Its Radical New Approach to Cybersecurity
On the heels of its recent acquisition of Splunk, Cisco has introduced what its senior executive is touting as the most consequential security announcement in its 40-year-long history. Cisco’s soon-to-be-released Hypershield is the company’s entirely software-based approach to protecting applications, devices, and data across public and private data centers, clouds, and physical locations.
Built on technology developed for hyperscale public clouds, Hypershield offers an architecture unlike traditional security measures, which act as “fences,” according to the company. The system functions more as a “fabric,” enabling security enforcement to be placed wherever it’s needed — from applications and Kubernetes clusters to network ports.
According to Chuck Robbins, Cisco’s chair and CEO, “Cisco Hypershield is one of the most significant security innovations in our history. With our data advantage and strength in security, infrastructure, and observability platforms, Cisco is uniquely positioned to help our customers harness the power of AI.”
Hypershield’s key system pillars
Hypershield delivers security enforcement across three distinct layers and affords these key user benefits:
- AI-nativity: Autonomous and predictive, it manages itself once it earns trust, making a hyper-distributed approach at scale possible.
- Cloud-nativity: Leveraging open-source eBPF technology, it provides cloud-native workload protection through the company’s recent acquisition of Isovalent, a leading eBPF provider.
- Hyper-distributed infrastructure: It embeds advanced security controls into servers and the network fabric, spanning all clouds and leveraging hardware acceleration, shifting anomaly detection closer to the workloads that need to be protected.
Tipping the scale in favor of defenders
Hypershield is designed to combat increasingly clever, malicious cyber adversaries by shielding new vulnerabilities quickly since patching alone cannot keep pace in today’s threat landscape.
The system works to protect the threat landscape in three ways:
- Distributed exploit protection: Delivers protection in minutes by automatically testing and deploying compensating controls into the distributed fabric of enforcement points.
- Autonomous segmentation: Perpetually observes, auto-reasons, and re-evaluates existing policies to segment the network once it is attacked to prevent the threat from moving laterally.
- Self-qualifying upgrades: Automates software upgrades by replacing them in a digital twin that tests them using the user’s traffic, policies, and features and applying the updates with zero downtime.
Anticipated availability and channel impact
With general availability scheduled for August 2024, Hypershield aims to redefine security for modern data centers in an era in which the number of vulnerabilities is increasing and the time it takes attackers to exploit them at scale is diminishing. The system is poised to give users visibility and insights across their digital footprint, adding security protection without the need for patching along with the ability to upgrade with zero downtime.
Although no organization is immune from experiencing a cyberattack, there are ways to reduce risk, like adhering to the Cybersecurity Maturity Model Certification (CMMC 2.0). Learn how to become CMMC compliant through key steps and a free downloadable checklist.
Contributing writer
Pamela Winikoff is a prolific business writer known for driving enterprise recognition and sustainable growth. She has created a wide range of marketing, public relations, and digital content for leading IT, financial, healthcare, and manufacturing organizations across various staff positions, contract roles, and as a freelance writer. Pamela holds an MBA in Marketing and certifications in Business Analysis, Project Management, and Digital Marketing.