Cisco Live!: How Cisco built a security framework that rolls with the changes

Credit: Taken by Braue at the scene

Threat intelligence has become a nice-to-have for many vendors seeking to improve their security offerings, but for the executives leading Cisco’s Security Business Group it’s just the framework for a product-development process that is focused on maintaining a consistent, end-to-end network security architecture while supporting all manner of front-facing customer innovation.

The consistency of that architecture was a message that Shawn Henry, vice president and general manager of Cisco’s security business group, emphasised in addressing attendees at the Cybersecurity Innovation Day at the Cisco Live! conference in Melbourne.

When designing new products, Henry explained, the networking and security giant’s product team always started with a common core designed around the principle of delivering the right data to the right people.

This was based around five core controls including the use of “best in class” controls; “always” using integrated threat intelligence from Cisco-owned threat-intelligence firm Talos; deep visibility; orchestration and automation capabilities to facilitate everyday management and configuration; and open APIs for integration between elements of the Cisco environment, as well as with third-party services and applications.

This type of open architecture was antithetical to the closed environments that many vendors pursued in the past but it had, Henry said, become crucial for keeping up with the changing cybersecurity climate.

“For customers and partners it allows them to evolve the product for things that I can’t keep up with on the roadmap,” he explained. “Customers don’t want them to be tied to my delivery schedule and I don’t want them to be tied to my delivery schedule.”