Cisco’s Tom Gillis On Building The ‘Security Cloud’ And New … – CRN

Building The Security Cloud

Cisco is just about ready for blast-off with its unified platform for modern cybersecurity, the Cisco Security Cloud. Tom Gillis, senior vice president and general manager of the Cisco Security Business Group, told CRN that the first examples of its Security Cloud vision will debut this spring starting with the RSA Conference in late April, and will kick off a “steady drumbeat” of new feature rollouts for the platform. Gillis, the former head of VMware’s networking and security business, joined Cisco in January.

[Related: Cisco Security Cloud Could Satisfy ‘Lacking,’ Cohesive Security Portfolio]

As the world’s IT infrastructure turns into “four big computers” — AWS, Microsoft, Google Cloud and on-premises data centers — Cisco believes it’s perfectly positioned to provide the “security layer that sits up on top of those four separate pieces of infrastructure,” Gillis said in an interview. “The same way that Kubernetes became this ubiquitous layer across all different forms of infrastructure, we think we can do something similar” for securing multi-cloud and hybrid cloud environments, he said.

On Tuesday, in connection with Cisco Live 2023 Amsterdam, the company unveiled a handful of product updates that inch the company closer to its Security Cloud vision. The product announcements span across Cisco’s offerings in multifactor authentication (MFA), application security and secure access service edge (SASE). For MFA, a key capability in Cisco’s Duo Security offering known as “number-matching” is now fully available for all customers. Rather than having users push a button on their phone as a second verification factor — which attackers have been exploiting lately in order to thwart MFA — users are asked to input a code into their phone. The number-matching feature in the Duo product is referred to as Verified Push by Cisco.

Other Duo MFA updates announced Tuesday include the debut of features known as Remembered Devices and Wi-Fi Fingerprint, which enable users to stay logged in when they’re using familiar apps, networks and devices. In application security, Cisco unveiled its Business Risk Observability solution for the company’s Full-Stack Observability offering in AppDynamics. The solution leverages capabilities from Cisco’s acquisition of Kenna Security to assess and prioritize application vulnerabilities, using AI to determine which vulnerabilities are the most pressing to deal with.

Meanwhile, on SASE — which is focused on enabling secure access to corporate applications resources for distributed workforces — Cisco said it’s extending support to additional parts of its portfolio. While Cisco’s single-vendor SASE platform, Cisco Plus Secure Connect, had already been available with support for Meraki SD-WAN, it’s now available with support for the Cisco SD-WAN (Viptela) solution.

In December, Gillis left VMware after five years with the company, one of three general managers to leave VMware at the time amid Broadcom’s potential takeover of the tech giant. He previously worked at Cisco from 2007 and 2011 after the company acquired IronPort Systems, where he was a member of the founding team.

Gillis spoke with CRN about the Cisco Security Cloud vision, what makes Cisco unique in the cybersecurity industry and the latest security product updates being announced by the company.