THE GREAT SHIFT

0

Updated : February 5, 2015 00:34  am,
By Editor

img63Next-generation security solutions from Cisco deliver advanced threat protection across the entire attack continuum before, during, and after an attack

Cisco, the networking powerhouse has upped the ante in its growing focus on security solutions. Its Global Security Sales Organization (GSSO) is now an independent unit of Cisco. The company is now adopting the go to market strategy of focusing on addressing the entire attack continuum and claims it offers Technologies that fit into all those scenarios.

“Beginning of the fiscal year 2015 at Cisco, we launched the GSSO. So we are now a Business unit focusing solely on security within Cisco,” says Anthony Perridge, Security Sales Director at Cisco.

He adds, “Before a probable attack, you need a robust resilient system while during an attack, you need to monitor and after the attack, you need remediation. We want to move away from the approach of point products as there is no silver bullet. As an industry, our learning has been that the point product approach creates issues because customers find it confusing, getting conflicting messages from the various vendors. They also find it hard to integrate these various products. If you are spending your time integrating the various products, you are possibly leaving out gaps. We are bringing the continuum approach, to cover the before, during and after the attack phases.”

The company conducted a seminar in December in Dubai where this message was driven across to attendees, largely customers. The seminar titled ‘Security Beyond Traditional Defenses’ highlighted the importance of next-generation security solutions from Cisco that deliver advanced threat protection across the entire attack continuum before, during, and after an attack.

The focus is on preparedness for any inevitable breach in the network and subsequent remediation. The line of reasoning is quite persuasive that the attacker only needs to succeed once while the defender needs to succeed always. Therefore there is a strong possibility that the defender is likely to fail one time or the other and hence the need for remediation.  The company is focusing on such solutions and this includes the AMP (Advanced Malware Protection) from the SourceFire portfolio.

“From a recent Cisco research, it has been found out that 100% of organizations connect to malicious sites. The question we are asking is what would you do if you already knew that you were hacked? Since 2004, we have been tracking the time between discovery of an attack or compromise and the remediation and what we also found out is that it is sometimes days, weeks or even months. The question therefore is not how high can I build the wall so that my security cannot be breached because at some point the breach is bound to happen. Everybody is using devices that is coming into and out of networks, at work and at home. The complexity of networks, the advent of BYOD, the advent of cloud computing etc are blurring the lines of responsibility for security,” comments Anthony.

Cisco offers technologies that do remediation, which are forensic type tools that can go back in time and find out the entry point, who was infected, how it proliferated and the damage it has done to the organization. These present great opportunities for incident response, as a service, believes Anthony.

He says, “When an attack occurs and proliferates, it is the equivalent of an emergency call to the service provider to provide remediation services. It is an opportunity about helping with the clean-up and then the forensics about how the attack occurred and how to prevent it from happening again.”

He also believes that the shift towards security as a managed service rather than as a product is inevitable.

Anthony says, “By 2018, 65% of cyber security spend would be on services. Historically, the security spend has been in favor of products. This is going to shift. There is a great opportunity for the channel.”

Reasons in favor of Cisco to be a leader in the network security space include the fact that Cisco sees more network traffic than Google as it has more data points about what’s going on globally on networks. That gives the company privy to a great deal of information and therefore a strong leverage in being able to offer the necessary threat monitoring service which it makes available to its customers. This is offered directly as well as via partners.

Anthony adds, “We can offer a global monitoring service and many of our partners, be it global service providers or outsourcing companies provide it as a Managed Service. We have two pronged opportunity and if customers want to buy that directly from us, they can but also certainly we don’t deviate from our channel focus.”

The company is working with several global scale Managed services providers and believes there is a strong opportunity for Managed Services providers regionally as well because of data concerns.

“Historically, there has been a small number of managed service providers like BT, Symantec, Dell Secure Works or an IBM type of organization. We work with almost all of them. In terms of the region, there is significant opportunity for local Managed service providers, especially because customers in the region are concerned to keep the data locally in the country and then there all the regulatory requirements.  There is definitely a demand.”

The fact that there is a shortage of nearly a million security practitioners vis-à-vis the demand is also ensuring that the demand is also which is driving the tide in favor of Managed services. Anthony expects that more flexible consumption models such as security as a service etc will gain ground.

The recent seminar was also an occasion to unveil the Cisco ASA with FirePOWER Services – a threat-focused Next Generation Firewall (NGFW) for its UAE customers at the event. This also includes some SourceFire technologies.

Anthony says, “If you look at the recent NSS Labs report, it is a market leading product offering best in class features, best in detection rates and has threat centric approach. Cisco ASA platform is among the most widely deployed platforms, tried and tested and we are bringing into that some of the SourceFire Technologies. It is amazing that within twelve months, how both the teams have come together and worked jointly to bring new products to market. The event has been very well attended and there is a high level of interest.”

With the likely advent of IoT (Internet of Things) on a growing scale, the data sensor points will multiply manifold and in the new scheme of things, it would be mandatory to secure upfront rather than at a leisurely pace.

“For cisco it is a huge opportunity to look to have security being built into all solutions rather than as an afterthought. That can be more effective and also offer lower cost of ownership. There are not many organizations that are as well placed as Cisco to secure networks and integrate the security into the networking,” adds Anthony.

On the partner front, Cisco has tried to encourage the traditional Cisco networking partners to integrate security onto the infrastructure solutions. Concurrently, the company has been very keen to retain all SourceFire partners that have been typically focusing on best of breed security solutions. While some of them were also working with cisco, some weren’t.

Anthony says, “We modified the cisco security channel program to make it more attractive for security centric partners. We have made accreditation an important part of the program so that the experts are rewarded. One of the days we have been done that is we are providing deal registration so that the margins are secured for security centric partners.”

In the final analysis, Cisco’s focus on security is quite strong. The Cisco approach to cybersecurity is visibility driven, threat focused, and platform based. It is encouraging the trend towards security as a service model.

Anthony says, “As an industry, we need to be thinking about moving away from product type model of security solutions. There is a growing appetite for new consumption models. Margins are likely to be eroded in the traditional model and we would be encouraging partners to look at value add expertise and services.”