In an era characterized by the rise of AIassisted bad actors and the interconnectedness of businesses, the threat of ransomware still looms over us like a dark cloud. Cue gloomy music.  

We all know that an organization’s data is its second most valuable asset after its people and ransomware has its sights set directly on it. Ransomware attacks can tarnish an organization’s brand image, erode customer trust, undermine business relationships, and threaten its viability and continued operations. While preventing ransomware is always the goal, when that isn’t possible, swift and effective recovery measures are crucial to recovering and restoring full operational readiness. 

Unfortunately, when it comes to ransomware recovery, organizations today only have a couple of choices; either pay the ransom and hope the attackers suddenly develop a conscious and restore your data, or hope that your last known good backup was done recently enough that you don’t need to recreate valuable business data that may have been lost. Either way, today’s ransomware solutions are less than ideal – it’s expensive or it’s frustrating, sometimes it’s both.

For the first time with Cisco XDR, Security Operations Center (SOC) teams can automatically detect, snapshot, and restore business-critical data at the very first signs of a ransomware outbreak; often before it has had a chance to move laterally through the network to reach the highvalue assets. Partnering with Cohesity, an infrastructure and enterprise data backup and recovery vendor, Cisco is excited to announce the first integration of this kind to ensure up-to-date recovery and rapid automated responses. 

Cohesity has a proven track record of innovation in data backup and recovery capabilities. Cohesity’s products provide configurable recovery points and mass recovery for systems assigned to a protection plan. The new features evolve this core functionality further and are designed to preserve potentially infected virtual machines for future forensic investigation, while simultaneously protecting data and workloads in the rest of the environment.  

Cohesity’s new integration complements Cisco XDR’s robust detection, correlation, and integrated response capabilities, enabling customers to benefit from accelerated response for data protection and automated recovery from potential ransomware attacks as soon as the intrusions are detected. 

Cisco’s open approach to XDR means that recovery actions can be taken across all integrated solutions, across multiple security vectors, and even third-party vendors. So, what does this all mean? Customers no longer must choose to either pay a ransom or hope they won’t lose too much data when restoring from the last known good restore point… and ransomware gangs die a slow death as their sources of revenue dry up. 

Implementing robust recovery solutions is a proactive measure that bolsters an organization’s resilience against cyber threats. Prevention will always be our first principle at Cisco, but when everything else goes wrong and the adversary has found a way in, there is Cisco XDR. 

Stop by the Cisco booth at BlackHat, at Booth #1532, and join our Lunch and Learn session with Cohesity on Wed, Aug 9 at 12:05 -1:30pm PT for an in-person demonstration and discussion.  

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels



AJ Shipley

Vice President

Product Management - Threat, Detection & Response