Kaizen, a Japanese word for “improvement,” is a term used in business to describe ongoing process improvement. The concept is simple: No process is perfect and, even if it’s working well today, the dynamic business environment could demand a change tomorrow. Kaizen is the relentless focus on continuous improvement — from the CEO through to each and every employee — that leads to better outcomes for the organization and its customers. It applies to every mission-critical function which, today, absolutely includes cybersecurity.
Kaizen in Modern Cybersecurity
Cyber programs must evolve with the changing threat landscape, increasing attack sophistication, ongoing compliance requirements, and never-ending talent shortages and budget constraints. They require advanced security controls without being overwhelmed by too many vendors and technologies. None of that is new. And applying the kaizen concept to cybersecurity isn’t particularly new either, but past writings often focused on the basic shift from static prevention to detect-and-respond.
Kaizen in modern cybersecurity is much more than that. Here are four key tenets to consider, ones that can substantially improve your security operations program by making it more efficient and effective:
- Choose a strategic security partner
- Focus on security integration and automation
- Make security an enabler
- Build security directly into your network and applications
At Cisco, we apply kaizen to our modern product development and acquisition processes as well. We’re thrilled to prove that today with four exciting new security announcements.
1. Cisco Threat Response: Security that works together
Security technologies must work together to reduce (or eliminate) burdens on your security operations team. Integration and automation is the key. We’ve made great strides in recent years through our integrated security architecture, and today we’re announcing the latest innovation that truly unleashes its full power: Cisco Threat Response.
Threat Response is our exciting new platform that automates integrations across Cisco Security products. It’s designed to dramatically cut the time and effort needed to detect, investigate, and remediate — thereby making your security operations more efficient and effective. It’s about making sure your organization has the best possible security posture by connecting technologies with threat intelligence for faster action. Already more than 2500 organizations have seen its value firsthand. Want to see why? Check out this short video:
It gets better. Cisco Threat Response is already included as part of select Cisco Security product licenses, so there’s no additional cost. Plus it’s simple to use, cloud-based so there’s nothing to install or maintain. Bottom line: The more you invest in Cisco Security — and Cisco as a strategic partner — the more value Cisco Threat Response delivers. Learn about it here.
2. Duo Security: Verify user-device trust before granting access
Think about it. Your network and applications are essentially a means for users and devices to create and access data. If the end goal is to protect data, then it starts with securing access. But is password protection alone sufficient? The 80%+ of data breaches that result from weak or stolen passwords make a clear statement: It’s not. Clearly we can do better.
Early attempts to move beyond the password to two-factor authentication solutions have been cumbersome. Who wants to lug that hard token around on a keychain? Users today have something they already carry around: their mobile phones. And many phones already include fingerprint or facial recognition technology. Combining (a) what they know, (b) what they have, and (c) what they are enables a multi-factor authentication (MFA) solution to verify user trust while making things easier on people.
That’s why we acquired Duo Security. They built the world’s easiest and most secure MFA to reduce data breach risk and quickly comply with data protection regulations. Duo is simple to roll out and instantly integrates with business applications, users can self-enroll in minutes, and authenticate in seconds without entering any codes.
Duo does even more. They can establish device trust and secure access to applications without additional IT work. Upon rolling out Duo, you’ll gain unified visibility into managed and unmanaged, mobile and non-mobile devices. Then you can enforce granular access policies to specific public and private applications based on the combined user-device trust level. With Duo, strong authentication is no longer a big headache — it’s now the business enabler. Learn more about Duo Security here.
3. Cisco Umbrella Enhancements: Security built into your network
Modern networks are increasingly de-centralized, so modern security must likewise move beyond the traditional data center. Today you must protect at the cloud edge and at the branch too. That’s why we’re continuously improving Cisco Umbrella — our Secure Internet Gateway (SIG) — to make it simpler than ever to build security directly into your modern network.
What’s more, we’re delighted to announce new Cisco Umbrella integrations that provide you with more SD-WAN, Wi-Fi, and cloud app security. Core technology from Cloudlock is now built into Umbrella to provide cloud app usage and risk information to enable secure cloud adoption, plus blocking of unapproved apps. Shadow IT has finally met its match!
Also, Umbrella now integrates with Meraki MR for Wi-Fi security and Cisco SD-WAN to protect direct internet access (DIA) at branch office locations. Again, it’s about building security into your modern network. Learn more about Cisco Umbrella’s exciting new enhancements: SD-WAN integration, Meraki MR integration, and App Discovery and Blocking.
4. New, Simpler Enterprise Agreements: Compelling financial reasons to partner with us
It’s one thing to have the best integrated security portfolio, but it’s quite another to have the best buying experience. We strive every day to be your strategic security partner, and part of this is making our security products simpler to buy. You’ve asked us for more flexibility in our programs to better match your needs, and we listened.
Today we’re pleased to announce our new buying program called the Choice Enterprise Agreement (EA). How does it work? Simple. Just select any three or more of these products:
Then you’ll gain the benefits of our buying programs — a single agreement for easy software management, letting budgets go further, and predictable costs over 3 or 5 years. And if you want to add a new product along the way? No problem. We’ll roll it in and adjust the cost. Learn more about the Choice Enterprise Agreement here.
Kaizen. Continuous cybersecurity improvement. At Cisco, we’re making it simpler and more effective than ever. Learn more about these exciting new announcements here.