Vulnerability-Management on Security in 45 | Cisco Security Podcast

AI Security Risks: How Cisco Secures Artificial Intelligence

Wed, 02 Oct 2024 00:00:00 +0000

 Artificial intelligence has moved from science fiction to business reality, but organizations racing to adopt AI are discovering that innovation and security don't always move at the same pace. As AI systems become increasingly central to enterprise operations—from customer service automation to data analysis and decision-making—they're also becoming attractive targets for attackers and sources of unexpected vulnerabilities. In this episode of Security in 45, hosts Mike Veedock and Andres Sarmiento explore the critical intersection of AI and security, discussing the emerging risks that come with AI adoption and how organizations can build and maintain secure AI systems. If you're responsible for enterprise security or infrastructure decisions, understanding these risks and mitigation strategies has moved from "nice to know" to essential.

What This Episode Covers

AI fundamentals and why adoption is accelerating — understanding what AI actually is and why we’re seeing explosive growth in AI implementations right now
The security dangers of AI systems — examining real threats including data exposure, generation of inaccurate information, and attack vectors targeting AI systems
Cisco’s approach to AI security — how Cisco is addressing these challenges through monitoring, testing, and secure design practices
Practical recommendations for AI users — actionable guidance for organizations deploying AI in their environments

Deep Dive

Understanding AI: Beyond the Hype

To properly secure AI, we first need to understand what it actually is—and perhaps more importantly, what it isn’t. One of the most useful framings from this episode describes AI as “a fancy expensive autocomplete.” While this might sound reductive, it’s actually quite insightful.

Cloud Security Posture Management: AWS, Azure, GCP

Wed, 02 Oct 2024 00:00:00 +0000

 As organizations accelerate their cloud migration strategies, the security complexity multiplies exponentially. With workloads distributed across AWS, Azure, and GCP—each with their own security models, compliance requirements, and configuration options—the traditional perimeter-based security approach no longer applies. Organizations are increasingly turning to [zero trust](/pillars/zero-trust/) principles to address these challenges. In this latest episode of Security in 45, hosts Mike Veedock and Andres Sarmiento tackle one of the most pressing challenges facing modern enterprises: how to maintain visibility and control over your cloud security posture as you scale across multiple providers.

What This Episode Covers

The strategic and operational benefits of cloud migration
Characteristics and differences between major cloud providers (AWS, Azure, GCP)
Essential security controls for cloud environments (MFA, network segmentation, encryption)
The critical role of Cloud Security Posture Management (CSPM) tools
Common cloud security risks and threat landscapes
Industry resources for deepening cloud security knowledge

Deep Dive

The Business Case for Cloud Migration

Cloud adoption has become less of a competitive advantage and more of a business necessity. Organizations are moving to the cloud not just for the “cool factor,” but for tangible, measurable benefits that directly impact the bottom line.

Endpoint Detection and Response: Zero Trust Security With Cisco

Wed, 02 Oct 2024 00:00:00 +0000

 Endpoint security has evolved from a simple antivirus checkbox into a critical battleground in modern cybersecurity defense. With attacks becoming increasingly sophisticated—from fileless malware to zero-day exploits—organizations can no longer rely on traditional perimeter defenses alone. The shift toward [zero trust](/pillars/zero-trust/) security principles means every endpoint must be verified, monitored, and controlled, regardless of whether it's in the office, at home, or anywhere in between. In this episode, Mike and Andres explore how Cisco Secure Endpoint addresses these challenges with a comprehensive platform that combines prevention, detection, and response capabilities into a single, integrated solution.

What This Episode Covers

Endpoint Detection and Response (EDR) — How advanced threat detection works beyond signature-based detection
Endpoint Protection Platform (EPP) — Real-time malware and ransomware protection capabilities
Zero Trust Security — The principles behind modern endpoint security architecture
Vulnerability Management — Identifying and prioritizing endpoint vulnerabilities for patching
Data Loss Prevention (DLP) — Protecting sensitive data from exfiltration
Network Access Control (NAC) — Enforcing device health and identity-based access policies
Centralized Management — Unified administration and visibility across endpoint fleets
Integration Strategy — How Cisco Secure Endpoint works within a broader security ecosystem

Deep Dive

Endpoint Protection Platform: The First Line of Defense

An Endpoint Protection Platform (EPP) is the foundational layer of endpoint security, designed to prevent threats from ever executing on your devices. Think of it as your security team’s first checkpoint—it examines files, processes, and network communications in real time to block known malware, viruses, and ransomware before they can cause damage.

Threat Intelligence 101: Cisco Talos Experts Explain

Wed, 02 Oct 2024 00:00:00 +0000

 In today's threat landscape, cyber attacks are evolving faster than most organizations can respond. From zero-day vulnerabilities to sophisticated multi-stage attacks, the gap between threat discovery and defense deployment has become a critical vulnerability in itself. That's where organizations like Cisco Talos come in—serving as an early warning system that turns raw threat data into actionable intelligence. Understanding what threat intelligence teams do and how to leverage their research is no longer optional for security-conscious enterprises; it's essential infrastructure.

What This Episode Covers

The mission and core functions of Cisco Talos threat intelligence group
How threat research translates into protection for enterprise networks
The vulnerability management lifecycle and patch coordination
Security advisories: their role in keeping organizations informed
Incident response services and breach containment strategies
The broader importance of threat intelligence in modern security operations
How organizations can leverage threat intelligence in their own defense strategies

Deep Dive

Understanding Cisco Talos: The Eyes and Ears of the Security Community

Cisco Talos operates as a dedicated threat intelligence organization within one of the world’s largest networking and security companies. But their impact extends far beyond Cisco’s own customer base. Talos functions as a public-facing security research team that publishes findings, maintains threat databases, and contributes to the broader security community’s understanding of emerging threats.

Zero Trust Security: Beyond Products to Concepts

Wed, 02 Oct 2024 00:00:00 +0000

 Zero Trust has become one of the most talked-about concepts in enterprise security, yet many organizations still struggle to understand what it actually means—and more importantly, how to implement it. If you think Zero Trust is just another security product you can buy off the shelf and deploy, you're missing the point entirely. In this episode, hosts Mike Veedock and Andres Sarmiento dive deep with industry experts to explore Zero Trust not as a destination, but as a foundational security philosophy that requires careful planning, the right mix of technologies, and a fundamental shift in how organizations approach access control.

What This Episode Covers

Zero Trust as a concept, not a product — understanding why Zero Trust is an industry framework rather than a single solution you can purchase
The 20+ year evolution — how Zero Trust originated and why it’s more relevant today than ever
Real-world examples — from everyday social media privacy settings to enterprise banking authentication
Multi-factor authentication (MFA) as a cornerstone — why passwords alone are no longer sufficient
Endpoint protection and segmentation — critical technologies in the Zero Trust journey
The multi-vendor approach — why comprehensive security requires coordinating multiple solutions
Implementation strategy — the importance of careful planning, identifying priorities, and avoiding rushed deployments
Balancing security with usability — maintaining user experience while strengthening defenses

Deep Dive

Zero Trust: Concept, Not Product

One of the most critical misconceptions in enterprise security is treating Zero Trust as a product—something you can procure from a single vendor and deploy to solve your security problems. The reality is quite different. Zero Trust is an industry concept that has evolved over more than two decades and represents a fundamental shift in security philosophy.