Cisco UK & Ireland Blog

How AI is tipping the scales in favour of the defenders

May 16, 2024

Rapid developments in AI are transforming businesses of every size and sector, and reduced barriers to adoption have resulted in unprecedented efficiency gains. While it’s necessary to upscale data centres to maximise AI’s benefits, the resulting complex, hyper-distributed digital landscape also represents an expanded cyber-attack surface.

The time from vulnerability to exploit is shrinking and the necessary security is beyond human scale. To stay ahead, organisations must rethink security and build natively with AI to tip the scales in favour of the defenders.

Holistic visibility

Designed in response to AI’s increased demands on IT infrastructure, our newest security architecture Cisco Hypershield extends technology originally developed for hyperscale public cloud to enterprise IT teams of all sizes. Cisco Hypershield brings AI-powered security into applications, devices and data across public and private data centres, clouds, and physical locations, enabling firms to not only detect and block known threats but also identify and quickly respond to unknown vulnerabilities.

We’ve embedded AI to bolster defences along the entire attack chain. As businesses adopt hybrid working models and multi-cloud IT architectures, potentially compromised credentials are an ever-expanding easy target. Last year, more than a quarter of all Cisco Talos Incident Response engagements involved threat actors using compromised credentials.

Users have typically had access to systems ‘if’ they have the right credentials. But with generative AI powering highly realistic video and audio deepfakes, it’s time to ask ‘should’ users have access. By continuously assessing the entire attack surface of users, machines, services, apps, and data to detect anomalous behaviour, AI’s superior analytical abilities give us the tools to answer this question with confidence.

Merging this data with Cisco’s networking expertise with Cisco Identity Intelligence offers firms holistic visibility and actionable analytics. This means organisations can – at a glance – examine all accounts, proactively eliminate unused and risky privileges, detect behaviour anomalies and block high-risk log-in attempts.

The combination of Cisco Extended Detection and Response (XDR) with Splunk serves as another example of how Cisco helps firms move faster and make more informed decisions. Uniting cloud and endpoint traffic – along with Cisco’s leading network footprint – provides customers unparalleled visibility. Cisco XDR now includes the Cisco AI Assistant for Security, where Natural Language Processing enables security analysts of all skill levels to create security access policies with conversational English. By reducing complexity, Cisco enables cybersecurity leaders to save time and boost operational efficiency.

Proactive defence

Intelligent AI deployment can help defenders be more proactive, predictive, and powerful. The challenge is ensuring this power is harnessed responsibly and effectively, to protect businesses in an increasingly interconnected world.

As AI unlocks new frontiers of innovation and efficiency, the cybersecurity paradigm must evolve with equal agility and insight. Cisco’s innovations demonstrate our commitment to building a cybersecurity landscape that is as dynamic and intelligent as the threats it aims to neutralise.

Leave a comment


  1. Thanks for the article! As always AI is affecting more and more things. I will also implement AI in my professional UK accountants business.