Welcome to the April edition of the What’s New in Security series! As the amount of data organizations create and use grows exponentially, the need to secure that data is more important than ever. According to Verizon, data is the key target of security breaches, and it is continuously trending upward. In 2023, 74% of all breaches included the human element through privilege misuse, error, use of stolen credentials, or social engineering. The global average cost of a data breach in 2023 was $4.45 million, which represents a 15% increase over the past three years. In the United States, those costs are double — averaging $9.44 million.
New innovations for Cisco Secure Application, now available as a standalone Cisco Observability Platform application, provide data security and cloud security capabilities that help organizations secure cloud native applications and safeguard sensitive data at scale. Here’s a quick look at what’s new:
Empowering teams with new standalone application flexibility
Cisco Secure Application is now available as an independent application on the Cisco Observability Platform and can be deployed with or without Cisco Cloud Observability. This flexibility means security teams can easily gain powerful security capabilities without committing to an investment in cloud native application performance monitoring.
This new standalone application supports two modules, our new Data Security module and Cloud Security module, (previously available as the Cisco Secure Application module for Cisco Cloud Observability), are purpose-built to give organizations the flexibility to secure their data and cloud native applications independently or as part of an all-in-one offering.
Figure 1 – Vulnerability – Cisco Observability Platform – Secure Application
Safeguard sensitive data from internal and external attackers
The new Data Security module provides organizations with deep visibility and actionable insights to effortlessly secure and protect sensitive data. By uniquely providing context-driven insights, Cisco helps organizations identify, classify, prioritize, and mitigate data risks and vulnerabilities along with helping to ensure compliance with data protection regulations.
Organizations are ultimately responsible for safeguarding the sensitive data they handle, such as customer information, intellectual property, financial records, and employee details. The Data Security module helps identify where critical data resides, how it is being used, and who has access to it, which enables organizations to ensure that sensitive information is adequately protected.
The Data Security module
- Unlocks deep data visibility by automatically discovering and classifying sensitive data at scale.
- Efficiently controls and secures data from both internal and external threats with continuous monitoring and locating unusual usage patterns.
- Saves time and effort by avoiding manual tasks and ensuring your data is compliant with the latest regulatory standards.
- Provides AI-powered alerting and guidance to expedite remediation of security issues.
Key differentiators:
- Context-driven discovery, classification, and compliance visibility.
- Lists of clients accessing databases insecurely.
- Identifies siloed object store buckets.
- Enables principle of least privilege (only allowing a user or entity to have access to specific data needed to complete a required task).
Figure 2 – exfiltration to external storage – Cisco Observability Platform – Secure Application
Fortify your cloud native applications and uncover crucial business context
The Cloud Security module for Cisco Secure Application provides intelligent business risk insights (like vulnerabilities within your code) to prioritize issues, respond in real time to revenue-impacting security risks, and reduce overall organizational risk profiles.
The module helps organizations efficiently secure cloud native applications based on real-time vulnerability analytics and business risk observability. Only Cisco Full-Stack Observability adds business context to security findings and brings together application data with security intelligence from market-leading Cisco security products. This enables teams to rapidly locate, assess, and prioritize risk — and remediate security issues based on potential business impact.
The Cloud Security module:
- Easily locates security issues across application entities (business transactions, services, workload, pods, containers) so you can quickly isolate them.
- Prioritizes issues with a business risk score that combines application and business impact context, with vulnerability detection and security intelligence from Cisco security products so you can easily identify which business transactions have the greatest risk.
- Accelerates response with real-time remediation guidance with prescriptive actions to address the most impactful vulnerabilities.
Figure 3 – Business Transaction – Cisco Observability Platform – Secure Application
For more information on the latest security innovations, read — Offering New Flexibility for Securing Your Cloud Native Applications and Sensitive Data and explore more about the new Data Security offering.
Audrey Nahrvar is a product marketing manager with a background in application security and ethical hacking. Audrey held positions at Autodesk and Shutterfly before joining AppDynamics in 2017 as a security engineer first and then promoted to security architect. In her off hours, Audrey enjoys spending time with her husky, in the mountains.
