Technology
The new Cisco Hypershield aims to ‘completely reinvent’ security in the AI era
Discover how companies are integrating AI into production responsibly. This invitation-only event in SF explores the intersection of technology and business. Find out how you can attend here.
AI will be a force multiplier like no other; Ultimately, everyone will have digital assistants for a multitude of tasks.
However, the existing data center infrastructure cannot handle this enormous data load and the associated security challenges. The AI of the future requires a fundamentally scaled, highly protected architecture.
Cisco says it’s finally built this: The tech giant today announced Cisco Hypershield, a new approach that embeds security into the data center fabric and autonomously scans, segments and executes critical updates at the network level.
The new technology is “truly groundbreaking” and “the most consequential innovation” in Cisco’s 40-year history, Jeetu Patel, EVP and GM of security and collaboration, boldly claimed.
VB event
The AI Impact Tour – San Francisco
Join us as we navigate the complexities of responsibly integrating AI into business on the next stop of VB’s AI Impact Tour in San Francisco. Don’t miss the opportunity to gain insights from industry experts, network with like-minded innovators, and explore the future of GenAI with customer experience and business process optimization.
Request an invitation
“You can’t address these structural shifts by coming up with the next version of something that already exists,” Patel told VentureBeat. “You have to think of it as the first version of something completely new and reimagined.”
Integrating security into data centers
Cisco Hypershield, which will be generally available in August, is built on three customer challenges. These include:
- Exploit protection: according to Cisco Talos Intelligencedefenders see 100 new vulnerabilities a day, and attackers can weaponize newly published vulnerabilities faster than they can be patched. However, only about 20% of vulnerabilities receive patches. There is a “disconnect” between when vulnerabilities are announced and when exploits occur, which “has now shrunk to single digit days,” Patel said. Eventually this will shrink to hours and minutes.
- Segmentation: Once a threat actor is in a network, it can be difficult to segment them to stop their lateral movement. Attackers used to be segmented by hardware, Patel points out, but today’s infrastructure is completely different.
- Upgrades: Critical infrastructure is regularly attacked because it is outdated.
“Segmentation is very difficult, patching is difficult, upgrades are difficult,” says Patel. However, with new foundational technologies, these are “all solvable problems.”
The system is AI-native and self-driving (once it earns trust). It is also cloud-native and built on open-source eBPF, which accesses hardware and services from the Linux kernel area.
The agent sits on the host and can observe everything going in and out, providing “extreme visibility at a very manual level,” Patel said. To support this capability, Cisco is about to acquire… Isovalentone of the leading providers of eBPF, this month.
Additionally, Hypershield is “highly distributed,” embedding security controls into servers and the network fabric. It spans all clouds and uses hardware including data processing units (DPUs) to analyze and respond to anomalies in applications and the network.
Instead of securing the app, you get security where the exposure could be, Patel said. “You can bring security to where the problem areas are.”
This could be an OT or IoT device, an infrastructure element, a robotic device, a factory floor or an MRI machine, he said. “Instead of a fence, we have embedded security into the fabric of data centers.”
When it comes to vulnerability management, defenders used to worry about zero days, but today’s “cyber abandoners” can simply wait for a patch to come out and reverse engineer it, says Frank Dickson, Group VP for Security and Trust at IDC.
“Hackers are businesses, they want to create an ROI,” he said. It’s simply easier to weaponize patches. This is further compounded by the fact that security is seriously short-staffed.
“Shipping the security burden from the core to the edge is going to be incredibly important,” he said. “We can’t do what we’ve done before.”
AI agents that work autonomously once they are trusted
Hypershield helps protect in minutes because it automatically tests and deploys compensating controls into the fabric of enforcement points, Patel explains. These compensating controls can be stacked on top of each other, much like stepping on a broken window with plywood, he said.
“Enforcing security can happen in tens of thousands, hundreds of thousands of places,” Patel said.
Hypershield performs autonomous segmentation, meaning it ‘constantly’ observes, automatically reasons, and reevaluates policies to segment the network.
The tool also automates the time-consuming process of testing and deploying upgrades as soon as they are ready. This process is made possible by digital twin technology. Each policy enforcement point in the system is built with two software versions running in parallel, explains Craig Connors, VP and CTO for Cisco Security. The secondary data plane can also be used in high availability cases and for modeling policies.
The built-in AI agent can test every possible combination that might occur in a real environment, he said, and understands the application and all its dependencies.
“The security agent learns your applications and how they behave and looks for any activity that appears malicious, whether it’s a vulnerability or something else,” Connors said. “We’re really trying to bring out the trust aspect, and not just AI bombarding you with recommendations.”
Shifting the “burden of security” from the core to the edge is incredibly important, says IDC’s Dickson; the industry simply cannot do what it has done before.
Typical security solutions are “connective,” he said. “This isn’t screwed in, it’s built-in. It’s just a fundamentally different approach.”
AI is the platform shift of your life
AI is undoubtedly one of the biggest platform shifts most of us will experience in our lifetimes, Patel noted.
“Anytime you see something this profound happen, the short-term impact is grossly overestimated and the long-term impact is grossly underestimated,” he said.
Our lives haven’t changed all that much since ChatGPT came out about a year and a half ago; But in ten years, AI will have dramatically changed our daily lives, he predicted. It will deliver “profound change” with greater capacity “unlike anything we have ever seen.”
People will have dedicated personal assistants, HR managers, financial advisors and other digital helpers living in advanced data centers. The 8 billion people in the world will have the capacity of 80 billion people and scientific progress will be 1000 times greater.
“AI becomes this force multiplier for output,” says Patel. “This is not science fiction right now, we see this happening.”
But this introduces a new layer of complexity: where security used to be only between users and apps, now there are trillions of devices, microservices, clusters and other technologies talking to each other. This requires a new approach to security, Patel says, which is finally possible thanks to DPUs and high-performance computing.
“When we’ve looked at security over the last countless years, the advantage has always been on the opponent’s side,” Patel said. “Why is that? They only have to be right once. The defender has to be right every time.”
Ultimately, it could get to the point where the defender has the advantage, he noted, and “wouldn’t that be a wonderful world to live in.”
