Cisco has announced its intent to acquire Kenna Security, a privately held cybersecurity company headquartered in Santa Clara, California. Kenna’s risk-based vulnerability management technology enables organisations to work cross-functionally to rapidly identify, prioritise and remediate cyber risks. With this acquisition, Cisco will transform the way security and IT teams collaborate to reduce the attack surface and the time it takes to detect and respond.
The ability to prioritise vulnerabilities based on threat intelligence and business impact has never been more important. The world and the way we work is dynamic, and organisations are struggling to stay secure. As we shift to a work-from-anywhere model, employees are connecting to the network with company-owned and personal devices and are increasingly reliant on cloud technologies to stay productive. These trends have significantly expanded the attack surface and increased the complexity of security. There are too many point products producing too many alerts, according to Cisco and the lack of resources and prioritisation makes it unmanageable for security and IT teams.
With Kenna’s technology, Cisco Security will be combining threat and risk-based vulnerability management as part of the SecureX platform, expanding the platform experience and enabling comprehensive scorecards for security controls and threat response performance. This integration will help customers prioritise vulnerabilities; speed and automate decision making with tailored information; and accelerate response time for cyber readiness.
“Hybrid work is here to stay, and the increasing complexity of cybersecurity is our customers’ biggest challenge. We must radically simplify security to stay ahead of the evolving threat landscape,” says Jeetu Patel, Senior Vice President and General Manager, Cisco Security and Collaboration.
“Our goal is to unify all critical control points into a single platform. With the addition of Kenna Security, we will fundamentally strengthen our platform experience by giving customers the ability to prioritise vulnerabilities based on a robust risk methodology that is tuned to their unique needs.”
The acquisition of Kenna Security with Cisco’s SecureX platform will help customers:
- Discover and prioritise their organisation’s assets with a centralised, contextual view
- Speed-up decision making with prioritisation of vulnerability data based on threat intelligence and asset business value
- Accelerate and simplify response with orchestration to proactively perform patch management or deploy virtual patching
- Reduce friction associated with compliance efforts with a simple and easy way to generate compliance reports
- Enhance collaboration between security and IT teams to effectively deal with vulnerabilities to reduce risk for businesses
“Cisco is on a mission to reshape the way we think about security, and together we have a unique opportunity to fundamentally transform how organisations effectively manage risk at scale,” says Karim Toubba, CEO of Kenna Security.
“As malicious actors continue to evolve their methods, we need to make it easier than ever for customers to predict, detect, prioritise and respond to the security threats that matter. The breadth and scale of Cisco coupled with Kenna Security’s mastery of machine-learning and data science will reshape how the entire industry addresses cyber risk.”
Kenna’s technology integrates with all major industry vulnerability assessment platforms.
The acquisition is expected to close in Cisco’s fourth quarter of fiscal 2021.