Cisco integrated Stealthwatch, is network traffic analytics tool, across its security portfolio and added cloud security capabilities to its secure internet gateway today at its partner summit event. This, and a bunch of other new proactive and defensive capabilities are part of the vendor’s ongoing push to reduce complexity, help customers move to the cloud, and implement a zero-trust approach, Jeff Reed, SVP of product for Cisco’s Security Business, told SDxCentral in an exclusive interview.

The first pillar in Cisco’s security strategy centers around reducing complexity, Reed said, citing the company’s CISO Benchmark Study. It found 79% of security professionals surveyed find it challenging to orchestrate threat response in a multi-vendor environment. In an effort to simplify their environments, chief information security officers (CISO) are using fewer point products and adopting a platform approach. In 2018, the study found 21% of respondents used more than 20 vendors, and 5% had more than 50. This year saw those numbers drop to 14% and 3%, respectively.

“We’re starting to see this move to customers having fewer, more strategic vendors,” Reed said. “The [2019] CISO Benchmark Study was the first time we saw a decrease in the number of vendors relative to where they were the year before.”

To further reduce complexity, Cisco integrated Stealthwatch across its security portfolio. This product detects new infections, breach propagation, and data exfiltration. The portfolio already included Threat Response, which, as the name suggests, helps reduce time to investigate and respond to threats. Threat Response is a relatively new product announced about a year ago, and more than 6,700 customers are already using it, Reed said. “It’s one of the fastest growing ever products in security,” he added.

Cisco also added capabilities to its endpoint detection and response. Customers can now isolate a compromised endpoint to remediate a security threat and use an advanced search tool to accelerate incident response.

Additionally, the vendor also launched a new managed detection and response service. It provides 24/7 threat monitoring and response across cloud, network, and endpoints. And it targets small and midsized businesses that don’t necessarily have their own round-the-clock security teams to perform these duties.

“And lastly we are introducing our Talos Incident Response service,” Reed said. This essentially integrates Cisco Talos, which Reed said is the largest non-governmental threat intelligence research organization in the world, with Cisco’s incident response team, which provides response plans and preparedness training.

“The idea is it will provide a full suite of proactive services — before any breach happens — as well as a set of reactive services,” Reed said.

When it comes to securing cloud adoption — Cisco’s second pillar — the vendor added DNS-layer security, secure web gateway, cloud-delivered firewall, cloud access security broker (CASB), and interactive threat intelligence to the Cisco Umbrella Secure Internet Gateway (SIG) Essentials package.

ESG calls this an "Elastic Cloud Gateway." While some vendors are already adopting this approach, ESG and other analysts expect more to follow suit in the near future.

“We’re seeing SD-WAN is an accelerant, but we’ve been seeing this move for years,” Reed said. “More and more customers are looking at simplifying their architecture, and using as-a-service offerings as a way to move some of the on-premises controls to the cloud.”

Additionally, Umbrella and Cisco’s SD-WAN service can integrate with Anycast routing for networking security and direct internet access.

Finally, Cisco’s third pillar is zero trust.

“How do you establish trust? Trust is no longer you are on the corporate network,” Reed said. “That drove our acquisition of Duo Security. Zero trust is an approach. How do I establish trust for that resource, what’s my enforcement point, where I can either permit or deny access, and that can be different depending on what type of access you are trying to enable.”

Last year Cisco acquired Duo Security, a two-factor authentication startup, for $2.4 billion. And just this quarter Cisco earned a “leader” position in the most recent Forrester Wave Zero Trust report.

Today Cisco announced Duo MFA and AMP for Endpoints in beta, which will help customers safeguard against vulnerable or potentially compromised devices with automatic adaptive policy enforcement.