{"id":17077,"date":"2026-05-31T15:23:27","date_gmt":"2026-05-31T15:23:27","guid":{"rendered":"https:\/\/dmsretail.com\/RetailNews\/in-the-ai-era-defense-starts-with-the-network-heres-how-cisco-is-doing-it\/"},"modified":"2026-05-31T15:23:27","modified_gmt":"2026-05-31T15:23:27","slug":"in-the-ai-era-defense-starts-with-the-network-heres-how-cisco-is-doing-it","status":"publish","type":"post","link":"https:\/\/dmsretail.com\/RetailNews\/in-the-ai-era-defense-starts-with-the-network-heres-how-cisco-is-doing-it\/","title":{"rendered":"In the AI era, defense starts with the network. Here’s how Cisco is doing it."},"content":{"rendered":"

\"Retail<\/a><\/p>
\n<\/p>\n

\n

role of the <\/span>network<\/span> is <\/span>critical in the A<\/span>I<\/span> era<\/span> \u2014<\/span> it<\/span>\u2019s<\/span> your greatest asset, your primary target, and your most critical line of defense<\/span>.<\/span> Cisco <\/span> leaders<\/span> Jon Woolwine <\/span>and <\/span>Jack Klecha share how Cisco embeds security directly into the network<\/span> to <\/span>keep pace with AI-driven threats<\/span>. <\/span>Keep reading and<\/span>\u00a0<\/span>watch<\/span> the<\/span> short <\/span> <\/span> <\/span> to hear more<\/span>.<\/span><\/span>\u00a0<\/span><\/em><\/p>\n

In the AI era, defense starts with the network<\/strong><\/h2>\n

Cloud, hybrid work, IoT, and now an explosion of AI agents \u2014 these aren\u2019t just added complexities of today\u2019s digital environment, they are potential entry points on an ever-growing attack surface. Our digital footprint is expanding faster than we can secure it. And attackers know it.\u00a0<\/span>\u00a0<\/span><\/p>\n

As our existing processes struggle to keep up, visibility fragments, and policies and security controls drift \u2014 creating exactly the gaps attackers seek to exploit.\u00a0\u00a0<\/span>\u00a0<\/span><\/p>\n

This is compounded by a shift in attacker strategy: years of hardening user endpoints have led attackers to the network as their new target of choice. And with AI, they are now moving at machine speed and scale that traditional defenses weren\u2019t built to handle. AI innovation fundamentally changes how attackers discover and act on vulnerabilities, shrinking the time to exploit from weeks to hours. And with new, more powerful frontier models emerging, that risk will continue to increase.\u00a0\u00a0\u00a0<\/span>\u00a0<\/span><\/p>\n

Because the network is the common thread through all of this \u2014 connecting users, data, and applications across every branch, campus, data center, and cloud \u2014 it is the ultimate prize for attackers, and the ultimate risk for the enterprise.\u00a0<\/span>\u00a0<\/span><\/p>\n

Bad actors are also harvesting encrypted network traffic today \u2014 storing it until quantum computing makes it readable. We must act today to prevent threats tomorrow.<\/span>\u00a0<\/span><\/p>\n

That is why Cisco IT and Security teams view the network as our critical line of defense.<\/span>\u00a0<\/span><\/p>\n

From reactive to resilient: How Cisco fuses security into the network<\/strong><\/h2>\n

Bolting security tools onto an existing network adds complexity and leaves gaps. Our approach is different: we embed security directly into every layer of the network, from the campus and branch to the data center and cloud.\u00a0<\/span>\u00a0<\/span><\/p>\n

This allows us to use the network to see, authenticate, and defend every connection in real-time, creating a unified, interconnected fabric. Here is a look at our unified approach:<\/span>\u00a0<\/span><\/p>\n

    \n
  • A resilient infrastructure foundation: <\/span><\/b>If the infrastructure is compromised, every security tool above it is bypassed. We harden operating systems and boot processes across our infrastructure so that the foundation itself can\u2019t be compromised. And we\u2019re integrating <\/span>post-quantum cryptography<\/span> to get ahead of \u2018harvest now, decrypt later\u2019 risks. When vulnerabilities are found in the network infrastructure, we\u2019ll be able to put compensating controls in place with Cisco Live Protect.<\/span>\u00a0<\/span><\/li>\n
  • Identity-first access control: <\/span><\/b>With the foundation secure, the next question is<\/span>: who, or what, is connecting to the network?\u00a0<\/span><\/i> It is no longer just humans, but thousands of IoT devices and AI agents. We take an <\/span>identity-first approach<\/span> \u2014 continuously verifying every identity and granting least privilegeaccess<\/span><\/li>\n
  • Limiting the blast radius: <\/span><\/b>Even with strong preventative measures in place, we prepare for a breach. Segmentation is our primary defense against lateral movement. We moved past static VLANs to software-defined segmentation. Using <\/span>Cisco Identity Services Engine (ISE),<\/span> and <\/span>TrustSec<\/span> to we can identify, profile, and enforce policy on every connection, compartmentalizing the network. If an attacker does get in, lateral movement is contained in a single, isolated area.<\/span>\u00a0<\/span><\/li>\n
  • Protection extended from campus to branch to the data center and beyond: <\/span><\/b>A breach at the perimeter can\u2019t be allowed to become a full compromise. Today, we deploy Secure Firewalls to control traffic across our data centers \u2014 protecting our most critical applications and data from east-west threats. As we extend toward Hybrid Mesh Firewalling, that same consistent protection will be distributed to our applications and infrastructure everywhere they live, across data centers, cloud, and hybrid environments \u2014 enforced at scale, without gaps.<\/span>\u00a0<\/span><\/li>\n
  • Visibility and insights across the environment:<\/span><\/b> By centralizing signals from <\/span>ThousandEyes<\/span> and our network controllers into <\/span>Splunk<\/span>, we get a real-time, cross-domain view of every device, connection, and dependency \u2014 inside our walls and beyond. That visibility is what gives every other layer of this architecture its teeth.<\/span>\u00a0<\/span><\/li>\n<\/ul>\n

    These layers function as an interconnected fabric\u2014if a threat bypasses one, the next is already there. But traditional human-led processes alone cannot operationalize this at the speed required.<\/p>\n

    Operating at machine speed\u2014across every layer<\/strong><\/h2>\n

    Each layer of this architecture is only as strong as the policy behind it \u2014 and only as effective as the operations supporting it. AI-driven threats have exposed the breaking point of traditional approaches: fragmented policies create gaps, and manual processes can\u2019t respond at machine speed. <\/span>\u00a0<\/span><\/p>\n

    Our work toward <\/span>Common Policy<\/span><\/b> will allow us to define once and enforce consistently everywhere \u2014 from branch access switches to data center firewalls \u2014 replacing the fragmented, system-by-system approach that creates gaps attackers exploit.<\/span>\u00a0<\/span><\/p>\n

    Where Common Policy defines the what, our advancements toward <\/span>AgenticOps<\/span><\/b> will handle the how and when\u2014 autonomously detecting changes, triaging incidents, and enforcing updates at machine speed. This will allow us to resolve multi-week ticket processes in just minutes \u2014 a critical capability to keep pace with AI threats.<\/span>\u00a0<\/span><\/p>\n

    Security is a team sport: How Cisco IT and Security win together<\/strong><\/h2>\n

    Technology is only part of the equation. The teams operationalizing it need to be just as strong.<\/span>\u00a0<\/span><\/p>\n

    Traditionally, networking teams focus on uptime while security teams focus on risk reduction \u2014 incidents are tossed over the fence, creating slow response times and fragmented defense.\u00a0<\/span>\u00a0<\/span><\/p>\n

    When the network is the primary target, security <\/span>is<\/span><\/i> a performance and uptime issue. A breach isn\u2019t just a security alert \u2014 it\u2019s a business disruption that affects everyone.<\/span>\u00a0<\/span><\/p>\n

    At Cisco, we treat security as a team sport. Our IT and Security teams share visibility, planning, and goals \u2014 not because of an org chart, but because a breach is a network outage, and a network outage is everyone\u2019s problem. We conduct quarterly planning together, operate with shared metrics, and move as one team. Aligning our teams has allowed us to stop playing defense and start building resilience to protect the future.<\/span>\u00a0<\/span><\/p>\n

    The impact of converging security and networking<\/strong><\/h2>\n

    This combination of having security deeply embedded in the network and unified teams has allowed us to stop firefighting yesterday\u2019s threats and focus on proactively protecting our future. We\u2019ve seen a 50% improvement in our incident response SLA<\/span> \u2014<\/span> not because of a single tool, but because we eliminated the manual handoffs that once slowed us down. It\u2019s built a foundation for operational excellence that allows our teams to innovate at speed.<\/span>\u00a0<\/span><\/p>\n

    AI-driven threats don\u2019t stop at our walls \u2014 and neither do our learnings. Through work with <\/span>Project Glasswing<\/span> and OpenAI Daybreak, we are stress-testing our own network at unprecedented scale and speed, sharing what we discover as repeatable, proven practices every organization can use to build stronger defenses.<\/span>\u00a0<\/span><\/p>\n

    The takeaway is simple: <\/span>the network is the foundation of our business; it must also be the foundation of our defense. <\/span><\/b>We\u2019ve moved beyond the perimeter to secure the entire fabric, using our own telemetry to turn our greatest risk into our most powerful asset. That is the only way to achieve true digital resilience in an AI-driven world.<\/span>
    \u00a0<\/span><\/p>\n

    Watch the short video about Cisco\u2019s internal approach to secure networking:<\/p>\n