Cisco Unveils New AI Cybersecurity Innovations at RSA 2025

As AI transforms the way businesses operate, it also increases cybersecurity risks.

Organisations around the world are grappling with advanced AI-enabled threats, critical shortages in cybersecurity expertise and the lack of adequate technology to secure AI infrastructure.

At RSA Conference 2025 in San Francisco, Cisco responds to this pressing challenge by unveiling a series of AI-driven cybersecurity innovations.

According to Cisco’s forthcoming 2025 Cybersecurity Readiness Index, 86% of organisations have encountered AI-related security incidents in the past year alone. These figures illustrate the urgency facing security teams today.

Jeetu Patel, Executive Vice President and Chief Product Officer at Cisco, explains: "The cybersecurity threat landscape has never been more dynamic and complex, with adversaries constantly emboldened and enabled by AI to drive new attacks and exploits.

"To fight back, understaffed security operations and IT leaders need AI power of their own."

Addressing the cybersecurity gap with AI technology

Cisco's new initiatives combine open-source security models, AI agent technology and advancements in Internet of Things (IoT) integration through the Cisco Security Cloud platform.

These innovations are designed to help security professionals deal with growing threats and a shrinking talent pool.

Central to Cisco’s approach is the Extended Detection and Response (XDR) platform, which correlates data across network infrastructures, endpoints, cloud environments and email systems.

In a landscape where security operations centres are inundated with thousands of threat alerts each day, this capability helps separate genuine risks from noise.

The addition of Instant Attack Verification into Cisco’s XDR platform, integrating Splunk’s data analytics, allows agentic AI to create and automatically execute investigation plans.

This technology cross-references data from endpoints, networks and threat intelligence sources to deliver faster threat detection.

Further, new features such as XDR Forensics provide deeper insights into endpoint activities, while XDR Storyboard visualises attack patterns, enabling quicker and more informed responses.

Splunk Enterprise Security 8.1 and Splunk SOAR 6.4 also now integrate with Cisco XDR, offering enhanced threat visibility and automated response workflows.

Frank Dickson, Group Vice President of Security & Trust at IDC, explains: "Cisco XDR aims to address key challenges in the SOC with its focus on 'Clear Verdict. Decisive Action. AI Speed.'

"The combination of Instant Attack Verification, XDR Storyboard visualisations and automated XDR Forensics offers a streamlined approach to threat management."

Strengthening AI risk management through partnerships

Cisco’s collaboration with ServiceNow marks another critical move towards improving AI risk governance.

By integrating Cisco AI Defense with ServiceNow SecOps, organisations can manage AI risks more comprehensively.

ServiceNow SecOps automates and streamlines security incident and vulnerability management by bringing security and IT operations together.

Supporting this initiative is the Foundation AI team, formed following Cisco’s acquisition of Robust Intelligence.

Foundation AI focuses on creating technology tailored for cybersecurity in the AI era.

Among its developments is an open-source reasoning model crafted specifically for security use cases.

Foundation AI also introduces benchmarks for assessing cybersecurity models against real-world attack scenarios.

These benchmarks, alongside adaptable tools, help security teams better protect AI systems against evolving threats.

Furthermore, Cisco has implemented AI Supply Chain Risk Management controls.

These controls secure AI application components by identifying vulnerabilities before models are deployed, such as detecting malware in AI model files or compromised datasets from open-source repositories.

They combine threat detection with network enforcement to block malicious model files, enforce open-source software licence compliance and prevent risks from prohibited suppliers.

Expanding technology for industrial cybersecurity

Cisco also turns its focus to industrial sectors, where operational technology systems face growing cybersecurity threats.

The company's Industrial Threat Defense solution now benefits from integrations with Cisco Cyber Vision, Cisco Vulnerability Management and Splunk Asset and Risk Intelligence.

These integrations prioritise operational technology cyber risks and help automate industrial network segmentation through Cisco Secure Firewall.

Additional improvements include a Splunk OT Security add-on, giving security operations centres a unified view across IT and operational technology environments.

Jeetu continues: "Cisco is continuing its mission to secure AI and leverage AI for security with novel open-source models and tools, new AI agents and IoT advancements, alongside the full breadth of the Cisco Security Cloud.

"Together, these innovations will help level the playing field and deliver AI innovation that makes all businesses more secure."

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 

Cyber Magazine is a BizClik brand