Chief information security officers (CISOs) should move away from product-based security solutions to a security-as-a-service (SaaS) model, according to Cisco.
Speaking at Cisco’s annual Cisco Live conference in San Francisco yesterday, Chris Young, SVP of Cisco's security group, said: “You can’t continue to put in product after product and expect everything to work in unison.”
“The traditional approach to security was from product perspective,” he said. “But security is far more than products and technologies, it requires the right set of people, analytics and capabilities.”
Young was joined at the Cisco security keynote by Bryan Palma, SVP of security services, who said he had spoken to some large companies that have more than 100 security suppliers providing different products.
Young said: “Which one is supposed to solve my problem? Number 55, or number 37? You need platform-based security capabilities so services work together in an end-to-end holistic way before, during and after an attack.”
Palma, an ex-CISO, said the companies with 100+ security suppliers are coming to Cisco to ask how the supplier can help them consolidate to a smaller number of suppliers because it is too costly and hard to manage such a large number.
Palma also said that while Cisco has traditionally only integrated Cisco products, the supplier is now moving beyond its portfolio to integrate third-party products as well.
“Adversaries are getting more sophisticated and filling in the gaps where customers aren’t prepared,” he said. “We need to move faster to fill the gaps.”
Cisco first pushed its security-as-a-service model when it announced its Managed Threat Defense (MTD) service last month.
MTD is a managed security solution that applies real-time, predictive analytics to detect attacks and protect against advanced malware across extended networks.
This week, the supplier announced that it had bought the privately-held company ThreatGrid. This follows on from its acquisition of Sourcefire last year.
These two cyber security acquisitions have added to Cisco’s capabilities. Sourcefire’s advanced malware protection (AMP) now resides in the Managed Threat Defense service, and, with the acquisition of ThreatGrid, Cisco has said it will soon include its capabilities, such as private cloud sandboxing, masterboot record detection and analysis of any file typed.
“We need to ensure we bring our products and services capabilities together to bring together a complete set of solutions,” said Young.