Most organizations have adopted a multicloud strategy that creates a “mix and match” approach to security. Yet there’s a problem with this reliance on cloud providers. Unlike legacy on-prem solutions that were managed with a common security management solution, the security posture for public clouds varies significantly based on provider. It’s not within the client’s control.
And while many cloud providers claim to be able to manage competitors’ offerings, they provide a mixed bag of capabilities, with the best security being reserved for the cloud vendor’s own platform. This provides a major opening for a vendor that can offer a consolidated approach to securing a multi-cloud environment. This approach needs to include both cloud and on-prem instances, while also integrating with a variety of security tools already in place. This is a potentially TCO lowering strategy, yet even more important: this approach is even more critical as we find ever more destructive malware coming into play.
Cisco has been moving to improve its security stance for some time, and is actually now seeing security as one of its foundational markets. It is positioning itself to be a provider of an integrated solution and sees the complex multicloud environment as an opportunity to extend its own networking and endpoint security solutions and become a central point for multicloud security.
Cisco promotes its approach as Security resilience. To Cisco’s way of thinking, it begins in the network and moves out from there. Cisco has identified 5 key components of resilience, much in alignment with how it sees the IT world. It includes:
- Seeing more, to monitor and act upon billions of signals.
- Anticipating what’s next through shared intelligence.
- Taking the right action through prioritization.
- Closing gaps with pervasive defense.
- Getting stronger through improving efficacy.
This is Cisco’s global vision and one that it continues to pursue with its tools sets and previous acquisitions.
Also see: Top 5 Cloud Security Trends
Moving to the Multicloud
Cisco sees the multicloud security sector as an opportunity to build a “single pane of glass” security approach for organizations that are increasingly moving to the challenging multicloud environment.
Already playing a major role with its on-prem customers that use many of Cisco’s security tools, it wants to expand its role and also enhance its “as a service” offerings. Many cloud providers offer a suite of security tools and services for their own platform, and claim they can support security on other cloud provider’s products as well. But in truth, there is wide variability between cloud native security tools and those theoretically managing a competitor’s system.
With a wide array of often non-compatible APIs and interfaces, it’s very difficult to be a complete true cross-cloud security solution. Cisco sees its opportunity as being the “Switzerland” of security, with equalized support across all cloud and on-prem instances.
The company also touts its solution as a way around vendor lock in when using a public cloud solution. And with Cisco’s heavy concentration on network visibility, manageability and security, it sees an advantage as cloud installations rely heavily on network traffic. Further, with a major move toward more edge-based instances, Cisco believes its capabilities will become even more impactful.
Also see: Top Cloud Companies
Cisco Introduces its Security Cloud
To meet the market described above, Cisco has unveiled its Security Cloud offering. It intends to offer a complete cloud native and cloud delivered security platform that can manage any cloud or on-prem installation. It includes a unified policy and management capability, AI/ML driven automation, an extensible platform, and flexible billing.
The platform leverages a number of key components in the Cisco stable of products, but most companies have a myriad of non-Cisco security products already installed. Cisco claims an impressive number of integrations with non-Cisco products, with over 400 tools from 200 security vendors, and growing.
As a result, Cisco envisions the Security Cloud as the central management console for overall operations. Security Cloud also builds on Cisco’s SecureX threat detection and response capability, which Cisco has assembled to be a central environment for disparate XDR tools.
Also see: Top AI Software and Tools
Unified and Cross-Cloud
With the rapid growth of multicloud, Cisco has a window of opportunity with its Security Cloud offering. A truly unified and highly effective cross-cloud – and on-prem data center – security platform is something that is sorely needed. Coupled with an effective device security capability, such a unified solution would be attractive.
But a question remains: will the Security Cloud platform will be attractive to companies outside of Cisco’s installed base? Especially since it relies heavily on Cisco components (Talos, Meraki, Thousand Eyes, SASE), and not all enterprises will have an array of Cisco products installed.
While this is a concern, if an enterprise is already a Cisco customer, moving to the Security Cloud to secure their multicloud environment should be an easy choice.