Avatar

At Cisco, it has long been our belief that when it comes to security, simplified and integrated is better. I’ve written a number of blogs about this lately, and I know what some of you are thinking: “Multi-product platform solution touted by multi-product platform vendor…surprise, surprise!” And that’s okay. After years of ever-increasing complexity, you have every right to be a tough crowd.

First, let me tell you that we put our money where our mouth is; last year marked a major milestone for our business and the industry. In 2020, we unveiled the result of a huge investment with the launch of our integrated platform, Cisco SecureX. By integrating both Cisco and third-party technologies, SecureX fosters greater visibility, automation, and collaboration. It protects your network, cloud, users, and applications all from a single place, boosting simplicity and efficiency.

But you’d be right to remain skeptical. While all of these capabilities sound great, do they actually result in better security? Yes, they do, but I’m not asking you to take my word for it. In our recent, worldwide, double-blind survey, over 4,800 respondents delivered a resounding ‘yes.’

Up-to-date, well-integrated tech leads to better protection

In the Cisco 2021 Security Outcomes Study, we analyzed the use of 25 security best practices to determine which ones had the greatest impact on improving organizational defenses. We surveyed more than 4,800 IT, security, and privacy professionals across 25 different countries, and from various industries and organizational sizes.

The study found that the two best practices that contribute most to overall security program success are: 1) proactively refreshing technology before it becomes outdated, and 2) making sure technology is well integrated. As can be seen in the below figure, these practices increased the probability of an organization achieving security success by an average of 12.7% and 10.5%, respectively. While we had no influence over these findings, they certainly bode well for SecureX customers.

Practices most strongly correlated with overall security program success

Cisco SecureX is embedded into every Cisco security product. At its very core is integration – not simply bringing together Cisco technologies, but also enabling security teams to integrate a wide range of third-party solutions. Its intuitive interface allows users to view security insights and analytics from multiple products all in one place, and maintain context while navigating consoles. This empowers security professionals to make faster and more informed decisions.

As for the #1 best practice in our report, proactive tech refresh, the cloud-native Cisco SecureX platform makes it easy for customers to start with just the technology they need, and add on over time – with access to new products (or product trials) in a single click. In fact, it’s been shown that organizations can get the SecureX platform up-and-running and begin to experience benefits in as little as 15 minutes.

The 2021 Security Outcomes Study also analyzed how much various security best practices increased organizations’ chances of achieving roughly a dozen specific security outcomes – for example, creating a strong overall security culture within an organization, recruiting talented security personnel, or maintaining a cost-effective security program. As seen below, the two practices of proactive tech refresh and well-integrated technology had a positive impact on every single one of these desired outcomes.

All security practices correlated with each security program outcome

Effect of various security practices on desired outcomes

Accurate detection, accelerated response, and automation are also key

Other best practices that had a positive impact on achieving many commonly desired security outcomes include: accurate threat detection, conducting timely incident response, and using automation effectively. SecureX can play a key role in helping organizations embrace all of these best practices.

Accurate detection & timely response

The foundational technology on which we built Cisco SecureX is Extended Detection and Response (XDR). Roughly 11,000 customers are already improving threat detection, investigation, and remediation with SecureX threat response.

According to Stephen Reinhard, IT Director for Ralph Sellers Automotive, “I would highly recommend SecureX threat response. It unites the ability to identify and act on actionable intelligence from multiple security products. It also reduces time to resolution for our team.”

Cisco SecureX boasts powerful XDR capabilities that help organizations fine-tune detection and IR processes. And according to our survey, this can improve many crucial security efforts including minimizing unplanned work, running cost-effectively, and garnering confidence in the security program from both peers and executives.

Using automation effectively

Automation is another important benefit driving the success of SecureX customers. SecureX orchestration allows users to take advantage of pre-built or easily customizable workflows to automate routine security tasks. Customers are saving hundreds of hours, and are reducing attack response time by as much as 85 percent.

“The bad guys are now moving at the speed of the machine, so our automation principle is to move at that same speed,” said Jesse Beauman, M.S., Assistant Vice Chancellor for Enterprise Infrastructure at UNC Charlotte. “Cisco solutions allow us to do so.”

According to our study, in addition to keeping up with the bad guys, automation can also help security groups run cost-effectively and meet the overall demands of the business, among other benefits.

Cross-team collaboration brings additional wins

Our report shows that IT and security teams working together has a positive impact on building a strong security culture and recruiting skilled security professionals – both worthy goals.

We also broke our survey data down into several specific regions and verticals. In the healthcare industry specifically, IT and security working together increased an organization’s ability to avoid major incidents by an average of nearly 16%, and increased the ability to minimize unplanned, resource-draining work by an average of roughly 20%.

By enabling teams to visualize and interact with security, networking, and IT technologies together, SecureX fosters greater collaboration between SecOps, ITOps, and NetOps groups. Based on our survey results, this can greatly improve overall security.

How can SecureX help you?

While this is far from an exhaustive list of Cisco SecureX benefits, we hope it gives you an idea of what organizations can achieve with an integrated security platform versus a plethora of disparate products. If you want to know more about our survey: 1) explore the findings for yourself with an interactive chart (in case, you know, you don’t want to take my word for it), 2) access the full Cisco 2021 Security Outcomes Study, and 3) check out our report blog series.

The nice thing about the study is that the results can be applied in a customizable way. Whether you want to improve your overall security, or achieve more specific goals, you can use the data to inform your security strategy.

Happy New Year!

View the replay of our recent Cisco Secure Insights Summit:

Defining the Industry Standard for XDR

 



Authors

Ben Munroe

Director of Product Marketing

Cisco Security