Cisco & Splunk: Protecting Against Agentic AI Threats

Cisco is making strategic advancements in security infrastructure to tackle challenges posed by AI-driven threats, aiming to protect enterprises from sophisticated attacks.

 While AI promises enhancements in cybersecurity by automating detection and expediting response times, it also equips threat actors with tools to perpetrate more intricate attacks.

"Safety and security are the defining challenges of the AI era — and agentic AI multiplies the risk, as every new agent is both a force multiplier and a fresh attack surface," says Jeetu Patel, President and Chief Product Officer at Cisco.

In addressing these threats, Cisco is intricately weaving advanced security measures into networking fabrics, advocating for a departure from outdated perimeter-based security towards "zero trust architectures" that unremittingly authenticate all network entities.

A new era of hardware

Propelling this strategy is Cisco's expansion of its Hybrid Mesh Firewall portfolio.

Two novel hardware series cater to diverse application scenarios, with the Secure Firewall 6100 Series tailored for AI-centric data centres.

Featuring a performance capacity of 200Gbps per rack unit, this setup addresses the intricate scalability and complexity within high-performance computing environments.

For distributed branch environments, the Secure Firewall 200 Series synergises threat inspection with software-defined wide area networking, boasting up to threefold improved price-performance against rivals.

This hardware initiative accompanies broadened policy management aligned through Cisco's Security Cloud Control, which will extend unified administration to cutting-edge firewalls across its SD-WAN, switching and data centre fabric sectors.

The unique challenge of agentic AI

The emergence of agentic AI systems poses distinct cybersecurity challenges as these autonomous technologies independently harness resources and enact decisions.

While augmenting efficiency, such capabilities present potential vulnerabilities.

Addressing these weaknesses, Cisco introduces Universal Zero Trust Network Access, an identity-centric framework ensuring secure access control for both human and AI entities within hybrid environments.

This solution encompasses automated agent identification, delegated authorisation and thorough agent activity monitoring via native support for the Model Context Protocol.

"The AI era demands a transformative approach to security. Organisations need distributed, identity-based, zero trust protection for applications, users, AI models and agents, supported by a unified policy framework," says John Grady, Principal Analyst at Enterprise Strategy Group.

Splunk’s role in Cisco’s cybersecurity push

Following its acquisition of data analytics powerhouse Splunk in early 2024, Cisco is refining its security systems, enhancing threat detection capabilities.

This integration empowers security teams to capitalise on existing technology assets effectively.

New Security Orchestration, Automation and Response (SOAR) integrations incorporate Cisco Secure Firewall-specific actions, such as automated threat containment through host isolation and blocking connections.

"As AI continues to evolve at an unprecedented pace and new cybersecurity challenges emerge, it's even more important to fuse security into the very fabric of the network," explains Chris Konrad, Vice President of Global Cyber at World Wide Technology.

The announcements reflect broader industry recognition that traditional security models require fundamental rethinking as enterprises navigate an increasingly complex threat landscape characterised by AI-powered attacks and autonomous digital agents.