The saying that “a good offense is the best defense” is true for sport and certainly for cybersecurity. But offensive positions cannot be static — keeping an offense strong requires agility, and an important part of the equation is recognizing what the challenges are so you can stay ahead of them.

Cisco Customer Experience (CX) spends a lot of time thinking about how we address the trends that keep CISOs up at night. We’d like to share five things to consider in evolving and maturing your organization’s security posture and resilience to help you stay a step ahead.

Our customers tell us their challenges include:

  • Secure migration to the cloud
  • Expanding attack surface
  • Emerging and evolving threats
  • Global security skills and talent shortage
  • Volume and complexity of threats to organizations

Let’s take a closer look:

Secure migration to the cloud

As many organizations embrace and adopt the cloud as a means to streamline and deliver cost-effective, scalable infrastructure, it is critical to understand, map, and build secure business processes that support this migration. Cloud providers are typically very clear about where their role in securing the environment starts and stops, which is usually aligned to the provisioning of cloud infrastructure and the containment of that instance from others. Cloud providers leave the bulk of the security provisioning to the customer.

We have now surpassed the tipping point where more data resides in the cloud than on premises, making it the go-to for hackers who identify and exploit routes into the cloud data environment. Secure by Design (SbD) is a principle that ensures that the security technology and processes, and the people that build and support cloud data environments, are delivering the cloud promise securely. Cisco Security Advisory Services can support your safe migration and speed your realization of the benefits of the cloud environment.

Expanding attack surface

Following the pandemic, more people were working remotely. While this has morphed into a hybrid model today, it still means that more endpoints are being used by employees outside an organization’s firewall perimeter, such as at a coffee shop, on a train, in a home office. To keep employees, data, and processes secure, an organization’s security strategy must cover all the location contingencies and not be so intrusive that they are bypassed or purposefully disabled. Offers like Cisco Secure Endpoint Pro combine the comprehensive security power of the Cisco Secure Endpoint, with turbo-charged 24x7x365 global security operations to protect your organization from cyberthreats at the endpoint.

Emerging and evolving threats

No matter the source, new and amazingly clever threats emerge every day. Some prey on the fallibility of the user, some piggyback on apps, and some just appear but no one knows from where. How can we possibly expect any one security person or team to keep up without exhaustive and expensive research and preparation? An option to consider is Cisco Talos Incident Response, which offers both emergency and proactive help for a complete lifecycle approach to maintaining and bolstering your security posture. Advanced and persistent threats occur across a multitude of ingress points and ignoring the SbD principles and foundational security recommendations can be any organization’s undoing.

Is outsourcing security operations the answer? Building, provisioning, and staffing a 24x7x365 Security Operations Center (SOC) is more than just difficult; it is also time consuming and expensive. Outsourcing is often more effective and economical. And having access to cyber experts across the globe, when your organization needs it, can make a big difference. Cisco Managed Detection and Response (MDR) reduces the mean time to detect and respond to a threat—from months to minutes. If a real threat is detected, we work with your security team to respond, contain, and eliminate the danger. Cisco experts work with clients all over the world to improve their security postures and ensure that SbD principles and foundational security are achieved and maintained.

Global security skills and talent shortage

Even if you have the time and the budget to fully provision a 24x7x365 SOC, will you be able to attract, retain, and fully train enough security operations talent to run it? The sheer volume of alerts and false positives means identifying actual threats is a relentless challenge. Cisco MDR constantly monitors, at our global SOCs, the data from your security devices and leverages AI, machine learning, and human analysts, researchers, and investigators to identify and separate the real threats and then work with you to respond.

Considering these challenges, how can your organization remain nimble and maintain a strong offense? There still are only 24 hours in a day. In addition to addressing sore spots with the managed services described above, we believe that adopting a holistic, lifecycle approach to your security posture is the way to stay agile and keep your security posture strong. That’s where offers like the Cisco Talos Incident Response and Cisco Security Advisory Services can be of enormous value.

Talos Incident Response (IR) combines both emergency response services with a portfolio of proactive services aimed at improving your cyber resiliency. So you’re covered for making improvements to your existing security program, plus we have your back in case a breach happens and you need help. And Cisco Talos IR is vendor-agnostic, which means we can help you whether your security environment is all Cisco or a mix of vendors.

Penetration Testing, available as part of several Cisco Security Services, maps and then performs a security posture assessment using both IT tools and sneaky things like social engineering techniques to identify the weaknesses in your program. Once identified, we can help you prioritize remediations so risk areas are addressed before a threat actor discovers and exploits them. But a snapshot, point in time assessment is just that, and organizations change over time. This is why adopting a lifecycle approach to assessing, remediating, and then re-testing on a periodic basis is the way to ensure that your security posture is not only good, but also good enough.

To learn more about Cisco Security, I invite you to join for Cybersecurity Awareness Month. We will be adding more content throughout the month to help you learn about ways to strengthen your organizations’s security posture.


Marc Carney

CX Security GTM Practice Lead

Customer Success (CX)