As we discuss in the Cisco Midyear Security Report, cybersecurity is becoming more of a strategic risk for today's businesses, creating a growing focus on achieving "security operations maturity." That's why Cisco has developed the Security Operations Maturity Model -to help organizations understand how security operations, technologies, and products must evolve to keep up with the pace of change in their environments and increasingly sophisticated attacks. The model plots a journey along a scale of controls that moves from static to human intervention to semi-automatic to dynamic and, ultimately, predictive controls.
Every day I see evidence of why we need to evolve our security capabilities. A perfect example is the Kyle and Stan malicious advertising attack that our Talos Security Intelligence and Research Group discovered and continues to analyze. Ongoing research now reveals that the attack is nine times larger than initially believed and began more than two years ago. The expansiveness and extended period of the campaign reflects the ability of this attack to continuously morph, move quickly, and erase its tracks leaving nearly indiscernible indicators of compromise. To effectively detect and protect against attacks like this, organizations need dynamic controls that see more, learn more, and adapt quickly. Relying exclusively on static controls and human intervention puts defenders at a significant disadvantage and allows attacks to run rampant.
The Security Operations Maturity Model outlines a way for organizations to flexibly move toward controls that provide greater visibility, intelligence, and automation to gain better protection.
Visibility, intelligence, and automation are critical for greater security effectiveness against faster, more stealthy, well-funded, and unrelenting adversaries. But to make this evolution practical, solutions must be built on an architecture that enables multi-layered protection in a simplified way with fewer devices, shared intelligence, and centralized management and analytics. Organizations can't continue to pile on more complexity and fragmentation with legacy, point solutions that can't be integrated and don't scale.
To help customers move their security controls forward, earlier this month we announced Cisco ASA with FirePOWER Services. As the first threat-focused Next-Generation Firewall, it's one example of how dynamic controls can be enabled on a single device that is easy to manage and deploy; integrates with existing infrastructure; and can analyze, share, and act on intelligence between security layers.
Today we are unveiling the latest version of the Cisco Identity Services Engine (ISE) that offers dynamic controls for secure access to support enterprise mobility initiatives. It provides superior user and device visibility, more context into how network resources are being accessed, and controls to simplify policy creation and enforcement and automatically remediate access violations and potential threats. Data can be shared across other Cisco security solutions and through ecosystem partner integrations to identify, mitigate, and remediate threats faster. It's another security technology from Cisco that is designed to help achieve security operations maturity.
In today's climate of industrialized hacking and sophisticated cybercrime gangs, static security controls and human intervention alone are no longer enough to thwart attackers. Now more than ever, organizations need to be enabled to implement more effective controls to protect themselves against threats wherever and whenever they manifest.
For more details about today's announcement, please watch our on-demand webcast.