

Cisco’s SVP of security, John Stewart, kicked the day off
Stewart mentioned Cisco Systems' new Encrypted Traffic Analytics (ETA) programs, which I’ve already written a fair amount on in my columns earlier this week. These programs allow Cisco to scan and detect threats hidden inside encrypted traffic, without having to decrypt and compromise privacy. Stewart boasted about the additional, increased visibility these programs give to protect users. Where it typically takes over 100 days (industry average) to detect threats, Cisco says that it has managed to lower its time-to-detect to 3.5 hours. Stewart also spoke some on what Cisco is doing to prepare for the next generation of cybersecurity professionals, noting that there are currently 1 million jobs in security that are not being filled. With that in mind, Cisco has invested $10M to various grants and scholarships designed to train people in cyber-security.

Cisco's Stewart and Theresa Payton (former CIO at the White House)
When asked what security strategies were working well within government, Payton cited machine learning and behavioral-based analytics. I’m sure Stewart was happy for that answer, given the work Cisco Systems has been doing in those areas. She continued on to say that another thing that is currently working well is the sharing of threat intelligence. This is another thing Cisco does well. Payton complimented the work Cisco has been doing to create products that automate and take care of themselves, saying that this will be key moving forward in an understaffed cybersecurity industry. Stewart then asked Payton the somewhat awkward question of where she thought Cisco had missed the mark with its security products. She answered diplomatically, saying that it’s important to take a hard look at products and ask whether or not it will take years of training and thousands of dollars to reach competency with the product. If the answer is yes, then clearly more time needs to be spent on innovation and automation.Looking to the future, Payton said that she would like to see the justice system start putting cybercriminals in jail. She also said that she expects machine learning and behavioral analytics get to the point where it is stopping threats in real-time, without businesses having to respond. As a result of that shift, Payton said she expects security teams’ functions to change, from having to actually respond to threats, to holding more of a product engineer role. The final challenge Payton posed to the audience was for everyone at the conference to go back to their businesses and do a “walkabout”—asking around in IT to see what processes make it difficult for people to do their jobs, and listening to figure out what areas need to be improved upon. The other important point she finished on is to always assume everything will fail you—be prepared for the worst. If you protect your data as much as you possibly can, it will reduce attackers’ abilities to move laterally once they’ve breached your defenses, so that they can’t take everything. Like the first segment, this segment was all about thought leadership and positioning. If you had to bring someone else on stage out of the US government, Cisco had choices like the White House, FBI, groups like the DNC, and even NSA. Well…. HPE had the FBI on-stage at Discover, the NSA is the cause behind many of the malware attacks we’re experiencing like WannaCry, NotPetya, and the DNC… well, that’s obvious. So I liked the White House choice, even if there was little insight actually given into White House security.
Wrapping up
While the Cisco Systems Day 3 security keynote pretty much stuck to the big picture concepts, I thought it was engaging and illuminating. The prior two days touched on actual security technology, so it was okay that Stewart and Payton kept things more theoretical and forward-looking. Cisco is clearly very focused on the future, both in security, and with the network as a whole. Cisco believes the Network Intuitive is the next big thing, and after hearing more about it this past week, I’m inclined to think they might be right. I’ll be watching with interest.