“Why hack in…when you can simply log in?” - Cisco unveils Identity Intelligence to combat social engineering breaches

A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
(Image credit: Shutterstock)

The latest offering from Cisco could help stop identity theft and social engineering attacks in its tracks.

According to Jeetu Patel, EVP & GM, Security and Collaboration Business Units at Cisco, cracking through a firewall is old news as it is now easier than ever to exploit the human factor.

This is where Cisco’s Identity Intelligence can help provide a new layer of network observability and security.

 The difference between ‘if’ and ‘should' 

With how advanced social engineering attacks have become, it has never been easier for a hacker to impersonate your voice, disable your multi-factor authentication (MFA), and add their own device onto your network to steal your intellectual property (IP) and ransom your data.

Speaking as Cisco Live in Amsterdam, Patel states that hackers have switched to the mindset of, “why log in… when you can hack in?” 

This is especially relevant, he added, when 74% of attacks utilize a human element to breach an organizations network, such as the example above, or through phishing and malicious emails.

Traditionally, internal access is granted on the basis of asking ‘if’ a user can access a network, but Patel argues that the question should be changed to ask ‘should’ a user have access to a network, and this should be based on their behavior.

Jeetu Patel, Cisco

(Image credit: Future - Benedict Collins)

This latest security offering from Cisco provides the ability to monitor human and machines/services within a network to identify threats based on their behaviors and interactions. The Identity Intelligence platform will generate an identity graph to correlate the behaviors of users, machines and applications.

These behaviors will be based on the role of the users, their physical location and device to identify if there is a threat potential. For example, a user may have previously accessed the network on an old device and forgot to log out.

If this device begins exhibiting unusual behavior on the network, such as existing in a different location or attempting to access applications and services outside of the users role, the device will be flagged as a potential intrusion.

The identity graph will provide observability on old devices and access permissions, allowing network administrators to quickly decommission both of these vulnerabilities through the Cisco Security Cloud.

The platform’s ease of use is further enhanced by access to an AI Assistant in CISCO Security Cloud which provides natural language prompts to generate security access policies for their network and firewall, alongside an AI-based email threat detection.

Speaking on the announcement, Patel said, “Identity is the fabric that connects humans, devices and applications in the workplace, and has become an easy target for modern cybersecurity attacks.

“By analyzing the entire attack surface of an organization’s users, machines, services, apps, data and their behaviors, Cisco Identity Intelligence bridges the chasm between authentication and access. We are the first vendor bringing together identity, networking and security into a complete solution to address the largest cyber challenge of modern times.”

The Identity Intelligence platform will be available as an embedded part of the Security Cloud from July 2024.

More from TechRadar Pro

Benedict Collins
Staff Writer (Security)

Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.

He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.

Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.