The business need:
Cisco’s IT and Security and Trust Organization (STO) transformed Cisco's global network into a self-defending architecture to defend against new AI threats.
Challenge
As attackers shift focus from hardened endpoints to network infrastructure, human-led processes can no longer scale against the speed and complexity of modern AI threats.
- The network as the primary target: As the common thread connecting IoT, cloud, and hybrid work, the network has become the ultimate target for attackers. A single breach of core infrastructure can now expose the entire enterprise.
- AI-driven threats: New AI models are fundamentally changing the landscape, enabling adversaries to discover, connect, and weaponize vulnerabilities in hours rather than weeks. Traditional, human-led security processes can no longer keep pace.
- Operational complexity: Bolting point security tools onto existing infrastructure leads to fragmented visibility and policy drift. These gaps, combined with manual, fragmented patching processes, create vulnerabilities exploiters look for.
- The quantum risk: Bad actors are harvesting encrypted network traffic, storing it until future quantum computing capabilities make it readable.
Solution
Cisco IT and STO partnered to implement a layered, integrated approach that fuses security directly into the network fabric — from campus and branch to data center and cloud utilizing:
- Resilient infrastructure: Hardens operating systems and boot processes across infrastructure, with plans to integrate post-quantum cryptography to mitigate future risks, and use Cisco Live Protect to put compensating controls in place.
- Scalable network segmentation: Replaces static VLANs with software-defined segmentation using Cisco Identity Services Engine and TrustSec to identify, profile, and enforce policy on every connection — compartmentalizing the network to contain lateral movement of detected threats.
- Zero Trust Access: Applies an identity-first approach to continuously verify every identity—from human workers to autonomous AI agents—granting least privilege access.
- Hybrid Mesh Firewalling: Extends consistent protection across data centers, cloud, and hybrid environments to secure critical applications.
- Visibility and insights: Centralizes telemetry from ThousandEyes and network controllers into Splunk for a real-time, cross-domain view of every device, connection, and dependency.
- Common policy: Advancements toward a unified framework to enable teams to define once and enforce consistently everywhere, replacing fragmented, manual processes.
- AgenticOps: Developing capabilities to autonomously detect changes, triage incidents, and enforce updates at machine speed.
Unprecedented patching speed
Accelerated code upgrades for 70,000 devices from months to days, eliminating manual toil, and getting faster every day.
Accelerated incident response
Achieved a 50% improvement in incident response time by eliminating manual handoffs between teams.
Improved secure AI adoption
Secured enterprise-wide adoption of Generative AI tools via cloud-delivered Cisco Secure Access in just days, with zero new hardware deployed.
Zero downtime defense
Advancing ability to block and contain threats in real-time without taking the network offline, providing critical time to patch vulnerabilities.
Additional insights
More for you
The technology behind the outcomes
Discover more about the solutions behind this transformation.
Organizations like yours rely on Cisco
Explore how other organizations are driving business outcomes with Cisco technology.
More from Cisco on Cisco
Explore related content and shared insights from the Cisco experts who led the deployments.
Connect with a Partner
Solve your business challenges by finding a Cisco partner authorized to design, sell, and support custom solutions.
Ready to buy?
Let us help find the right products, services, and software offerings that fit your business needs.