Cisco brings ransomware protection to XDR SaaS package

Cisco has added ransomware detection and recovery support to its recently unveiled Extended Detection and Response (XDR) system.

The new features target recovery from ransomware attacks and come courtesy of integration with Cohesity’s DataProtect and DataHawk offerings which offer configurable ransomware recovery and rescue support for systems assigned to a protection plan. Cohesity’s platform can preserve potentially infected virtual machines for forensic investigation and protect enterprise workloads from future attacks.

Cisco said that the exponential growth of ransomware and cyber extortion has made a platform approach crucial to effectively counter adversaries.  It also noted that during the second quarter of 2023, the Cisco Talos Incident Response team responded to the highest number of ransomware engagements in more than a year.

The idea of integrating Cohesity ransomware features with its now available XDR platform, is to help Security Operations Center (SOC) teams automatically detect, snapshot, and restore business-critical data at the very first signs of a ransomware outbreak; often before it has had a chance to move laterally through the network to reach the high–value assets, wrote AJ Shipley, vice president of Customer Experience Product Management with Cisco in a blog about the Cohesity integration.

Cohesity is very familiar with Cisco recently stating the vendor’s share over 460 joint customers. The companies recently announced that Cohesity’s Cohesity Cloud Services package will be sold by Cisco channel partners later this year.

Cohesity Cloud Services include data security and management as well as threat defense, data isolation and backup/recovery.  The package can be hosted on services such as Microsoft Azure and Amazon Web Services (AWS).

Cisco’s XDR service brings together myriad Cisco and third-party security products to control network access, analyze incidents, remediate threats, and automate response all from a single cloud-based interface. The offering gathers six telemetry sources that SOC operators say are critical for an XDR solution: endpoint, network, firewall, email, identity, and DNS, Cisco stated.

The idea is to enable security teams in real time, detect threats and remediate them before they have a chance to cause significant damage to the network and business, Cisco stated.

The XDR platform includes support for a variety of third party products including  Microsoft Defender for Endpoint and Office, Palo Alto Networks Cortex XDR and its Next-Generation Firewall, Trend Micro Vision One, SentinelOne Singularity, and ExtraHop Reveal. The service also supports security information and event management (SIEM) systems including Microsoft Sentinel Zero Trust and Access Management. 

XDR platforms are the most current attempt at an all-in-one detection-and-response platform, industry experts say.  In a exact webinar, Christopher Steffen, research director for Enterprise Management Associates defined XDR as a cybersecurity solution that:

“XDR solutions are in line to replace underperforming legacy security solutions. But it isn’t always because a solution is underperforming, solution complexity, deployment and maintenance, and resource requirements are important factors,” Steffen  said.  “If an XDR solution can easily supplant these solutions and about 1/3 of the annual cost, security leaders are forced to pay attention.”

Technology leaders are looking for an XDR solution to mimic the capabilities of the solutions that they are looking to replace, namely SIEM and security orchestration, automation and response (SOAR), solutions. XDR takes the core capabilities of SIEM and SOAR solutions and provides those insights in a simple and easy manner to digest, Steffen said.

“For many organizations, having a simpler and less expensive XDR solution to achieve those same capabilities is likely the right decision,” Steffen said.   

“It is not enough to just point out threats and low-level attacks: organizations are looking to their XDR solution to provide advanced insights into the threat landscape,” Steffen said.   “Organizations looking to evaluate and deploy an XDR solution would do well to make the vendor prove these core capabilities – not just as a point in time, but from a tactical and long-term perspective.”

Copyright © 2023 IDG Communications, Inc.

Cisco powers higher as AI potential offsets muted 2024 revenue outlook

Cisco Gains After CEO Points to Headway in AI and Security

(Bloomberg) -- Cisco Systems Inc., the largest maker of computer networking equipment, rose the most in six months after the company outlined headway in AI and security technology, helping ease concerns about a sales slowdown.

Most Read from Bloomberg

Cisco, which reported fiscal fourth-quarter results Wednesday, is coming off a spike in demand fueled by the end of pandemic-era supply shortages. Though growth is now decelerating sharply from last year’s surge, Chief Executive Officer Chuck Robbins pointed to a bright future where revenue is more consistent — thanks to subscription-based services — and Cisco capitalizes on the transition to AI-focused data centers.

The company said it has already recorded $500 million in orders for AI products, which it offers to so-called hyperscaler customers — large cloud-computing service providers.

“Cisco is committed to helping their customers navigate this transition in a trusted and responsible way to deliver on the full promise of this technology, and they are well positioned to win,” Robbins said on a conference call with analysts.

That outlook helped send the stock up as much as 5.4% in New York on Thursday morning, the most since February, following an initial decline when the quarterly report was released. The company also said it plans to keep increasing share repurchases and dividends.

Cisco shares had closed at $52.96 in regular trading Wednesday, leaving it up 11% this year.

In the period ending in October, sales will rise to about $14.6 billion. That’s in line with analysts’ estimates of $14.57 billion. Excluding certain items, profit will be roughly $1.03 a share, compared with an average estimate of 99 cents.

Story continues

Cisco’s gross margin has been a bright spot. It’s expected to be 65% to 66% this quarter on an adjusted basis, the company said. Analysts estimated 64.7%.

Sales will be $57 billion to $58.2 billion in fiscal 2024, the company said. That compares with the $58.3 billion analysts had estimated on average, according to a Bloomberg survey.

The growth forecast pales in comparison with the 11% jump in Cisco’s just-ended fiscal year. The company had seen orders stack up during a prolonged period of component shortages. With those parts now available, Cisco has been able to ship hardware — and sell associated software — to meet pent-up demand. But that surge is fading.

In Cisco’s fiscal fourth quarter, which ended July 29, revenue rose 16% to $15.2 billion. Profit, minus some items, was $1.14 a share. That compares with estimates of about $15.1 billion in revenue and $1.06 a share in earnings.

Robbins has been working for years to remake his company as a provider of networking services and software. His management team points to the amount of recurring revenue that it’s building up as an indication that the transition is succeeding.

But Cisco still mostly relies on selling expensive pieces of network equipment — with proprietary software — and that makes it hard to avoid the swings in demand from corporate customers. The company’s sales increase of 11% last year is expected to downshift to just 2% this year.

In a common pattern with tech companies, AI was a major syllabu of Cisco’s conference call. Cloud service providers have been racing to add computing power to handle services such as OpenAI’s ChatGPT and Google Bard.

Cisco will have a role in that lucrative market, Robbins said, without giving a specific forecast on how big it will be.

“This is a huge opportunity for Cisco,” Robbins said on the call. “We are laser-focused on leading and winning in this space.”

(Updates with share trading)

Most Read from Bloomberg Businessweek

©2023 Bloomberg L.P.