“Organisations need to adopt an ‘identity-first’ approach to security” Lothar Renner, Cisco

CNME Editor Mark Forker spoke to Lothar Renner, Managing Director, Security Sales and Engineering at Cisco EMEA, ahead of their participation at Black Hat MEA in Riyadh last month, to learn more about why the US technology behemoth is advocating for an ‘identity-first approach to security, the new variants emerging within ransomware, the important role the Cisco Networking Academy will play in addressing the glaring skills gap globally – and the role of Gen AI in the cybersecurity landscape.

Lothar Renner is one of the most respected and revered sales leaders in the cybersecurity ecosystem globally having spent almost a quarter of century at Cisco.

CNME Editor Mark Forker caught up with Lothar Renner for the first time since the pair spoke face-to-face at GISEC 2024 in April.

Such is the nature of the technology sector, there has been huge changes across the industry in the six months that have elapsed since the pair last spoke.

Renner was in Riyadh for Black Hat MEA, which is the region’s flagship cybersecurity conference.

So, there was no better time to pick Renner’s brains on the challenges currently engulfing the cybersecurity world.

Ahead of the interview, Cisco’s Talos IR Trends Report for Q3 had just been published, and that’s where we kickstarted our conversation.

Renner stressed the need for enterprises to adopt an ‘identity-first’ approach to security.

“Identity is the fabric that connects humans, devices and applications in the workplace, and has become an easy target for modern cybersecurity attacks. Organizations need to adopt an identity-first approach to security, which among other things allows them to evolve from just asking ‘can’ a user access a system to continuously assessing whether a user ‘should’ be able to do what they are doing once they are authenticated. That really is the key, the mindset needs to shift, businesses really need to determine regardless of authentication processes, who really needs the access to their systems,” said Renner.

There are many reasons why Cisco has sustained its success over such a long period of time, but one of the key market differentiators over the years for them has been their ability to simplify.

When it comes to security, Cisco are in the business of simplification.

“That’s why in Cisco Live EMEA last year, we unveiled new innovations within the Cisco Security Cloud to simplify security: Cisco Identity Intelligence and continued innovation in AI capabilities are the latest milestones towards its vision of a unified, AI-driven, cross-domain security platform. Cisco Identity Intelligence brings together identity, networking and security to better protect organizations’ complex identity stack against increasingly sophisticated attacker techniques,” said Renner.

Identity attacks may be in vogue when it comes to cybersecurity, but ransomware remains a huge problem, and as Renner points out the report from Cisco Talos indicates that new variants of ransomware attacks have emerged.

“As part of a years-long trend in greater democratization of ransomware adversaries, we continue to see new variants and ransomware operations emerge. A third of these engagements involved exploitation of known vulnerabilities that are consistently leveraged by ransomware operators/affiliates to deploy ransomware, according to public reporting. Some of those vulnerabilities carried CVE numbers from 2023 – which means we in the industry need to get better at vulnerability management and patching. At the same time, we need to prepare ourselves for the incident to happen, which is why we need the creation of incident response plans and playbooks,” said Renner.

The issue when it comes to the skills shortage is a huge problem that many business leaders across the global IT and technology industry have been bemoaning over the last number of years.

Unfortunately, it appears that the situation will likely become more of a challenge before it gets better.

A lack of skills in relation to AI has been well documented, but there is a real crisis when it comes to talent in the cybersecurity industry globally.

However, Renner believes Cisco’s Networking Academy can go a long way to plugging the gaps that currently exist.

It is a global problem. Four million professionals are urgently needed to plug the talent gap in the global cybersecurity industry. Attracting, training and retraining cybersecurity professionals is key to helping organizations and society stay safe online. At Cisco, we are dedicated to equipping professionals with the skills necessary to enhance their careers and bridge the skills gap. Cisco Networking Academy is one of the world’s longest standing IT-skills-to-jobs programs that partners with learning institutions worldwide. Specifically in the Middle East and Africa region, since the inception of Cisco Networking Academy, we have trained more than 4.3 million learners on digital skills, with focus on cybersecurity and networking. In Cisco’s 2024 fiscal year alone, more than 1.1 million students were trained across 2,000+ academies in the region,” said Renner.

There have been seismic changes across the Middle East region when it comes to digitalization.

The sheers speed and scale of the transformation programs, particularly in the UAE and the KSA are unprecedented globally.

However, as a consequence of all of that transformation, the term ‘cybersecurity readiness’ has come under the microscope more and more across the Middle East.

In order to help nations across the Gulf accelerate their transformation, Cisco is leveraging their expertise in security to help them protect their key assets.

Renner highlighted how their One Platform vision was taking shape.

“For security to be both simplified and strengthened, it needs an AI-driven, comprehensive platform that seamlessly integrates with an organization’s IT infrastructure. This vision aims to address the complexities of modern cybersecurity challenges by providing a holistic, intelligent, and automated approach to threat detection, response, and management. We are increasing our focus on cybersecurity in the region with the acceleration of digitization we’re witnessing in most of the Middle East nations. Early this year, we have launched a new local cloud data centre in the UAE for our Duo multifactor authentication (MFA) and secure access solution, that support businesses of all sizes in strengthening their cybersecurity posture and improving connection performance,” said Renner.

Cisco’s cybersecurity readiness index for the UAE and the KSA showed that a high number of respondents have suffered a cyberattack.

Renner highlighted his belief that a multi-layered approach is the best tactic to adopt to combat modern cyberattacks.

“According to Cisco’s Cybersecurity Readiness Index in UAE and KSA: 65% of UAE respondents and 67% of KSA respondents already experienced a cybersecurity incident in the past year. In today’s rapidly evolving threat landscape solely relying on human-scale defence is no longer enough. Comprehensive security calls for machine-scale capabilities. Cisco employs a multi-layered approach that integrates advanced automation capabilities with strategic human intervention to ensure robust and effective incident management,” said Renner.

In relation to Gen AI, Renner concluded a brilliant exchange by declaring that attackers are constantly developing new strategies and tools – whilst he stressed the need for organizations to stay ahead of these threats by enhancing their cybersecurity posture.

“Our latest innovation, the Cisco Hypershield: is designed to power and protect the engine of the AI revolution, which is AI-scale data centres and clouds. Backed by Talos – Threat Intelligence: 800 billion security events observed per day, 200+ vulnerabilities discovered per year. Cisco is committed to equipping our customers with the tools, products, solutions and services they need to stay protected at all times, amidst a threat landscape that is continually evolving,” said Renner.