get more out of AI than ever before
- We've rounded up the best firewall software
- Here is our guide to the best endpoint protection software
Benedict has been writing about security issues for over 7 years, first focusing on geopolitics and international relations while at the University of Buckingham. During this time he studied BA Politics with Journalism, for which he received a second-class honours (upper division), then continuing his studies at a postgraduate level, achieving a distinction in MA Security, Intelligence and Diplomacy. Upon joining TechRadar Pro as a Staff Writer, Benedict transitioned his focus towards cybersecurity, exploring state-sponsored threat actors, malware, social engineering, and national security. Benedict is also an expert on B2B security products, including firewalls, antivirus, endpoint security, and password management.