Every CISO is being asked some version of the same question: are we ready for AI-powered attacks? Dive into how Cisco is reshaping its own network, not as a posture checked annually, but as a continuous operating model.
Most enterprises are managing risks based on a threat model built for a different era. You set a risk threshold. You focused on the vulnerabilities above that line — the ones critical enough to keep you up at night. Everything below it, you managed. That was a reasonable tradeoff.
AI-powered cybersecurity tools have changed the model. They don’t just accelerate known exploits; they can find and weaponize everything below your threshold, including the vulnerabilities you decided weren’t urgent and the legacy devices you hadn’t gotten around to replacing. The bar hasn’t just moved. It’s been dropped. That realization is reshaping how we operate and defend our own network at Cisco, and we think it should reshape how every enterprise thinks about cyber defense.
“The stuff we used to not worry about — that’s now exactly what we worry about. The bar has been dropped, and we must rethink the whole model.”
What we’re up against
Cisco’s corporate network carries traffic for millions of devices, thousands of applications, and a fast-growing population of AI agents. It is a prime target for the same adversaries our products are built to stop.
For years, we have operated on the same vulnerability-patching model most enterprises still use today: vulnerability disclosed, patch developed, change-window scheduled, manual approvals collected, fix deployed. That cycle — measured in weeks — made sense when adversaries needed months to weaponize a newly disclosed flaw. That window is now hours, with the trajectory pointing to minutes, and no amount of process improvement closes a gap that wide.
With new frontier AI models, traditional approaches to defending the network are no longer sufficient. The same capabilities that help us find and fix vulnerabilities faster are also landing in the hands of threat actors who can now scan, exploit, and weaponize weaknesses at machine speed. This dynamic extends well beyond our own code: our broader supplier ecosystem is racing to patch vulnerabilities while adversaries leverage these same models to discover and exploit them, often in parallel. The result is a rapidly compressing window between disclosure and exploitation, forcing us to evolve just as quickly.
Our teams focus on finding and fixing vulnerabilities and use approved, commercially available AI coding agents governed by contractual and technical controls to scan complex products with millions of lines of code. This helps us surface vulnerabilities that humans alone might miss.
How we’re responding: See it. Prove it. Contain it. Replace it.
Operationally, informed by our work with Anthropic’s Project Glasswing and OpenAI’s Daybreak, as well as other frontier models, we’ve reorganized our internal defense around four pillars, prioritized from the outside in — starting with the broader supplier and threat landscape and working inward to our own environment.
In this model, tools and agents don’t operate as a checklist but as a continuous loop, reinforcing each other at machine speed.
- Real-time visibility first. Visibility informs what we validate. Before we could accelerate anything, we needed a centralized, continuously updated picture of our complete attack surface — every asset, identity, service account, cloud entitlement, and API. Real visibility isn’t just an asset inventory. It’s knowing who owns each asset, how critical the asset is, and exactly how bad things can get if it’s compromised. That’s the foundation for every decision.
- Continuous exposure validation, not periodic review. Validation informs where we deploy runtime protections. AI-powered adversaries don’t prioritize by the Common Vulnerability Scoring System (CVSS) score. They chain lower-severity vulnerabilities into working exploits faster than any periodic review cycle can catch. We stopped chasing vulnerability lists. This will allow us to simulate real attacks at machine speed to fix what’s actually exploitable, not what’s theoretically risky. Attack path analysis tells you what’s at risk; severity scores alone don’t.
- Runtime protection as a bridge, not a destination. Runtime telemetry feeds back into visibility. Runtime protection contains threats while you fix the root cause. It buys time until the actual fix is ready. The goal is a production environment resilient enough to keep operating safely even under partial compromise.
- Modernization as a strategic security imperative. Modernization keeps the whole loop running on infrastructure built for change. Our focus is on hardening the foundation — retiring end-of-life systems, eliminating insecure legacy services, and positioning our infrastructure for faster patching and greater resilience. That modern foundation is what unlocks advanced runtime defenses like Hypershield-class segmentation, Live Protect, and the eBPF-powered Tetragon agent, which delivers real-time vulnerability shielding without reboots or binary changes — capabilities that simply can’t run on legacy.
How we’re prioritizing: Outside in
One of the most concrete shifts we’ve made is how we sequence our response. When the scope of exposure is large and you can’t do everything at once, triage structure matters as much as technical capability.
Our approach: work from the outside in. Internet-facing edges carry the greatest exposure risk and move fastest, so that’s where we’ve focused patching velocity and shielding first. As we move toward the core, the pace becomes more deliberate — the boundaries there are among our most critical. The segments separating our largest security zones — the firewalls protecting our most sensitive assets — get prioritized because protecting them limits lateral movement and contains blast radius if something gets through.
From there, every decision runs through the same risk-based logic: determine what is most exposed, most vulnerable, and what is the proper response — remove it from the network, segment it, apply runtime protection, or accelerate the patch. End-of-life and unsupported assets get eliminated or isolated. Externally exploitable vulnerabilities get addressed first. Assets that can’t be patched within operational windows get runtime-first protection while remediation proceeds.
The Bigger Shift
All of this points to something more fundamental than a faster patch cycle. The model we’re building toward isn’t a hardened fortress. It’s an agile and adaptable system that can move continuously to a more secure state without taking a time-out to do it.
“The game is always being ready to redeploy new, secure technologies. This notion that I’ve got to take a time-out and do patching work — that’s the game of the past.”
As the industry is entering a period of intense infrastructure evolution, businesses must adapt security practices and operational models to build and maintain resiliency. Our participation in trusted initiatives like Project Glasswing and Daybreak provides us with the deep insights necessary to navigate this shift, yielding immediate changes in how we operate. But we aren’t done. As we continuously mature our operating model, we will continue to prove every capability internally — at scale and in production — sharing our learnings and best practices that help our customers evolve their own security operations.
The window to get ahead of AI threats is still open. The organizations that build this operational muscle will compound their advantage. Those that wait compound their risk.
“We don’t just sell the network; we defend every minute of every day with the same tools we offer to our customers.”
Jason Lish is Senior Vice President, Chief Information Security Officer at Cisco where he provides strategic leadership and oversight for Cisco’s Information Security functions, including enterprise information security, data protection, attack surface management, and security operations. He also oversees value chain security and the Security and Trust Organization’s mergers and acquisitions service.
Join the Webinar
Glasswing: Mythos demands a new model for infrastructure
Event by Cisco Security
Thu, May 28, 2026, 12:00 PM
More resources
