CNME Editor Mark Forker managed to secure an exclusive interview with Lothar Renner, Managing Director, Security Sales and Engineering for EMEA at Cisco during GISEC 2024. Renner highlighted the security capabilities that Cisco was showcasing at the event, the impact of AI on the cybersecurity ecosystem – and how Cisco Hypershield will reshape the security landscape.
The global cybersecurity market jumped from $202bn in 2022 to$222bn in 2023, and is expected to reach close to $300bn by the end of 2028.
As one of the biggest technology leaders in the world, Cisco has a responsibility to build innovative products and solutions to tackle some of the biggest problems facing businesses on a global scale.
Over the years, Cisco has ramped up its investment in security and now has a product portfolio that some analysts have claimed give users unmatched efficacy in data protection.
CNME spoke to Lothar Renner, who is undoubtedly one of the most respected technology leaders across the EMEA region, having spent 23 years at Cisco.
At GISEC 2024, Cisco provided just a flavour of the comprehensive security portfolio that it provides.
As Renner explained, rather than overwhelm customers and prospective leads with all their products they selected a few that they believed addressed what would be the key priorities for most customers.
“We have a really diverse range of products at Cisco. So, what we decided to do a number of years ago was in order to try and make it easier for the customer to consume all of those products we decided to focus on a couple of flagship products. We asked ourselves what is critical for the customer, and some of the key priorities for them is how do they protect their workforce – and how do they protect their infrastructure and cloud? If they experience a breach then how quickly do they know there’s an incident, and how quickly can they respond? These are the pressing questions in the current climate, and what we are showcasing here at GISEC 2024 is exactly that. We have our User Protection Suite, Cloud Protection Suite and Breach Protection Suite and everything we have from a security perspective comes into these suites of products,” said Renner.
As Renner pointed out, cloud services being hosted in the UAE is important to many businesses due to sensitivities over data sovereignty.
“In the UAE, and in other countries across the Middle East region when they speak about cloud it has to be hosted locally. The advantage we have is the fact that most of our solutions are hosted in the region. We have also announced lately our new local cloud data center in the UAE for Duo multifactor authentication (MFA) and secure access solution. The data center will support businesses of all sizes in strengthening their cybersecurity posture and improving connection performance,” said Renner.
A common problem for many businesses when it comes to security is restraints around budgets.
However, Renner says that Cisco suites are enabling businesses to access the tools they need despite the financial limitations many of them may have.
“Our suites are removing the financial burden on customers to access those solutions and products that are critical to them, and essentially what we are doing is introducing customers to a platform approach. Every year, we commission a Cisco Cybersecurity Readiness Index report, and this year, we had a dedicated focus on the UAE, and we found that 80% of customers believe that a platform approach is the right way for them to go forward, and that the lack of a platform is hindering their ability to be effective in terms of their protection,” said Renner.
Renner conceded that a platform approach might not always be the best approach for some, but argued that if you don’t have the financial resources then a platform approach was your best bet.
“There are two types of customers, some customers will look for the best product in the marketplace and they will only buy that product. Then others will say I don’t want the best of breed, but what I want is the best of suite. At the end of the day, if the board gives you the budget you want they are going to ask how can you prove and show me that my cyber resilience has improved. When you only buy point products then who is going to bring all that together? The answer is the customer, now if you take the burden and you have the resources and the money it might be a good approach for you. However, if you don’t have the financial resources and budget then the platform that comes from a company like Cisco that can bring it all together with the power of AI is likely the best option for you, as no customer can build that themselves,” said Renner.
Renner believes that AI represents the first time a customer has the chance to be better than the hacker – and he highlighted the capabilities of their Cisco AI Assistant solution.
“AI gives customers the power they never had before. However, we know that hackers are going to use AI to create emails that look legitimate. A common example is in the form of brand impersonations, and they are very good at what they do. But AI undoubtedly helps security vendors to make their software more efficient. We have an AI assistant, and that sounds very simple when you hear it, but it is a powerful tool. Firewalls are one of the core protection points for customers and over the years IT teams have built firewall rules, but people moved on and firewalls evolved. But we have customers with thousands and thousands of firewall rules in a single box, but an AI assistant has the capability to check all those rules and sees which of the rules are still in use, and which ones are blocking each other. The AI assistant can give you a clean version of the firewall rules and that is something that manually could just not be done,” said Renner.
Renner said that announcement of their biggest security product ever in the form of the Cisco Hypershield will completely reshape the industry.
“Today, we have applications that runs on the cloud, or in a datacentre, but if you need to do a segmentation because of the regulations in your industry and you have to constantly review then it is very hard for customers. We have AI agents in the new software we have created that can monitor the applications communications profile. In addition to this, the agents can also see the malicious behaviours of the traffic flow. We know that software always has vulnerabilities that you need to patch, but patching is very hard because you only have certain time windows. Customers can be left alone in the dark not knowing how they can protect themselves against vulnerabilities. With Cisco Hypershield, we have virtual patching and essentially it blocks vulnerabilities. We take those vulnerabilities from other vulnerability scanners and we block them in our environment automatically, so as soon as it’s out, it is blocked. That’s not available from any other vendor in the marketplace. Hypershield is a gamechanger and there’s been a huge response from customers. We had an event launching Hypershield recently, and over 800 customers worldwide have expressed their interest in the solution. The product becomes available in August, and we are really excited about the impact we believe it will have on the security ecosystem,” said Renner.
In terms of threats and trends, phishing and identity attacks remain a major challenge.
Renner highlighted how its new Cisco Identity Intelligence solution is helping businesses fightback against cybercrime.
“We have seen a massive increase in phishing attacks and the majority of those are espionage. However, what they are phishing for is your identity, ultimately, they want to get into a customer’s environment, and one of the easiest ways to do that is to use end-users as the weakest link to infiltrate their systems. In February, we launched Cisco Identity Intelligence, and that is a backend system built in to all of our products and it tracks identities and the communication of identities. For example, say a customer is doing a trial and the customer needs to activate a certain portal in his firewall, or certain APIs in his software application, but when the trial is over he forgets to close it. Our Cisco Identity Intelligence scans what is open, and what tasks are still active, but are no longer being used, this will be flagged and it will be shutdown. We have developed identity intelligence to see behaviour, device management and controls. Identity intelligence is all about understanding all the connectivity and communication flows and again we are empowering and equipping our customers with the tools to fightback,” said Renner.