Cisco aims to consolidate and simplify infrastructure management to compensate for rapid AI advances and surging customer demands, according to the company’s UK&I CTO.

Speaking to ITPro following the company’s annual Cisco Live event, Rob Lay said a slew of announcements made at the conference last week intend to shore up infrastructure optimization capabilities for enterprises.

Chief among these announcements was the launch of the Cisco Cloud Control platform, which aims to consolidate disparate infrastructure management platforms through a single interface.

The move here, according to Lay, comes in direct response to the growing sprawl of disparate, overlapping solutions enterprises contend with, be that from Cisco itself, or third parties.

“Cloud Control is all about bringing together all of those different management platforms that we've got, because we've got a really broad portfolio, bringing together the likes of Catalyst Center and Meraki Dashboard and Nexus One, and the Collab Command Center, and Cisco Security Cloud Control,” he told ITPro.

“All of those pieces, you’re bringing all that together so you’ve got that single point of management.”

Cisco describes the platform as a “new way” to run critical infrastructure that ties together five key elements, including:

• Cross-domain telemetry
• Purpose-built models
• Trusted agents
• Cloud Control Studio
• Cisco AI Canvas

The launch of Cisco Cloud Control is the culmination of several years’ worth of evolution for the networking giant, according to Lay. Indeed, Cisco has been moving consistently toward a “platform approach” when it comes to network and infrastructure management.

“We've talked for a couple of years now about this idea of platform, and I think that it becomes very, very difficult to really have a true platform until you've got that consolidated management capability,” he added.

While in previous years this focus was spurred on by evolving cloud demands, particularly the shift toward hybrid and multi-cloud setups, the advent of generative, and more recently agentic, AI required somewhat of a rethink.

The performance demands of agentic AI are huge, Lay told ITPro. This means performance, stability, and consistency of cloud and networking capabilities are now paramount.

Running parallel to the performance requirements, enterprises are also dealing with an increasingly sprawling array of agents working behind the scenes, which again requires an overhaul of visibility and the ability to track, monitor, and orchestrate these autonomous bots.

“I think it's also driven by the landscape that we're seeing from an AI perspective as well. We can't get through a conversation these days without mentioning AI, but when you look at the challenges that our customers are facing – the need to be able to adapt, manage, respond to stuff at much, much faster speeds is driving a necessity,” he explained.

“We can't have customers bouncing from console to console to console anymore. So it's about bringing together all those different capabilities [and] unifying that experience for our customers.”

Cisco’s ‘AgenticOps’ push

Agentic AI certainly is a key factor in why Cisco customers are demanding more intuitive, unified management capabilities in 2026, Lay told ITPro.

Indeed, the Cloud Control Panel represents the underlying foundation for the firm’s ‘AgenticOps’ operating model. The company envisages a future where humans and agents are working together “side by side”, and the features rolled out by the company aim to simplify adoption.

The firm’s Agent Builder tool, for example, enables users to build custom agents for Cloud Control “tailored to their own policies and workflows”. These can be connected to more than 50 third-party platforms, either through native connectors, or the Model Context Protocol (MCP).

Elsewhere, the App Builder also allows enterprises to build and publish applications and workflows for Cloud Control using natural language prompts. This, the company noted, is based on OpenAI's Codex agent.

Tackling AI’s “network problem”

While agentic AI features and customization capabilities are a key focus for Cisco, Lay noted that Cisco’s bread and butter, networking, is the area in which it’s still emphasizing the importance of relying on high-performance capabilities.

Customers have worked their way through the early days of the generative AI boom, which was dominated by chatbots, and with agents, they’re now focusing heavily on delivering clear-cut use cases that “add value to their organizations”.

Throughout this process, he noted, it’s become clear that “AI rapidly becomes a network problem”.

“It's really, really difficult to enable an AI platform to work properly unless you've got that very highly capable network that underpins it all,” he explained.

“It is kind of true to say that Cisco now is delivering that critical infrastructure for the AI era, because regardless of whether we’re talking about the data center network and the need to connect to GPUs, whether we’re talking about the fact that we’ve got customers, service providers, and hyperscalers now building data centers further and further apart - how do we work to that?”

With the previous generation of generative AI focused largely around chatbots, network traffic typically “spiked” in short bursts. With agentic AI always on and running away in the background, that “profile just goes up and stays high in terms of network demand”.

“That puts a very different challenge and requirement on the network to deliver that real consistent high efficiency, high quality network connectivity,” he said.

Lay said these fundamental “network challenge” issues have prompted Cisco to drive networking innovation in recent years to enable it to meet surging customer demand.

Part of the challenge here, he noted, has been emphasizing that customers simply cannot continue “sweating assets” if they’re to have success with agentic AI (and remain secure).

In a recent discussion with a customer, Lay revealed an IT leader boasted about having a Catalyst Switch that had been “up for 12 years”.

“That’s great, right? That shows our kit is reliable and stable, but in today’s world that’s quite a risk for our customers, not just from a security perspective, but fundamentally, it’s not going to support any of the sort of network traffic types that you need for today,” he told ITPro.

Customer mindsets are shifting on this front, Lay added, and this is an area Cisco is keen to capitalize on and keep pace with.

“When they’re looking at refreshing their technology, they’re not just looking for the current in-support version of what they had previously, they’re looking at what do we need our network to do in two years’ time, in three years’ time,” he commented.

“That’s what we need to be planning for and investing for today.”

FOLLOW US ON SOCIAL MEDIA

Cisco has announced a partnership with the UK's Department for Science, Innovation, and Technology (DSIT) to support digital skills development across the country.

The strategic collaboration with the technology department will support the government's AI Opportunities Action Plan, which aims to provide skills courses to more than 10 million people by 2030.

Cisco noted that the move will also support the government's TechFirst program, which is designed to provide one million secondary school students with access to "technology and AI learning experiences".

Cisco Networking Academy will play a key role in the partnership, with the company committing to contributing over 8,000 hours of employee volunteering for educational schemes over the next four years. And there will also be work experience opportunities for 7,000 students across London, Manchester, Birmingham, and Glasgow.

"We believe a digital society that works for everyone isn't out of reach. Neither is it the responsibility of one group of people or organisations," Sarah Walker, CEO of Cisco UK & Ireland.

"That is why collaboration matters. Today's announcement marks a year of progress towards our commitment to help create a more inclusive, digital UK and Ireland, with a clear path to future impact."

Supporting tech skill development

The move from Cisco comes a year after the networking firm unveiled its UK & Ireland Manifesto to coincide with London Tech Week.

This outlined the company's commitment to "help everyone benefit from a more digitally inclusive society" by providing skills and career opportunities for people from a range of backgrounds.

A year on from the manifesto launch, Cisco said it has made "tangible progress" across three key areas of the pledge:

• Growing its presence in communities
• Developing digital skills
• Activating its people and partners

Cisco has scaled up skills development schemes significantly over the last year, launching a series of partnerships aimed at creating learning pathways for careers in AI, cybersecurity, and networking. The networking firm has worked with more than 100 organizations to support skills development, including through its apprenticeship and levy donation programme with Multiverse.

The company also revealed it has helped 100,000 people build skills and expertise through the Cisco Networking Academy over the last 12 months. Marking a significant step toward its goal of supporting one million learners across the country by 2030.

Cisco is rolling out its Sovereign Critical Infrastructure (SCI) portfolio across the EMEA region, allowing customers to build and operate their own sovereign infrastructure.

The announcement covers the company's core product lines, including networking, security, compute, collaboration, network management, AI, and Splunk.

With the move, customers can now configure and operate the products in their own air-gapped, on-premises physical environments.

"At Cisco, we understand that true sovereignty means having the freedom to innovate with choice and control remaining crucial to businesses in Europe, the Middle East and Africa,” said Gordon Thomson, President Cisco EMEA.

"Our Sovereign Critical Infrastructure portfolio meets organizations where they are on their sovereignty journey. The availability of this portfolio reinforces our commitment to being a trusted technology provider for the region’s critical infrastructure."

What to expect with Cisco SCI

Cisco said customers will have control over their data, via on-premises and air-gapped deployments where they retain full authority over location and access to data.

They get operational autonomy, with product capabilities and licensing models that allow products to function without internet connectivity or remote intervention.

A key appeal, according to Cisco, lies in freedom from dependency through continued legal use rights even in extraordinary disruption circumstances.

"A key strength in delivering on our promise of sovereignty is Cisco’s strong partner ecosystem," said Thomson.

"Together, we offer unmatched breadth and choice. Whether customers require a fully sovereign environment or the ability to deploy on-prem, air-gapped Sovereign Critical Infrastructure alongside cloud-based services in a hybrid environment, we provide the choice and control they are asking for."

Meanwhile, the Cisco Customer Experience (CX) organization now offers support and services with air-gapped, on-premises, or hybrid setups.

As part of this, Cisco CX is expanding its Critical National Services Centers (CNSCs) across EMEA - including UK, France, Spain, and Italy – along the lines of its existing center in Germany.

These centers will provide support reflecting strict data sovereignty strategies, including dedicated facilities, controlled access, and cleared personnel.

The company said its on-premises portfolio conforms to IPv6 Ready standards and Common Criteria certification.

Cisco is also working towards achieving the new European Union Cybersecurity Certification (EUCC) across its product lines, already in place for its Cisco Nexus 9K Series family of high-performance data center switches, as well as Intersight Appliance on UCS.

Cisco doubling down on sovereignty

Just last week, Cisco broadened its offer of Webex data residency to the UK, after having rolled it out across the EU five years ago.

Gartner predicts that spending on sovereign cloud infrastructure in Europe will triple from 2025 to 2027, with around a fifth of existing workloads set to shift from global cloud providers to local ones.

"As we navigate an era of digital transformation and AI adoption at a speed that we have never experienced before, the ability to maintain control and autonomy over the most critical data and digital infrastructure has become a strategic requirement for organizations managing complex digital environments," said Thomson.

"Our role is not to define sovereignty for our customers, but to listen to their needs and help them have control over their infrastructure and data. This is our long-term commitment to the region."

FOLLOW US ON SOCIAL MEDIA

After introducing Webex data residency in the EU five years ago, Cisco has announced that it's doing the same for the UK.

Organizations across the country will be able to handle Webex Meetings, Messaging, Calling, Slido, Contact Centre capability, and the company's AI Assistant with data processing and storage carried out in the UK.

Data at rest and in motion will be geographically distributed across UK locations for redundancy, the company said in an announcement.

Similarly, large language model (LLM) capabilities such as meeting summarization and action item generation will be delivered from within the UK while customers should also benefit from improved latency.

“With Webex Suite data residency in the UK, we’re delivering both advanced AI capabilities that process locally, with control over where your data lives and how it’s protected," said Amit Barave, VP and general manager, Webex Suite & AI, at Cisco Collaboration.

"This is collaboration infrastructure built for how regulated industries actually operate — with enhanced digital control at its core."

The company introduced Webex data residency for the EU in 2021, claiming it was the first major collaboration provider to keep services and store billing, analytics, and personal information exclusively in the EU.

Since then, it's focused heavily on adding AI capabilities, with the launch of its AI Assistant in 2023. One year later, the firm announced the addition of language translation per message or in real time, message summaries, meeting recaps, and message rewriting functionalities.

Sovereignty in the spotlight

Sovereign cloud and data residency is an increasing priority for UK and European organizations concerned about data security and overreliance on US-based big tech providers.

Gartner predicts that spending on sovereign cloud infrastructure in Europe will triple from 2025 to 2027, with government agencies ranked among the main buyers.

Around a fifth of existing workloads will shift from global cloud providers to local ones, it said.

Tech firms are investing heavily on this front across Europe as well, with a host of hyperscalers rolling out dedicated sovereignty schemes.

Last summer, Google gave new data residency assurances for UK businesses using its Gemini AI offerings, on top of its existing data residency for Agentspace, its AI agent program, and Gemini 1.5 Flash machine learning.

Around the same time, Microsoft said its Sovereign Cloud would see data stored by EU customers for core enterprise services including Azure, Microsoft 365, Microsoft Security, and Power platform staying in the region.

And in January this year, AWS announced the general availability of its European Sovereign Cloud, offering European-based customers a fully independent cloud located entirely within the EU, with enterprise data kept separate from other AWS Regions worldwide.

"Regulatory complexity is mounting and organizations are rightfully demanding more control over their digital infrastructure," said Cisco UK CEO Sarah Walker.

"And now, I am delighted to announce that Webex Suite data residency will be available in the United Kingdom. This addresses a gap many haven’t seen met in the market: the ability to embrace modern collaboration technology while maintaining the level of control their organizations require."

FOLLOW US ON SOCIAL MEDIA

In the last five years enterprise connectivity has gone from being a baseline capability to a strategic imperative, and this shift in focus is being driven in part by AI-related demands.

That’s according to Cisco’s inaugural State of Wireless Report. It found business wireless connectivity now represents a “strategic growth engine” for enterprises, helping to drive innovation and deliver downstream success in technology adoption.

Speaking to ITPro ahead of the report’s publication, Cisco Wireless CTO Matt MacPherson said businesses have ramped up investment in connectivity in response to a number of overlapping factors.

“If you go back a few years, it was all about connectivity,” he said. “If you get on the network, that’s what drives productivity, and the more you could get connected to the internet, the more that you have these resources available to you, the gains would be achieved.”

“Now connectivity is sort of assumed, but now it needs to meet the requirements of these next generation applications and services.”

AI workloads, an influx of IoT tools, high-bandwidth applications, and even hot desking have all precipitated huge funding increases and a sharpened focus on wireless connectivity, the report found.

Indeed, 80% of respondents told Cisco they’ve increased investment over the last five years, and 29% have increased budgets by 50% or more across that period.

Looking ahead, they plan to continue in this vein, with a growing number of respondents detailing plans to upgrade to the 6GHz spectrum, and nearly three-in-five firms planning to deploy Wi-Fi 6E or Wi-Fi 7 in the next year to modernize connectivity.

Downstream benefits of network modernization

With AI now dominating the C-suite focus, the impetus to improve connectivity capabilities has skyrocketed, according to Cisco, and for good reason.

The report identified a direct link between increased wireless investment and positive business outcomes, including a return on investment (ROI) in areas such as AI.

More than three-quarters (78%) reported operational efficiency gains from wireless investment, for example, while 75% saw employee productivity improvements. The benefits are also being felt in customer engagement, Cisco found, while 68% reported positive revenue impact.

MacPherson told ITPro that these findings show the penny has dropped for many enterprises with regard to connectivity.

Simply put, modernization efforts in this domain have a “multiplier effect” across the business - especially in AI, and it comes at a critical juncture in global roll-outs.

ROI – or lack thereof – has been a growing concern with generative AI. While recent studies show signs of improvement on this front, many have faced issues with outdated infrastructure.

The demand placed on networks by skyrocketing AI data flows also means enterprises can’t afford to shirk investment on this front. Low latency and capacity are critical in keeping the lights on in this regard.

“I think what’s really clear with some of the data that we pulled in here is the wireless infrastructure underneath is often an afterthought, but absolutely critical for achieving the ROI that people are expecting,” MacPherson noted.

“It’s easy to start loading up the network with some of these new workflows, and then suddenly realize that the network becomes the bottleneck to getting the execution that you’d like to see.”

The “wireless AI paradox”

As in many other areas, when it comes to wireless connectivity AI can be a double edged sword, Cisco found, which the company described as an “wireless AI paradox”.

While AI is helping drive modernization efforts in wireless connectivity and deliver ROI, it also functions as the “principal catalyst of operational complexity and risk”.

“AI has huge promise [and] we’re already seeing big gains – and I think we’re going to continue down that road,” MacPherson told ITPro, “but at the same time, AI can add additional complexity.”

MacPherson used cybersecurity risks as an example of how this paradox is unfolding for businesses. The technology is now being used to automate network management to great effect, the study found.

The vast majority (98%) of those using AI in network management report significant gains, saving an average of three hours and 20 minutes per person, per day.

At the same time, however, threat actors are actively using the technology to automate attacks. Organizations are now engaged in a war of attrition, with AI acting as the primary defensive and offensive weapon.

“Not only does AI speed up the capability to manage a network, immediately see where the issues are in the network, immediately see breaches in the network, and whether those breaches have moved horizontally to cause a more broad problem across your infrastructure,” he explained.

“At the same time you’ve got nefarious forces using AI that can just sit there and keep hammering at your network, whether it's a denial of service type attack, et cetera,” MacPherson added.

Skills shortages are exacerbating the paradox

The third and final aspect of this paradox lies in skills, according to Cisco. Firms are facing significant personnel shortages, which is amplifying complexity and leaving them open to threats.

Nearly nine-in-ten (89%) wireless leaders told Cisco they struggle to hire professionals in networking and connectivity, which in turn is driving 70% higher security incident costs.

Worse still, it’s trapping teams in a vicious cycle of “reactive operations”. Addressing this area will be a key priority for enterprises moving forward, MacPherson told ITPro.

Teams working in this domain need “advanced AI expertise” to navigate the challenges faced in both network modernization, but also in integration of the technology.

MacPherson noted that these talent shortages are akin to previous network modernization periods, particularly the 5G roll-out. Enterprises need time to adapt to changes, and talent acquisition efforts will ramp up accordingly.

“We’ve seen these types of things before when we were doing a lot of work converging, for example, 5G and Wi-Fi networks indoor and outdoors, it was really hard to find someone that was really good at 5G and Wi-Fi and could unify those architectures,” he said.

FOLLOW US ON SOCIAL MEDIA

CISOs are upbeat about the potential of AI tools in security operations, new research shows, but the priority focus for many right now is filling workforce gaps.

Findings from Splunk’s annual CISO Report show AI adoption is a key priority, with 68% highlighting investment in this domain as a leading focus alongside improvements to threat detection and response capabilities and identity and access management (IAM).

Indeed, around 92% said the technology is helping their teams to review more security events while 89% reported improved data correlation.

Yet despite this, just 6% have fully deployed agentic AI in security operations, pointing to sluggish adoption rates.

More than one-third (39%) of CISOs who have partially or fully adopted agentic AI strongly agree it has increased their teams’ reporting speed - more than twice the rate of those who are still exploring the technology.

More than eight-in-ten (82%) of CISOs, meanwhile, believe agentic AI will increase the amount of data reviewed, and 82% said it will increase correlation and response speeds.

While the potential benefits of AI are tantalizing for security leaders, the other side of the coin is that 86% fear agentic AI will increase the sophistication of social engineering attacks.

Similarly, 82% believe it will increase deployment speed and complexity of persistence mechanisms.

New tools mean nothing without talent for CISOs

Although AI is increasingly prevalent, CISOs don't expect technology to replace any security analyst jobs. Instead, they're prioritizing human capital to address critical skills gaps: upskilling current workforces, hiring new full-time employees, and engaging contractors.

The skillsets CISOs are most lacking in their security programs are threat hunting, engineering support - for vendor tooling, detection engineering, or maintenance - software development, and network and cloud architecture.

"Because of AI, CISOs will need to constantly reskill, upskill and bring in new talent required to achieve the ROI leadership wants. In this sense, AI will be creating jobs, not eliminating them," said Ryan Fetterman, senior manager, SURGe by Cisco Foundation AI.

Among those who rank threat hunting as their team’s biggest skills gap, 71% said upskilling their current workforce was a top means for addressing shortages. T

hose with bigger engineering gaps tend to focus on hiring new full-time employees, while hiring contractors is the answer for most of those whose biggest gap is software development.

This is easier said than done, however, with only 16% expecting to fill all their shortages.

“Investing in your teams, in part, means rethinking your hiring strategy. I challenge conventional wisdom that demands a cybersecurity degree or a decade of experience,” said Fanning.

"In a field where technical knowledge becomes obsolete quickly, a candidate’s foundational understanding of computing, systems, and networks — as well as curiosity, adaptability, and problem-solving skills — are far more valuable. Cyber knowledge can be taught, where needed, on top of that foundation.”

FOLLOW US ON SOCIAL MEDIA

Security agencies are warning that a maximum-severity flaw in Cisco Catalyst SD-WAN Controller has been exploited in the wild for years.

An advisory from CISA noted that threat actors have compromised SD-WANs to add a malicious rogue peer, allowing them to conduct a range of follow-on actions to achieve root access and maintain persistent access.

"Based on collaboration with international partners and CISA’s forensic analysis, the ease with which these vulnerabilities can be exploited demands immediate action from all federal agencies," said Madhu Gottumukkala, the acting director of the US Cybersecurity and Infrastructure Security Agency (CISA).

"We urge all entities to implement the measures outlined in this Emergency Directive without delay. CISA leadership and all (excepted) staff remain committed to fulfilling our mission while protecting the American people.”

Successful exploitation of CVE-2026-20127, which has a CVSS score of 10, could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account.

Using this account, an attacker could access NETCONF, allowing them to manipulate network configuration for the SD-WAN fabric.

Cisco Catalyst SD-WANs that have management interfaces exposed to the internet are at most risk of compromise.

"CISA’s guidance is a clear signal that adversaries are aiming for the control plane, not just individual endpoints. The vulnerability being discussed allows an attacker to reach sensitive management functions without going through normal access checks," said Nick Tausek, lead security automation architect at Swimlane.

"What makes this especially serious is how quickly a compromised management path can translate into broad influence over how sites connect, which routes are preferred, and what policies are enforced across networks."

Cisco Catalyst SD-WAN best practices

According to Cisco, the first thing to check for is any control connection peering event identified in Cisco Catalyst SD-WAN logs, as this may indicate an attempt at initial access via CVE-2026-20127.

All such peering events require manual validation to confirm their legitimacy, with particular focus on vManage peering types.

The company warned unauthorized peer connections may appear superficially normal but occur at unexpected times, originate from unrecognized IP addresses, or involve device types inconsistent with the environment's architecture.

Organizations should move quickly to inventory SD-WAN components, confirm which are internet-facing, and map all management access methods - web UI, SSH, NETCONF, APIs - including which networks and admin accounts can reach them, said Moshe Hassan, VP of research and innovation at Upwind.

Elsewhere, organizations are urged to restrict management access to known-good sources, Allowlisting trusted IPs/admin networks only, removing public exposure, and segmenting management interfaces behind VPN/jump hosts.

Unsolicited access to management ports and unusual management-plane traffic should be blocked.

"Patch exposed systems first, or block until you can. Prioritize patching any internet-reachable appliances immediately. If patching can’t happen fast enough, temporarily block management protocols from the internet, disable unused services, and deploy compensating controls (ACLs/IPS rules) until updates are in place," he said.

"Watch for unexpected new peers/devices in the SD-WAN fabric, suspicious changes to configuration or policy, anomalous admin activity, and unusual lateral connections within the management plane."

Cisco has published a hardening guide here.

FOLLOW US ON SOCIAL MEDIA

Enterprises are shaking up their approach to data privacy and governance, new research shows, largely due to added risk factors created by AI adoption.

According to Cisco's 2026 Data and Privacy Benchmark Study, nearly all companies are expanding privacy programs and governance frameworks to protect their data.

AI is the main reason for 90%, with 93% saying they planned further investment to keep up with the complexity of AI systems and the expectations of customers and regulators.

The survey found that 38% spent at least $5 million on their privacy programs in the past year – marking a dramatic increase from just 14% who spent over that threshold in 2024.

Notably, these programs appear to be working well. An overwhelming 96% of organizations reported that robust privacy frameworks were helping unlock AI agility and innovation, and 95% said privacy was essential for building customer trust in AI-powered services.

One interesting change spotted by the researchers is that trust is no longer just a question of meeting regulatory requirements.

Data governance is now seen as a strategic business enabler, with 99% of organizations reporting at least one tangible benefit from their privacy initiatives, such as enhanced agility, innovation, and greater customer loyalty.

Almost half said that clear communication about how data is collected and used is the most effective way to build customer confidence.

As a result, governance is evolving – although many organizations are still working to define and establish the structures they need to manage AI responsibly.

While three-quarters report having a dedicated AI governance body in place, only 12% describe it as mature. Meanwhile, 65% of organizations struggle to access relevant, high-quality data efficiently.

"AI is forcing a fundamental shift in the data landscape, calling for holistic governance of all data – both personal and non-personal,” said Jen Yokoyama, senior vice president, legal innovation and strategy, at Cisco.

“Organizations must deeply understand and structure their data to ensure every automated decision is explainable. It’s not just for compliance, but a necessary scaling engine for AI innovation.”

Data requirements are causing headaches

While 72% of respondents were generally positive about data privacy laws, there is a growing push to streamline and update data requirements, Cisco found.

Just over eight-in-ten organizations surveyed face heightened demand for data localization and global data complexity - and 85% said this adds cost, complexity, and risk to cross-border service delivery. #

Similarly, 77% report these requirements limit their ability to offer seamless 24/7 service across markets.

On top of this, the assumption that locally stored data is inherently more secure is gradually eroding, from 90% in 2025 to 86% in 2026.

“To capture the potential of AI, organizations (83%) are advocating for a shift toward harmonized international standards,” said Harvey Jang, Cisco vice president and chief privacy officer.

“They recognize that global consistency is an economic necessity to ensure data can flow securely while maintaining the high standards of protection required for trust.”

Cisco said enterprises should invest in robust data infrastructure, prioritizing transparency, and embedding security and privacy throughout AI initiatives.

Elsewhere, they should make sure they're making informed decisions about data localization, establish strong AI governance, and kit out their teams with comprehensive training and safeguards.

FOLLOW US ON SOCIAL MEDIA

Cisco has cut the ribbon on its new 360 Partner Program, which features a revamped framework to help channel partners deliver results in the AI era.

The initiative equips the company’s ecosystem of developers, consultants, MSPs, and resellers with AI-ready tools and resources geared towards driving predictable profitability.

Channel partners can now access a host of new perks, including the new Cisco Partner Incentive (CPI), Partner Value Indexes (PVI), Distributor Development Fund, as well as an improved Cisco AI Assistant.

In an announcement, Cisco said the new program has been co-designed with partners over the last 15 months to help them differentiate as AI continues to shape the modern IT landscape.

“With our partners, we’ve strengthened what is already a world-class ecosystem to deliver even greater value and help our mutual customers connect, protect and thrive,” said Tim Coogan, Cisco’s SVP of global partner sales.

Cisco targets aligned priorities

According to Cisco, the new 360 framework now better aligns with customer and partner priorities.

Among its additions is the new Partner Locator, which allows customers to search for the right partner across key Cisco portfolios including security, networking, collaboration, services, Splunk, and cloud and AI infrastructure

New partner designations also aim to help customers find partners with the desired capabilities. All participants are recognized as registered Cisco Partners, while Portfolio Partners showcase proven sales and technical expertise, practice maturity, and strong customer engagement.

Those categorized as Preferred Partners can offer advanced technical skills, high-level lifecycle and adoption practices, and the ability to deliver complete end-to-end solutions.

Enhanced resources

Cisco has also rolled out the Cisco Partner Incentive (CPI) scheme, which streamlines past program elements to give partners more predictable earnings across the Cisco portfolio.

The firm has introduced CPI bonuses focused on One Cisco – including the new Secure Networking and Secure AI Infrastructure specializations – that will expire at the end of July 2026.

Partner Value Indexes (PVI) will also soon add dedicated indexes and learning paths for Developers/Advisors, Mass-Scale Infrastructure, and Distributors.

Elsewhere, a new Distributor Development Fund aims to strengthen alignment and enablement with distributors, while an enhanced Cisco AI Assistant within the Partner Experience Platform will help partners work more efficiently, Cisco said.

“The Cisco 360 Partner Program was designed with partners to foster collective success, enable differentiation, and help partners scale with confidence,” commented Elisabeth De Dobbeleer, senior vice president, Cisco Partner Program. “It’s about making our ecosystem’s unique value clear to the market and our customers.”

FOLLOW US ON SOCIAL MEDIA

Cisco has issued a warning to customers after revealing China-linked hackers are exploiting a new high-severity zero day flaw in some security products.

Products targeted in the campaign include Cisco AsyncOS Software for Cisco Secure Email Gateway, formerly known as Cisco Email Security Appliance (ESA), and Cisco Secure Email and Web Manager, formerly known as Cisco Content Security Management Appliance (SMA).

Cisco Secure Email and Web Manager centralizes management and reporting functions across a number of Cisco ESAs and Web Security Appliances (WSAs), offering centralized services such as spam quarantine, policy management, reporting, tracking, and configuration management.

The currently unpatched vulnerability, tracked as CVE-2025-20393, has a CVSS score of 10.0.

Cisco said it became aware of the issue on December 10, and that the activity has been ongoing since at least late November. It's been hitting appliances with certain non-standard configurations that leave some ports open to the internet.

It's not known how many customers have been affected.

The attack involves a custom persistence mechanism that Cisco is tracking as “AquaShell”, along with additional tooling meant for reverse tunneling and purging logs.

"This attack allows the threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance," the firm said.

"The ongoing investigation has revealed evidence of a persistence mechanism planted by the threat actors to maintain a degree of control over compromised appliances."

Cisco is attributing the attacks to a group tracked as UAT-9686, a Chinese-nexus advanced persistent threat (APT) actor.

"We have observed overlaps in tactics, techniques and procedures (TTPs), infrastructure, and victimology between UAT-9686 and other Chinese-nexus threat actors Talos tracks," said the company's Talos researchers.

"Tooling used by UAT-9686, such as AquaTunnel (aka ReverseSSH), also aligns with previously disclosed Chinese-nexus APT groups such as APT41 and UNC5174. Additionally, the tactic of using a custom-made web-based implant such as AquaShell is increasingly being adopted by highly sophisticated Chinese-nexus APTs."

How to mitigate AquaShell threats

AquaShell is a lightweight Python backdoor that is embedded into an existing file within a Python-based web server that can receive encoded commands and execute them in the system shell.

If customers identify an appliance as having the web management interface or the Spam Quarantine port exposed to and reachable from the internet, Cisco said it strongly recommends following a multi-step process to restore the appliance to a secure configuration, when possible.

If this can't be done, customers should contact Cisco's Technical Assistance Center to check whether the appliance has been compromised. If it has, rebuilding the appliances is, currently, the only way to eradicate the threat actor's persistence mechanism from the appliance.

Cisco also strongly recommends restricting access to the appliance and implementing robust access control mechanisms to make sure that ports are not exposed to unsecured networks.

FOLLOW US ON SOCIAL MEDIA

Two key players in the notorious Salt Typhoon hacker group are former Cisco Network Academy trainees, according to researchers at SentinelLabs.

An investigation by the firm suggests Yu Yang and Qiu Daibing used their insider product knowledge to compromise telecoms systems in one of the largest intelligence-gathering operations of the decade.

Salt Typhoon collected unencrypted calls and texts between US presidential candidates, key staffers, and China experts.

The Cisco Network Academy began in 1997 and entered the Chinese market in 1998. It has now trained more than 200,000 students in China - most, of course, perfectly reputable.

Qiu and Yu were apparently top students at the 2012 Cisco Network Academy Cup, representing Southwest Petroleum University. However, a little sleuthing revealed that the pair are co-owners of Beijing Huanyu Tianqiong, with Yu also tied to Sichuan Zhixin Ruijie.

Both of these companies were named in a Salt Typhoon cybersecurity advisory by US authorities.

"Among the content covered in Cisco networking academy were many of the products Salt Typhoon exploited, including Cisco IOS and ASA firewalls," said Dakota Cary, a China-focused consultant at SentinelOne.

"Of course, a product training academy educating students on the company’s wares is hardly surprising. More notable is the fact that two students from a regional university, with limited recognition in IT and cybersecurity education participated in the Cisco Network Academy and went on to run one of the most expansive collection operations against global telecommunications firms ever detected and disclosed publicly."

Salt Typhoon has been on a rampage

Salt Typhoon has quickly emerged as one of the most notorious state-sponsored hacker groups globally. As ITPro reported last year, a campaign by the threat group saw it intercept unencrypted calls and texts from high-value US political targets dating back to 2019.

Targets in this campaign spanned a wide range of sectors, focusing mainly on large backbone routers of major telecommunications providers, as well as provider edge and customer edge routers.

The group is still active, with the US Department of Defense (DoD) revealing in July that Salt Typhoon had breached and laid low in the network of an unnamed US state National Guard for almost a year.

In September, the FBI warned that the group was ramping up attacks globally, having hit more than 60 organizations in 80 countries.

Education schemes could cause blowback

SentinelLabs said the unmasking of Qiu and Yu reveals the long-term security risks of global tech education pipelines, which can be exploited by state-linked operators.

"The episode suggests that offensive capabilities against foreign IT products likely emerge when companies begin supplying local training and that there is a potential risk of such education initiatives inadvertently boosting foreign offensive research," said Cary.

"Qiu and Yu are not an oddity; they are evidence of a world in which today’s students can become tomorrow’s rivals with little more than time, opportunity, and a different notion of whose security they serve."

A spokesperson for Cisco told ITPro the networking giant "remains committed to helping people around the world gain the foundational digital skills needed to access careers in technology".

“Cisco Networking Academy (NetAcad) is a skills-to-jobs program that teaches foundational technology skills and digital literacy, helping millions of students obtain basic certifications for entry-level IT jobs each year. This program is open to everyone," the spokesperson commented.

"Since its inception in 1997, the program has educated over 28 million students across 195 countries, in partnership with more than 12,000 institutions and organizations.

"In 2012, NetAcad hosted one global competition series called NetRiders and published a list of APAC regional winners."

MORE FROM ITPRO

• A new 'top-tier' Chinese espionage group is stealing sensitive data
• Chinese hackers are using ‘stealthy and resilient’ Brickstorm malware to hide in networks for months at a time
• China cyber threats: What businesses can do to protect themselves

Cisco has unveiled a new computing platform designed specifically for AI workloads on the edge.

Announced at the company’s annual partner summit, Cisco Unified Edge will combine computing, networking, and storage capabilities in a single platform to provide “real-time AI inference” and support for agentic AI workloads.

Cisco said the new platform is aimed primarily for organizations operating in data-intensive sectors, such as healthcare, manufacturing, and retail.

The networking giant noted it has “partnered closely” with customers across the aforementioned industries to design the platform.

"Today’s infrastructure can’t meet the demands of powering AI at scale,” said Cisco president and CPO, Jeetu Patel.

“As AI agents and experiences proliferate, they will naturally emerge closer to where customers interact and decisions are made – the branch office, retail store, factory floor, stadium, and more.

“That’s where compute needs to live. With our Unified Edge we’re making it easier to power AI in the real world with flexible, secure systems that are simple to deploy, operate, and scale as demand grows.”

So what can customers expect from the new edge AI platform?

Under the hood of Cisco Unified Edge

Cisco Unified Edge is designed primarily for enterprises looking to run AI workloads and inferencing in a localized setting, removing the need for costly cloud-based infrastructure.

The platform can be scaled based on changing storage needs, which Cisco said will remove the need for “rip-and-replace upgrades”.

“The modular chassis offers CPU and GPU configurations, redundant power and cooling, high-performance SD-WAN networks, and pre-validated designs to support today’s applications and those yet to be imagined,” the company said in a statement.

Notably, Cisco aims to simplify integration of the platform, describing it as a “zero-touch deployment” system that can be easily managed through Cisco Intersight. This means considerations such as scaling and upgrades can be carried out without the need for “on-site specialist skills”.

ThousandEyes and Splunk integrations will also be available for Cisco Unified Edge, the company added, as well as built-in security features.

“Security is built-in at the device level and can extend to applying zero trust to every access, segmentation, and protection applications and AI models,” Cisco explained.

“This approach addresses the expanded attack surface at the edge, helping secure AI operations from physical and cyber threats.”

AI at the edge gains momentum

The announcement from Cisco marks the latest in a string of moves from big tech providers to bring AI closer to the edge, meaning data is processed closer to the source as opposed to relying on cloud infrastructure services.

There are a number of key advantages for businesses in this regard, according to Forrester, particularly with regard to latency and processing speed.

“Moving AI processing to edge devices enables rapid insights that traditional cloud-based setups can’t match,” Forrester VP and principal analyst Michele Goetz noted in a 2024 blog post.

“For sectors like healthcare and manufacturing, architects should prioritize proximity to offset latency. Low-latency, highly distributed architectures allow endpoints (e.g., internet-of-things sensors or local data centers) to make critical decisions autonomously.”

As ITPro noted in February 2025, hosting AI workloads at the edge also offers distinct advantages in terms of security.

In hosting data on localized devices, this essentially allows enterprises to keep a closer eye on storage and reduce exposure to unauthorized access.

MORE FROM ITPRO

• Cisco polishes its platform but the network is still king
• Cisco promises AI training for a million Americans
• 96% of businesses have low cyber-readiness, claims Cisco

Security agencies are warning that hackers are exploiting vulnerabilities in Cisco Adaptive Security Appliance (ASA) 5500-X Series devices to install malware, execute commands, and steal data.

The first vulnerability, tracked as CVE-2025-20333, allows authenticated attackers to execute arbitrary code on devices using ASA and Firewall Threat Defense (FTD) software.

Meanwhile, a second vulnerability (CVE-2025-20362) allows them to access restricted URL endpoints without authentication.

"In May 2025, Cisco was engaged by multiple government agencies that provide incident response services to government organizations to support the investigation of attacks that were targeting certain Cisco Adaptive Security Appliance (ASA) 5500-X Series devices that were running Cisco Secure Firewall ASA Software with VPN web services enabled," the networking giant said in a customer advisory.

"Attackers were observed to have exploited multiple zero-day vulnerabilities and employed advanced evasion techniques such as disabling logging, intercepting CLI commands, and intentionally crashing devices to prevent diagnostic analysis."

CISA, NCSC respond to Cisco ASA flaws

According to the US Cybersecurity and Infrastructure Security Agency (CISA), the campaign is 'widespread' and connected with “ArcaneDoor” activity identified early last year

This threat campaign targeted perimeter network devices from several vendors, including Cisco, to deliver malware strains such as Line Runner and Line Dancer.

"CISA is directing agencies to account for all Cisco ASA and Firepower devices, collect forensics and assess compromise via CISA-provided procedures and tools, disconnect end-of-support devices, and upgrade devices that will remain in service," the agency said.

The UK's National Cyber Security Centre (NCSC) has also issued guidance in the wake of the exploitation. The cybersecurity agency noted that some Cisco ASA 5500-X series models will be out of support from September 2025 and August 2026.

With this in mind, enterprises using these models should take immediate action to mitigate potential risks.

“It is critical for organizations to take note of the recommended actions highlighted by Cisco today, particularly on detection and remediation,” said NCSC chief technology officer Ollie Whitehouse.

“We strongly encourage network defenders to follow vendor best practices and engage with the NCSC’s malware analysis report to assist with their investigations.

“End-of-life technology presents a significant risk for organisations. Systems and devices should be promptly migrated to modern versions to address vulnerabilities and strengthen resilience.”

New malware strains are a potent threat

New RayInitiator and Line Viper malware strains believed to be used in attacks represent a “significant evolution” on Line Dancer and Line Runner, the NCSC warned, particularly in terms of sophistication and their ability to evade detection.

CISA has now issued a directive ordering federal agencies - which have already been targeted - to identify, analyze, and mitigate potential compromises immediately.

"CISA is directing agencies to account for all Cisco ASA and Firepower devices, collect forensics and assess compromise via CISA-provided procedures and tools, disconnect end-of-support devices, and upgrade devices that will remain in service," it said.

"These actions are directed to address the immediate risk, assess compromise, and inform analysis of the ongoing threat actor campaign.”

MORE FROM ITPRO

• Cisco polishes its platform but the network is still king
• 96% of businesses have low cyber-readiness, claims Cisco
• Cisco promises AI training for a million Americans

Cisco's announced another big skills training drive, pledging to upskill a million more people in AI and digital technologies over the next four years.

The US initiative follows a White House AI meeting with government and industry leaders, as part of the Pledge to America's Youth: Investing in AI Education, a national effort to expand AI learning and readiness.

"This effort underscores a collective priority to prepare people of all ages for the AI era. We are proud to stand alongside government and industry leaders in this pledge," said Fran Katsoudas, Cisco's EVP and chief people, policy, and purpose officer.

"Through 'Learn with Cisco', we aim to train one million more people across the US in AI and digital skills over the next four years. This reflects our core belief: every person deserves the opportunity to step confidently into the economy of the future."

The company's observed that educators aren't always fully equipped to teach AI, and said it's working to bridge that gap with curricula, training, and tools for teachers and businesses.

Cisco has been running its Networking Academy for nearly 30 years, and said that over that time, more than 2.9 million people have taken part. More than nine-in-ten of those who complete the course go on to jobs or further education, it said.

"The fact is undeniable: to stay ahead, the ability to learn is an important skill and a competitive edge for individuals, companies, and countries," said Katsoudas.

"Embedding continuous learning into everything builds a workforce ready to adapt, innovate, and lead for lasting impact."

The US training initiative follows a similar scheme for the EU, launched earlier this year. The initiative involves offering free training to 1.5 million people in essential skills such as digital awareness, cybersecurity, data science, IoT, and AI. Again, there's training for teachers too.

Tech giants promise $330 million for AI training

Cisco wasn't the only tech giant to make promises at the White House meeting, with Amazon, Google, and Microsoft between them, promising $330 million for AI training.

Google pledged to allocate $150 million from a previously $1 billion commitment to grants supporting AI education and digital wellbeing.

Amazon, meanwhile, said it would support AI skills training for four million learners and provide curricula for 10,000 educators by 2028.

And Microsoft said it would offer Copilot free in Microsoft 365 for college students, along with $1.25 million in grants for educators and free LinkedIn Learning AI courses for students, teachers and job-seekers.

"As we think about this national priority, we think it comes down to three things. First, empowering teachers and students with the latest AI tools," said vice chair and president Brad Smith.

"Second, building AI skills. With AI moving faster than any technology in history, the only way to keep up is learning by doing and getting recognized for it. Third, creating economic opportunity by connecting these new skills to jobs."

MORE FROM ITPRO

• Software engineers among the hardest hit in latest Cisco layoffs
• Cisco eyes network security gains for agentic AI
• Cisco wants to train 1.5 million Europeans in digital skills

Cisco is preparing for another round of layoffs just weeks after reporting significant earnings growth.

The layoffs primarily affect workers in the San Francisco Bay area, according to reports from SFGate.

WARN filings, which businesses are required to file with state authorities ahead of job cuts, show 221 workers will be laid off as part of the move, with staff at two locations in the area impacted.

Employees were reportedly informed on 14th August, with roles formally terminated on 13th October.

Notably, a significant portion of job cuts affect staff in software engineering roles, accounting for 157 of the total.

Cisco layoffs come in wake of strong earnings report

The layoffs come in the wake of strong financial reports at the networking giant.

Cisco’s earnings report for the fourth quarter shows it recorded $14.7 billion in revenue, marking an 8% increase compared to the same quarter last year.

In total, revenue for the full 2025 fiscal year topped $56.7 billion, again marking an increase of 5% compared to the year prior. Earning from AI infrastructure and services were a key driver of revenue growth for the company this year.

Cisco CEO Chuck Robbins revealed the company’s AI infrastructure services segment reported $2 billion in revenue for the year, more than double its target.

"We delivered a strong close to fiscal 2025, driven by our accelerated innovation and solid execution," Robbins said in a statement at the time.

"The AI infrastructure orders we received from webscale customers in fiscal 2025 were more than double our original target, indicating a massive opportunity ahead as we lead the required architectural shift and build the critical infrastructure needed for the AI era."

This latest batch of layoffs pales in comparison to cuts made by the networking giant last year, which saw two rounds of staff let go. In August, the firm announced a restructuring plan to reduce its global workforce by 7%, equivalent to around 6,000 employees.

Cisco said the move aimed to lower costs and enable it to ramp up investment in “high-growth areas” - a common recurring theme at a host of tech giants last year.

MORE FROM ITPRO

• Fresh Microsoft layoffs hit software engineering roles, documents show
• Why tech layoffs can be like grief
• Layoffs loom for underskilled tech workers and poor performers

Russian government-linked hackers are exploiting unpatched Cisco networking devices to spy on critical infrastructure organizations.

The attackers are mainly targeting organizations in the telecommunications, higher education and manufacturing sectors, with known victims in a number of geographic regions, including North America, Asia, Africa and Europe.

The group carrying out the attacks is believed to be part of the Russian Federal Security Service's (FSB) Center 16, and has a number of names, including Static Tundra, Berserk Bear, Energetic Bear and Dragonfly.

It's exploiting Simple Network Management Protocol (SNMP) and end-of-life networking devices running a seven-year-old unpatched vulnerability in Cisco Smart Install (SMI).

"For years, Static Tundra has been compromising Cisco devices by exploiting a previously disclosed vulnerability in the Smart Install feature of Cisco IOS software and Cisco IOS XE software (CVE-2018-0171) that has been left unpatched, often after those devices are end-of-life," said Cisco Talos researchers Sara McBroom and Brandon White in an advisory.

"We assess that the purpose of this campaign is to compromise and extract device configuration information en masse, which can later be leveraged as needed based on then-current strategic goals and interests of the Russian government. This is demonstrated by Static Tundra’s adaptation and shifts in operational focus as Russia’s priorities have changed over time."

Over the last year, the group has been spotted collecting configuration files for thousands of networking devices associated with US organizations across critical infrastructure sectors.

On some vulnerable devices, it modified these configuration files to enable unauthorized access, through which they then carried out reconnaissance in their victims' networks - revealing their interest in protocols and applications commonly associated with industrial control systems.

The group has been compromising network devices for more than ten years, focusing particularly on devices accepting legacy unencrypted protocols like SMI and SNMP versions 1 and 2.

It's also made use of custom tools against certain Cisco devices, such as the malware known as SYNful Knock in 2015.

"Once they establish initial access to a network device, Static Tundra will pivot further into the target environment, compromising additional network devices and establishing channels for long-term persistence and information gathering," said McBroom and White.

"This is demonstrated by the group’s ability to maintain access in target environments for multiple years without being detected."

Cisco Talos is urging customers to apply the patch for CVE-2018-0171 or, if that's not an option, to disable Smart Install.

"The threat extends beyond Russia's operations — other state-sponsored actors are likely conducting similar network device compromise campaigns, making comprehensive patching and security hardening critical for all organizations," McBroom and White warn.

"Threat actors will continue to abuse devices which remain unpatched and have Smart Install enabled."

MORE FROM ITPRO

• The convergence of network and security – how it helps achieve business outcomes
• Russian hackers tried to lure diplomats with wine tasting
• ‘All US forces must now assume their networks are compromised’ after Salt Typhoon breach

Cisco has unveiled a raft of security-focused product updates as the networking giant delves further into agentic AI.

Announced at the 2025 Cisco Live event in San Diego this week, the company said it is "fusing security capabilities deeper into its networking infrastructure" in a bid to alleviate AI-related security concerns for enterprise leaders and cyber professionals alike.

These updates included new capabilities for Cisco's Hybrid Mesh Firewall and Zero Trust Network Access (ZTNA) solutions. Cisco said the updates aim to simplify policy management, enhance network visibility, and reduce complexity for security practitioners.

"Safety and security are the defining challenges of the AI era – and agentic AI multiplies the risk, as every new agent is both a force multiplier and fresh attack surface," said Jeetu Patel, president and CPO at Cisco.

"At the same time, threat actors are already leveraging AI tools to launch more sophisticated attacks than ever. To help IT and security teams fight back, Cisco is reimagining how we secure networks, protect AI apps and models, manage identity, and equip security teams with the AI tools they need to meet the moment."

So what can customers expect from the updates?

Cisco targets firewalls for the age of agentic AI

Cisco's Hybrid Mesh Firewall is set to receive a host of new hardware and policy management capabilities as part of the move.

This includes the launch of the Cisco Secure Firewall 6100 Series. This, the company said, will provide the "highest performance density" for data center firewalling, boasting a whopping 200 Gbps per rack unit.

Cisco noted that this will enable enterprises to address complexity and cost while providing the scalability required to match growing AI-related data center demands. Similarly, the Cisco Secure Firewall 200 Series, which the company said delivers "advanced on-box threat inspection", offers integrated software-defined wide area network (SD-WAN) capabilities.

In terms of cost, Cisco specifically highlighted that the Secure Firewall 200 series boasts a 3x price-performance guarantee compared to competitors.

ZTNA updates are inbound

The networking giant also touted new updates to its Universal ZTNA solutions, which are aimed primarily at enhancing visibility across hybrid environments and AI agents.

In a pre-event media briefing, executives at the company, including Patel, noted the rise of agentic AI is bringing fresh challenges for enterprises with regard to both identity management and network visibility.

The latest updates address these concerns directly, with all Cisco SD-WAN offerings – including Meraki – now fully integrated with Cisco Secure Access.

"This enables customers to choose the optimal branch connectivity while still enjoying a unified security service edge (SSE) policy and consistent enforcement," the company said in an announcement.

New features aimed at addressing phishing risks are also coming, the company revealed. The Duo Identity and Access Management (IAM) solution will now act as an "identity broker", Cisco said.

"With a new complete passwordless option and unique proximity verification capability, Duo layers end-to-end phishing resistance – without clunky hardware tokens – on top of existing identity infrastructure," Cisco said in a statement.

Splunk updates complement new features

Elsewhere at Cisco Live, the networking giant also announced new updates for Splunk customers, with a particular focus on integration for enterprise users. For example, customers using the Cisco Secure Firewall service will now be able to glean "deeper threat insights" by combining firewall log data with Splunk.

"This enables advanced detections and helps security teams maximize the value of their Cisco and Splunk investments," the company said.

Closer integration with Splunk AppDynamics was another key update highlighted by Cisco. Again aimed at network visibility, users can now forward secure application events into Splunk, meaning security teams can more efficiently identify application-layer vulnerabilities and threats.

Cisco has issued patches for three vulnerabilities affecting its Identity Services Engine (ISE) and Customer Collaboration Platform (CCP) services.

The three flaws, tracked as CVE-2025-20286, CVE-2025-20130, and CVE-2025-20129, included critical vulnerability with a rating of 9.9/10 which also included a public proof of concept exploit.

Highest on the list priorities for customers was CVE-2025-20286, which was detailed as a ‘static credential vulnerability’ by the tech giant.

Primarily affecting ISE deployments in AWS, Azure, and Oracle Cloud Infrastructure (OCI), this could allow unauthorized parties to access sensitive data, execute “limited” administrative operations, and modify system configurations.

Cisco said this vulnerability arose because credentials are “improperly generated” when ISE is deployed on cloud platforms. This means that different ISE deployments share the same credentials.

“These credentials are shared across multiple Cisco ISE deployments as long as the software release and cloud platform are the same,” the company said.

"An attacker could exploit this vulnerability by extracting the user credentials from Cisco ISE that is deployed in the cloud and then using them to access Cisco ISE that is deployed in other cloud environments through unsecured ports.”

Cisco noted that a threat actor could only access affected ISE instances if the Primary Administration node is deployed in the cloud. On the other hand, if it’s deployed on-premises, there is no vulnerability.

The networking giant added that there are no workarounds that address this vulnerability, urging enterprises to patch immediately.

Two more Cisco flaws patched

The two other vulnerabilities patched by Cisco this week aren’t on the same scale in terms of severity, both recording a CVSS score of 4.9.

CVE-2025-20129 is a vulnerability affecting the web-based chat interface of Cisco’s Customer Collaboration Platform (CCP). This, the company explained, could allow an authenticated user to "persuade users to disclose sensitive data”.

“This vulnerability is due to improper sanitization of HTTP requests that are sent to the web-based chat interface,” Cisco said in an advisory.

Essentially, threat actors could exploit this flaw by sending specially crafted HTTP requests to the chat interface of a user on a vulnerable server.

“A successful exploit could allow the attacker to redirect chat traffic to a server that is under their control, resulting in sensitive information being redirected to the attacker.”

CVE-2025-20130, which also affects ISE and Cisco ISE Passive Identity Connector (ISE-PIC), could allow an attacker with admin privileges to upload files to a compromised device.

“This vulnerability is due to improper validation of the file copy function. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint,” the company said. “A successful exploit could allow the attacker to upload arbitrary files to an affected system.”

Businesses worldwide are still unprepared for a myriad of cyber attacks, according to the latest Cisco Cybersecurity Readiness Index.

The networking specialist categorizes companies’ cyber readiness as Mature, Progressive, Formative, and Beginner based on what it considers to be the five most important pillars of cybersecurity for businesses today.

These include:

• Identity Intelligence
• Machine Trustworthiness
• Network Resilience
• Cloud Reinforcement
• AI Fortification

According to the report, which is based on a double-blind survey of 8,000 business and cybersecurity leaders, the progressive category has remained static at 26% compared to 2024, while beginner has decreased from 11% to 9%.

There has been a slight increase in the progressive and mature categories, Cisco noted, going from 60% to 61% and 3% to 4% respectively.

Winners and losers

Of the five areas identified as most important by Cisco, two of the most mature and widely used technologies – cloud computing and networking – had some of the lowest levels of ‘mature’ cybersecurity readiness, at 4% and 7%.

Despite being a newer field of technology, AI fortification was on a par with networking in terms of maturity, ranking at 7%, while identity intelligence was ranked at 6%. Machine trustworthiness was the only category to reach double-digits, at 12%.

In terms of which industries have the greatest levels of mature cyber readiness, technology services, media and communications, and natural resources all come in at 6%. At the other end of the scale, at beginner level, are healthcare (14%), wholesaling (15%), and natural resources (16%).

The results for the natural resources industry in particular show that there can be a wide variety of knowledge and preparedness even within a single sector, Cisco said.

AI in the spotlight

AI threats are “a blind spot for many companies”, the report’s authors claim, despite an increase in would-be hackers targeting AI systems through methods such as data poisoning, prompt injection attacks, and model theft.

Exacerbating this problem, only 51% of respondents believe employees within the business are fully aware of AI-related cyber threats. Additionally, 22% say employees are allowed unfettered access to third-party generative AI tools, which carries a variety of security risks.

“Regardless of how employees use AI at work, IT teams have limited visibility and control, with 60% saying they can't see specific prompts or requests made by employees using GenAI tools,” the report says.

“Unregulated AI deployments, or shadow AI, pose significant cybersecurity and data privacy risks, as it is hard for security teams to monitor and control what they can't see.”

MORE FROM ITPRO

• What good AI cyber security looks like today
• Executives think AI can supercharge cybersecurity teams – analysts aren’t convinced
• Agentic AI could be a blessing and a curse for cybersecurity

Cisco and ServiceNow have kicked off RSAC Conference 2025 in San Francisco by announcing a new aspect of their seven-year collaboration. It brings together the former’s AI Defense product with the latter’s SecOps, with the companies claiming the integration will provide “more holistic AI risk management and governance”.

Speaking ahead of the announcement, Cisco’s EVP and chief product officer Jeetu Patel told reporters: “We think the hardest thing in the history of security has been with AI – and the largest opportunity in the history of security has been with AI. And you will see as evidence of that right now is attackers are getting far more sophisticated.”

“We need to operate as an ecosystem and make sure that we’re leveraging each other’s strengths,” he added.

For mutual customers of Cisco and ServiceNow, this means an integration between Cisco AI Defense, which it launched in January 2025, and ServiceNow SecOps.

AI Defense will act as an enforcement layer, according to the companies, identifying threats and vulnerabilities specific to AI. SecOps, meanwhile, will bring workflows and automation to allow IT and security teams to respond to the potential issues surfaced by AI Defense.

Commenting on the partnership, Amit Zavery, chief product officer and chief operating officer at ServiceNow, said: “If customers are looking at ways Cisco is helping them and they want service now be part of that integrated solution, we wanted to make sure we do that properly and provide a much more seamless experience for our customers as well, so that we can solve the end to end problem instead of customers having to deal with all those things themselves.

“The work Cisco has been doing around AI security, as well as the broader security portfolio Cisco has, was very attractive to all of us here at ServiceNow, and we've been able to… work together to really create something unique for the customers.”

Patel, meanwhile, said that bringing the two services together “could have an exponential kind of return back to the customer”.

“Virtually every customer in the enterprise is a Cisco customer and a ServiceNow customer. So we already have the customers, they already had invested in both of us. They were interested in making sure that we could help them do a better job at harnessing the investment. So this seemed like a match made in heaven,” said Patel.

“We're going to be very methodical about getting something out, getting it validated in the market, making sure that there's success, and continue to keep innovating on it,” he added.

In terms of availability, organizations that are customers of both companies can expect to make use of this integration from the second half of 2025.

Networking and connectivity giant Cisco has announced the appointment of Oliver Tuszik as its new executive vice president of global sales.

Tuszik will join Cisco’s executive leadership team from April 27, formally replacing Gary Steele, whose departure was first announced by the firm back in February.

A long-time company veteran, Tuszik has spent more than a decade at Cisco and is currently president of its Europe. Middle East, and Africa (EMEA) business. He first joined as general manager of Germany before later spending five years leading global partner sales and route to market sales.

Prior to joining Cisco, he served as CEO of Computacenter, Germany - one of Cisco’s largest partners.

In a blog post, Cisco chairman and CEO Chuck Robbins said Tuszik brings a “global perspective and a proven track record of operational excellence” to his new role.

“Above all, his passion for our customers and partners and their success shines through in all that he does,” he added.

“He will work in partnership with Cisco’s Marketing, Product, and CX organizations to ensure we are building the most innovative products our customers need and help them unlock the power of Cisco’s technology and solutions to achieve their own outcomes.”

Tuszik replaces Gary Steele, who became president of go-to-market following Cisco’s acquisition of his company, Splunk. Prior to the takeover, he served as Splunk’s president and CEO.

Cisco first revealed news of Steele’s departure back in February, stating the seasoned tech executive would vacate the role on April 25 with a view to joining another company as CEO. Steele will now work with Tuszik to ensure a smooth transition, Cisco said.

“I’d like to once again thank Gary for his commitment and engagement during this time of transition,” Robbins added.

“He and Oliver will work closely together over the next few weeks to ensure continuity for our customers.

“I am confident Oliver will continue to drive success for our customers and partners, our people, and for Cisco, and I look forward to seeing all that he and the team will accomplish.

MORE FROM CHANNELPRO

• ‘Here in the European market, I think we are in a good position’: DocuWare CEO Dr Michael Berger on the company’s rapid growth
• Nasuni names former Veracode chief Sam King as CEO
• Datatonic eyes fresh growth drive with new CEO appointment

Cisco has unveiled plans to provide free training to 1.5 million people across the EU as part of a major digital skills drive.

The courses, to be provided through the Cisco Networking Academy, will focus on essential skills such as digital awareness, cybersecurity, data science, IoT, and AI.

The plan also includes training for 5,000 teachers to help them provide both vocational education and training, with modules focusing specifically on platform usability, curriculum alignment, and teaching strategy development.

"Cisco is committed to supporting the EU and our education partners in developing the talent essential for thriving in an AI-driven future,” said Cisco chair and CEO Chuck Robbins.

"This new initiative strengthens our partnership to build a resilient and skilled workforce ready to meet Europe’s digital transformation and AI objectives."

The training for educators will include courses on AI, from basic to intermediate levels, as well as AI’s impact on cybersecurity, networking, and other IT jobs. Some of this will involve existing courses offered by Cisco, which will run alongside newly-customized courses focused on AI.

Meanwhile, another set of modules is designed to equip workers with skills related to the digital transformation, with a particular focus on the automotive and manufacturing sectors.

This new Cisco Industrial Networking curriculum, said the company, will cover topics such as operational and energy efficiency, innovation and connected factories.

Cisco touts long-standing skills support

Cisco has run its Networking Academy for more than 27 years, working with 3,000 partner institutions and over 7,000 educators across the EU.

It's trained 3.2 million students, including providing cybersecurity training to a quarter of a million people as part of the EU’s Cyber Skills Academy initiative.

The tech giant noted its new program is aligned with the EU's Union of Skills, announced last week and aimed at attracting and retaining the skills and talents needed in the European economy.

Improvements are needed in literacy, mathematics, science, and digital skills, it said, with a target of 45% of students enrolled in STEM vocational education and training and 5% in ICT PhD programmes.

"The Union of Skills is our strategy to help people stay ahead in a rapidly changing world and keep Europe competitive and fair," said Roxana Mînzatu, executive vice-president for social rights and skills, quality jobs and preparedness.

"We, in Europe, put people first because the success of every person in learning, at work and in life is essential for competitiveness and for a stable and resilient Union."

The latest skills drive follows a sweeping plan announced last year to help global economies keep pace with AI-related skills deficits.

Unveiled in April 2024, the AI-Enabled ICT Workforce Consortium, which is led by Cisco, saw pledges from a host of tech industry heavyweights to upskill and re-skill workers whose jobs are most likely to be impacted by AI and automation.

Microsoft, Accenture, IBM, Google, and SAP were among the firms to announce support for the scheme.

The consortium will work alongside advisors from the American Federation of Labor and Congress of Industrial Organizations, Communications Workers of America, DIGITALEUROPE, the European Vocational Training Association.

MORE FROM ITPRO

• The UK's best digital skills courses
• Why IT professionals need cross-functional skills to thrive in the modern workplace
• UK's digital skills shortage reaches "all-time high"

Last year, Cisco Live 2024 was my first proper introduction to the company in all its glory and if I’m honest I was somewhat overwhelmed by its scale and breadth.

Fortunately for me, the overriding theme in Amsterdam that year was tightly focused on unifying Cisco’s byzantine product ecosystem under one integrated platform. In 2024, the firm’s foremost storyteller Jeetu Patel, who was EVP and GM of security & collaboration at the time and now is Cisco’s chief product officer, set out his strategy for how Cisco was going to drive value for customers through its platform approach.

I found this to be a compelling vision. Businesses can derive significant value from integrated platforms that help them manage the complexity of their IT estate, as they rush to add various technologies to keep their services efficient and secure while contending with skills shortages that limit their ability to do so.

Fast forward to Cisco Live 2025 and this message was still there. But while simplifying complexity through integration remained a key undercurrent in many of Cisco’s announcements, the focus on the platform felt more implicit this year rather than the central theme of the event. This year’s announcements showed that while the unified approach is important to Cisco, it’s the quality of the networking and security products being unified that’s really the key to its success.

Throughout the event, Patel stressed the importance of the company’s networking and security announcements in the context of Cisco’s wider ecosystem. Take the new N9300 Series Smart Switches, for example, built using Cisco’s Silicon One architecture and now featuring AMD’s Pensando data processing units (DPUs).

These new switches aren’t the first to be equipped with DPUs but Cisco says their unique value comes with the combination of these switches and its existing Hypershield security architecture, something competitors can’t offer.

By combining of these two offerings promises to bring advanced security inspection and segmentation services across a distributed network, giving end-users the ability to embed security at the micro service level.

The convergence of networking and security is something Cisco has always had a strong focus on and this marks a significant milestone towards that end.

Its first forays into networking security were a natural progression from pure networking products] and since then the firm has relentlessly pursued becoming a fully fledged security company with a series of acquisitions. Integrating these security services into the networking side of the business has been a significant focus for Cisco over recent years, and now it looks like this is coming to fruition.

On stage Oliver Tuszik, EMEA president at Cisco, stressed the old adage that today every company is a tech company. Giving it a 2020s twist, he added that every company is now also becoming an AI company – making digital resilience the other side of the coin from business resilience.

Considering the fact that the network is the backbone of any IT estate, consolidating security and networking has always been an easy decision for Cisco, and now it can look to reap the benefits.

Cisco’s bread and butter is still the network – especially for AI

With the complications of AI advancements such as DeepSeek and Operator (OpenAI’s AI agent) will put new burdens on IT teams. Patel predicted that businesses could be using hundreds or thousands of models, and multiple AI agents in multiple different data centers, which will place unprecedented strains on networking infrastructure.

Across the course of the event, Cisco didn’t shy away from showing off a stream of products they were bringing out to address this fact. A new AI server, the UCS C854A M8 fills out a previously missing part of Cisco’s AI data center portfolio with a flexible solution dedicated for training large models.

The company’s Agile Service Networking architecture, Cisco 8000 Series routers and pint-sized Coherent Pluggable Optics, also serve the same aim of helping customers modernize their networks ready for the oncoming wave of AI workloads they envisage running in the near future.

Speaking to ITPro, Bola Rotibi, chief of Enterprise Research at CCS Insight, agreed that this year the explicit references to the platform took a back seat as the firm leant back on its networking bona fides, but she said this was a shrewd move in many ways and highlighted where Cisco really has an edge on the competition.

“I think they’ve made some very smart acquisitions but at the same time I think where they have not lost their edge is that they are the network company and that everything they think about has to be framed in how we help people with all the other pieces," she explained.

“So the story about the network driving AI is a really smart move because it allows them to talk about various technologies from their strength and their focus on the network, I think that’s a really smart move.”

This isn’t to say the platform was completely sidelined, however. Patel cited the platform during the opening as a structural advantage Cisco has that it can use to capitalize on key technological shifts this year, namely DeepSeek’s seismic impact on the AI industry as well as the ongoing fervor around AI agents in the enterprise.

Patel described it as Cisco’s ‘platform advantage’ that ensures that as customers invest in new infrastructure according to these two macro trends they see a compounding value of the platform.

“Every single capability and product that we build should reduce the marginal cost of ingestion of every subsequent product that’s actually going to be ingested by you.”

“We want to make sure that the cost of adopting new technology from Cisco goes down precipitously and it compounds value in the products that you might already have.”

Both Tuszik and Patel expressed that they were “bullish” on the firm's position in the market moving forward, but with financial disclosures to come in the days following the conference they couldn’t elaborate.

It looks like they were right to be confident, however, as the firm raised its annual outlook citing strong demand for AI networking infrastructure with its stock jumping to a 24-year high.

My only concern last year around Cisco’s platform ‘story’ was that there was no mention of how other vendors would fit into this picture, and the company did little to reassure me this year either. The IT ecosystem is defined by heterogeneity and no matter how big, Cisco will need to demonstrate how its platform connects to business solutions from other vendors, and how it will help customers manage this complexity.

MORE FROM ITPRO

• Cisco wants to capitalize on the ‘DeepSeek effect’
• Cisco is jailbreaking AI models so you don’t have to worry about it
• Cisco dispels Kraken data breach claims, insists stolen data came from old attack
• A CIO's trifecta in edge networking: AI, 6G, and security

HPE has hit out at the US Department of Justice (DOJ) over its attempt to block the acquisition of Juniper Networks, suggesting the move is “divorced from reality” and will benefit competitors in the space.

HPE bid $14 billion for Juniper Networks in January 2024, with the deal seen as a play by the networking giant to take advantage of the AI boom. With an eye to market consolidation, European and UK regulators examined the deal, but the acquisition was approved in August.

Despite gaining clearance in European markets, the DOJ lodged a legal challenge to block the acquisition, specifically highlighting the WLAN supply market and arguing that cutting competition will harm innovation.

The legal challenge claimed that by cutting three major players to two - these being HPE, Juniper, and Cisco - the deal will limit options for customers and ultimately lead to higher prices.

At the time, HPE and Juniper released statements disputing the DoJ claims, suggesting the WLAN market was more robust than the lawsuit argued.

Now, in a document filed in response to the DoJ lawsuit, HPE said its tie up with Juniper would give customers a "credible alternative to Cisco", the networking giant that dominates the sector.

Beyond Cisco, HPE points out that Chinese networking giant Huawei is considered a security risk by the US government, so it's in need of other options for infrastructure to resist the use of Chinese technology globally.

The filing says the suit from the DoJ will "will hobble competition with Huawei — which has been repeatedly identified as a national security risk by the U.S. government — and thus damage the US’ stated aim of reducing the use of Chinese technology in critical infrastructure globally."

Why WLAN?

The HPE filing noted that HPE and Juniper are two of ten companies that battle it out in the WLAN space, saying the DOJ description of HPE's dominance in the space is "divorced from reality".

“This is a deal that enhances competition and creates a real challenger to Cisco's dominance,” HPE added.

Indeed, it accuses the original complaint of cherry picking data by describing HPE, Juniper, and Cisco as having 70% share of that market. However, HPE said the DOJ is "conspicuously silent" about the respective market shares, as Cisco holds more than half of the WLAN market and has done so for more than a decade.

HPE added that the regulator is mistaken in its focus on WLAN, explaining that the real motivation behind the acquisition of Juniper is combining its data center routing tools with HPE's storage and compute.

"While WLAN is a component of the overall transaction, it is misleading to suggest that HPE is spending roughly $14 billion to acquire Juniper for the purpose of insulating itself from WLAN competition in the United States, particularly when the WLAN solutions that are the focus of the Complaint comprise only 11% of Juniper’s revenue," the filing noted.

"There are simpler — and significantly cheaper — alternatives for HPE to acquire a single digit market share in the United States in WLAN if that was its primary goal."

In its own defense, HPE's filing quoted a LinkedIn post by industry analyst Shamus McGillicuddy of Enterprise Management Associates.

"The DOJ complaint ignores all other aspects of this deal, including data center switching, routing, firewalls, SD-WAN, network automation. It doesn’t even mention Junos, which execs from both companies call ‘the crown jewel’ of Juniper. The press release calls Juniper a ‘wireless LAN vendor.’ Hilarious."

MORE FROM ITPRO

• Juniper Networks unveils revamped partner program
• “Our cloud works”: Juniper Networks exec fires shots at Cisco’s networking architecture
• HPE bid for Juniper Networks sets it up for battle with Cisco

Cisco’s ‘security everywhere’ mantra has just taken on new meaning with the launch of a series of smart network switches it says will redefine the way firewalls, the old stalwart of cybersecurity, work entirely.

Unveiled at Cisco Live in Amsterdam, Cisco said its N9300 Smart Switches will introduce new capabilities to help businesses defuse some of the lateral movement techniques used by the most sophisticated groups operating in today’s threat landscape.

The N9300 switches are equipped with data processing units (DPUs), that allow the for the deployment of advanced services such as Cisco Hypershield directly into the switching fabric.

Hypershield is a firewalling capability launched by Cisco in 2024 that enables the micro-segmentation of a network, but it required hardware with built-in DPUs, which did not exist at the time.

But now Cisco's souped-up N9300s don’t just switch traffic, they run services like Hypershield with high performance at high throughput rates.

The firm said that as customers upgrade their hardware the combination of its new switches and Hypershield will unlock unprecedented levels of protection at the data center and beyond.

Redefining the firewall

Speaking during a panel session on AI-ready data centers, Tom Gillis SVP and GM of the security, data center, internet, and cloud infrastructure group at Cisco, said the N9330 switches mean the firm is in a position to ‘redefine’ the way firewalls function in modern ICT infrastructure.

“A firewall used to live in a box at the edge of the network. So with Cisco Hypershield we’ve taken that concept and broken it into a million little pieces. So instead of a box you try to shield at the edge, you have the ability to put a micro perimeter at each one of those services that make up an application.”

Gillis explained that Cisco is leveraging its in-house switching ASIC, Silicon One, to enable the performance required to deliver advanced inspection at every connection across distributed applications with minimal orchestration.

“The net of this is that it lets folks like you put firewalls in places you couldn’t even imagine. You don’t have to cable up an appliance, you don’t have to write a bunch of rules, and here’s the best plus: it’s dynamic and upgrading itself.”

Cisco’s unified firewall management system, Secure Firewall, enables automated deployment of firewalls to the cloud that can be managed centrally, scaled up automatically, and are ‘self-healing’.

‘Self-healing’ refers to the fact that if the firewall detects any type of failure, Cisco Security Cloud will take that image down, redeploy a new image, and sync it back with the cluster.

Automating the deployment, scaling, and upkeep of these appliances will be increasingly important if firms are to rigorously segment their increasingly distributed and fine-grained application ecosystems, which are often made up of thousands of microservices running across multi-cloud services.

Neutralizing the Typhoon

Cisco emphasised that this is a significant step forward for the securing applications, and network security more broadly.

In recent years, state-sponsored threat actors have been found targeting complex vulnerabilities in network infrastructure and using that to establish persistence on sensitive enterprise and government networks.

The various groups tracked under the Typhoon moniker in Microsoft’s threat actor taxonomy - and thought to be based in China - have been responsible for a number of highly sophisticated attacks on critical national infrastructure and government institutions in the US.

In December, a senior White House security official confirmed that the Salt Typhoon group was able to record conversations of senior political operators in the US after hacking several major telecom providers in the region.

Last month, the Treasury imposed sanctions on several Chinese firms accused of having some role in recent cyber intrusions attributed to the Flax Typhoon group.

Speaking to ITPro, Martin Lee, technical lead of security research at Talos, Cisco’s threat intelligence arm, described this type of activity, noting that threat actors have been observed using complex techniques to compromise network devices and using these as ingress points on the network.

“If you can find your way in through the network infrastructure, you can then get inside of your environment and use that target device as a platform to launch attacks against the target systems,” he explained.

“This kind of threat actor and this kind of activity underlines why getting the network architecture and segmentation right is so important. If they’ve managed to compromise one environment, you’re forcing them to do work to compromise the other one and it’s that work that is the noise that you can detect.”

MORE FROM ITPRO

• Cisco is jailbreaking AI models so you don't have to worry about security
• Networking is still king as Cisco polishes its network capabilities
• Cisco's 'savvy' CoreWeave deal will supercharge its AI ambitions

Cisco has launched a new AI Defense security solution it says covers the entire range of potential LLM security threats to help businesses implement generative AI across their organization with confidence.

As firms rush to deploy generative AI tools, be that through internally developed models, customized APIs, or external applications, they significantly increase their attack surface – and Cisco is targeting new demand for holistic LLM security.

Cisco’s new AI Defense platform uses a combination of its existing cloud-based security expertise alongside the latest research to protect organizations against the misuse of AI tools, data leakage, and new LLM jailbreaking techniques.

With respect to tackling the dangers of shadow AI, AI Defense leverages Cisco’s Secure Access product to prevent employees from accessing unsanctioned AI tools and misusing authorized systems, as well as protecting them from accidentally introducing confidential company information into these external models.

But the challenge of securing internal AI systems from external threats is equally pressing for businesses looking to leverage generative AI.

New LLM jailbreaking techniques such as Deceptive Delight, Skeleton Key, Low-Resource Languages, or context window overload have all exposed relatively simple ways in which attackers can manipulate the security guardrails of popular LLMs.

Speaking to ITPro, DJ Sampath, VP of product, AI software and platform at Cisco, said the problem is even worse once companies start to customize the models for their organization, meaning IT teams need to continually reassess the integrity of the model and overlay additional guardrails.

“Each time you want your models to behave a little bit better with the data that you have, you start doing some fine-tuning, you’re changing the state of the model. You don’t know with that fine-tuning if you are knocking off some of the internal guardrails or not,” he explained.

“The only way you know that is by doing model validation over and over again. That’s one of the core pieces of Cisco AI defense, which ensures that even after a fine-tune the model is not changing and, then if it has changed, you have the ability to protect it using guardrails.”

Cisco looks to establish itself as a knowledge leader in LLM security

Sampath said Cisco is able to protect models from the latest jailbreaking methods by leveraging research from a recent acquisition it made last year.

Cisco acquired security startup Robust Intelligence in August 2024, which soon afterwards published a paper on its pioneering approach to LLM jailbreaking called Tree of Attacks with Pruning (TAP).

The TAP method is essentially an automated method for generating jailbreaks for LLMs without requiring access to its internal mechanisms, Sampath explained, noting that once it identifies a weakness it digs down to uncover every possible way in which an attacker could compromise the model using this vulnerability.

He added that the team published another paper on potential techniques that could be used to jailbreak a chain of thought or reasoning model, which he said requires a fundamentally different approach.

Sampath said such is the quality of this unit’s research that they are collaborating with bodies including NIST, MITRE, and OWASP to come up with standards to define how the industry should approach AI security.

He argued this gives Cisco a privileged position to establish itself as a knowledge leader on LLM security, and help the model makers themselves shore up their products.

“We, Cisco, now have a seat at the table with these standards organizations. Not just that we’re influencing it but we’re able to publish some of this bleeding edge research and that research feeds into making these models better.”

Cisco AI Defense is still currently in private beta and will be available in March 2025.

MORE FROM ITPRO

• Cisco wants to capitalize on the ‘DeepSeek effect’
• DeepSeek R1 has taken the world by storm, but security experts claim it has 'critical safety flaws' that you need to know about
• What is hackbot as a service and are malicious LLMs a risk?

DeepSeek’s shock introduction has had a massive effect on the adoption and development of generative AI models in the business landscape, and Cisco feels it has a significant advantage in capitalizing on this.

Speaking at Cisco Live 2025, its annual EMEA conference in Amsterdam, Jeetu Patel, EVP and chief product officer at Cisco said this is a massive opportunity for the firm from both a network infrastructure and security perspective.

Patel said the arrival of DeepSeek was one of two “seismic developments” that have taken the industry by storm, the other being OpenAI’s foray into the world of agentic AI with its Operator solution.

The DeepSeek effect, according to Patel, is that the cost curve for AI deployments has plummeted in terms of the resources it takes to train a model, and as a result the number of models in use in business is about to skyrocket.

“You won’t just have tens of models, you might have thousands of models and this will actually have massive implications on security and safety,” he predicted.

This broad industry shift will expand every organization’s attack surface, according to Patel, introducing a host of new potential threats and piling added strain on businesses’ IT infrastructure.

Cisco aims to capture new industry demand in both of these areas, firstly in the infrastructure space with a new AI server, the UCS C854A M8.

This is a modular system based on Nvidia’s MGX reference architecture that can accommodate anywhere from two to eight GPUs according to the user’s needs and budget constraints.

The UCS C854A M8 is available in a number of configurations, supporting a range of Nvidia GPus and CPUs from AMD, and will fill a gap in its AI infrastructure portfolio for model training.

With the new UCS Cisco looks to fill out its AI infrastructure, joining its recently launched AI PODs solution, aimed at providing flexible, cost efficient generative AI deployments.

Network and security expertise will be essential in managing safe AI deployments

In a panel session following the opening keynote, Patel said the implication of the joint DeepSeek and Operator effects is that business networks are going to have to deal with a whole different new volume of traffic.

He raised Cisco’s in-house network architecture, Silicon One, as a key area where Cisco is well-positioned to exploit new demand AI workloads will place on businesses.

Another aspect to the industry’s ongoing agentic shift is the fact that ensuring these systems are secure and managed effectively.

In addition to its existing network monitoring and access solutions, Cisco recently released its own generative security solution, Cisco AI Defense, that promises to safeguard both the development and use of generative AI applications in the enterprise.

The system can restrict access to external AI applications, helping reduce risks posed by shadow AI, or monitor and manage how users are engaging with these platforms.

On the other hand, Cisco AI Defense has a vulnerability testing function that can identify if your organization’s internal AI applications have any security weaknesses or privacy concerns.

Speaking to ITPro, DJ Sampath, VP of product for AI software and platform at Cisco, said customers are increasingly looking at using both external AI applications and deploying these systems internally. As such, an end-to-end system that covers both of these spheres is vital.

He argued that as firms look to take advantage of open source models available on platforms like Hugging Face, it’s integral that these organizations are able to put the right security, safety, and privacy guardrails in place before deploying them inside their environment.

Sampath claimed it is Cisco’s network security expertise and its new strengths in securing AI systems that puts it at a significant advantage for the company in light of these recent transformative events.

“The biggest advantage that Cisco is going to have is, from an AI safety and security perspective, we’re able to position ourselves where we’re seeing everything on the network, we’re enforcing everything on the network. We have the fabric of the network to do that,” he explained.

“In addition to enforcing things at scale, we are validating these models at scale. So both of those [capabilities] provide us with a very unique way of being able to provide value to our enterprise customers.”

MORE FROM ITPRO

• Cisco Live EMEA 2025: All the news and updates as they happen
• Stargate project: OpenAI, Oracle pledge support for $500 billion AI infrastructure drive
• Huawei targets ‘intelligent industrial transformation’ with AI-ready infrastructure

Cisco has pushed back on claims it has been breached in a new ransomware attack after a threat actor exposed sensitive information allegedly stolen from the firm’s internal network.

The Kraken ransomware group posted the information, which according to reporting by Cyber Press contained credentials linked to Cisco’s Windows Active Directory environment, to its dark web leak site.

This data was said to include privileged administrator accounts, NTLM hashed passwords, as well as the domain’s Kerberos Ticket Granting account that could have been leveraged to forge authentication tickets.

The post was accompanied with a threat of potential future attacks on the network and security giant and a suggestion that Cisco had been attempting to remove the group from the network unsuccessfully.

Jamie Akhtar, CEO and co-founder of CyberSmart, outlined the potential damage cyber criminals could inflict leveraging the sensitive information the Kraken group claimed to have taken.

“Hypothetically, the data leaked could allow cyber criminals to do a number of potentially damaging things. For example, the domain controller credentials could allow hackers to escalate privileges within Cisco’s network, more across networks within its wider infrastructure, and access and steal sensitive data.”

But Cisco has issued a statement claiming the ‘exposed’ credentials were taken from a historic data breach which occurred around two and a half years ago.

"Cisco is aware of certain reports regarding a security incident. The incident referenced in the reports occurred back in May 2022, and we fully addressed it at that time. Based on our investigation there was no impact to our customers."

Cisco breach incident dates back to 2022

During the incident in question, attackers took control of a personal Google account that had Cisco employee credentials, according to a Cisco report on the attack published in August 2022.

After conducting a series of advanced voice phishing (vishing) attacks to bypass MFA protections, the attacker was able to gain access to the target user’s VPN.

Once they gained initial access, the attacker looked to establish persistence on the network while evading detections and escalate their privileges.

Cisco said it was able to successfully remove the intruder, who made a series of unsuccessful attempts at regaining access in the following weeks.

It added that its CSRIT and Talos teams did not identify any evidence to suggest the attacker was able to access ‘critical internal systems’ such as its production environment or code signing architecture, for example.

At the time, Cisco declared it believed the culprit to be an initial access broker (IAB) linked to the group tracked by Mandiant as UNC2447, known for its use of the FiveHands malware, as well as the Lapus$ threat collective and the Yanluowang ransomware operation.

MORE FROM ITPRO

• AI cybersecurity robs attackers of their advantage, Cisco claims
• Cisco just launched a $1bn investment fund for AI startups
• Integration, everywhere, all at once at Cisco Live 2024

Goedemorgen and welcome to ITPro’s live coverage of Cisco Live EMEA 2025.

Today we’re gonna be given an inside look at all of the latest updates Cisco has made across its product lines in networking, security, and collaboration, with AI sure to feature heavily too.

We have a busy day here at the RAI Amsterdam Convention center with the opening keynote set to kick off at 9am CET, so make sure to stay tuned for all the announcements as they happen.

It’s a cold blustery day here in Amsterdam with a rather frigid flurries of snow last night. It looks like none of the snow has stuck, however, and everything is up and running for today’s main event: the opening keynote, due to start in just under an hour.

This morning we’ll be hearing from Oliver Tuszik, president of EMEA, as well as a raft of other Cisco execs including Jeetu Patel, EVP and chief product officer; Martin Lund EVP of the Common Hardware Group; and Anurage Dhingra, SVP and GM of Campus Branch and IIoT Networking & Collaboration.

Tom Gillis, SVP and GM of the Cisco Security, Data Center, Internet, & Cloud Infrastructure Group at Cisco and Kamal Hathi, SVP and GM at Splunk, will also be joinging Tuszik and the rest of the team = on stage today to talk all things Cisco.

While we wait for things to get started why not check out some of our previous Cisco coverage that will put today's announcements in context.

• Cisco just announced a major overhaul of its partner program – here’s what you need to know
• Cisco’s ‘savvy’ CoreWeave deal will supercharge its AI ambitions
• Cisco to cut thousands of roles in second batch of layoffs this year
• Why AI matters so much for where Cisco goes next

Yesterday the press were given an inside look at what it takes to get the RAI convention center up and running for the more than 17,000 attendees who have descended on Amsterdam to learn all about what CIsco has been up to over the last year, and what there is to look forward to for the rest of 2025.

Joe Clake, distinguished services engineer at Cisco, walked us through some of the key figures that go into setting up the impressive WiFi network that keeps all 17,000 connected and able to access super fast speeds while in the conference hall.

Clarke said Cisco brought 500 of their own switches for the job, and has set up more than 600 access points across the exhibition center. The team are continually redeploying extra units using a custom-built network mapping tool that identifies low coverage areas or spots that need extra density.

For example, the team deployed extra high density coverage over the keynote hall to support the roughly 6,000 attendees when they file into the auditorium, which is expected to take place in just under an hour.

This year the entire network is operating on WiFi 7, Clarke said, although there is a backup network for those using legacy devices, and Cisco has transitioned the majority of the traffic to IPv6 also.

As has become rather typical for these big conferences, things are running a little behind schedule and 9am has passed with little fanfare here at the RAI.

There are still long queues outside the exhibition center, luckily the press are allowed in early.

The buzz is definitely building here in Amsterdam, with lots of attendees swirling around the lobby area.

We’re inside the auditorium and the seats are relatively empty but I expect that to change very quickly.

The obligatory DJ is playing something mercifully light on the bass, something that cannot be said for last year’s playlist.

Ok that was very quick, a torrent of attendees has flowed into the auditorium and we are getting closer and closer to capacity. Hopefully we will be getting under way imminently.

I have spotted Oliver Tuszik, Cisco’s EMEA president, who will be opening the keynote today so that is a good sign.

A literal sign has also popped up with the 'five minutes to go' message, confirming my suspicions.

Tuszik will be outlining the theme of today’s proceedings. The explosion of interest in AI, sparked by the introduction of popular generative AI solutions beginning with ChatGPT in 2022, is reshaping the world of the enterprise, and Tuszik and his colleagues will be discussing the products Cisco is introducing to help its customers adapt to that changing world.

This means making sure customers can meet the changing demands of enterprise AI adoption, monetize the services that spring up in this landscape, and deliver them securely.

But generative AI has also had knock on effects for Cisco's other business segments, with many of the anticipated updates related to how businesses will need to transform for the an era of AI..

Things look like they are getting underway with a very intense piece of video intro running through the rapid explosion of generative AI over the last three or so years, and positioning Cisco as ‘changing the game’ for businesses across sectors.

The old tagline “every company must be a technology company” now becomes “every business must become an AI company”.

Our master of ceremonies, Oliver Tuszik is opening up today's keynote from the crowd, and is now approaching the stage.

Tuszik goes through the usual pleasantries on the RAI’s panoramic stage, doing his best to engage each section of the crowd, he’ll certainly be getting his steps in today.

Tuszik drops the fact that this year Cisco is celebrating its 40th birthday, greeted with a congratulatory applause from the crowd.

He describes Cisco's humble beginnings on a university campus connecting two networks together, evolving from the network as infrastructure to the network as the integral platform for all businesses.

Tuszik blasts through some of technology industry's major eras, with IoT and Cloud described as concrete moments that had differing impacts on the role of the network.

Now with AI, Tuszik says the speed of innovation is "nowhere near anything we've seen before", especially in the lat eight months. He notes that it looks like this innovation is only going to continue to accelerate.

Tuszik is now espousing the importance of experts, citing Cisco's CCIEs. He asks for any attendees who've been CCIE over 25 years.

He finds one whose name I did not catch, but became certified in 1993 and says he was one of the first CCIEs certified worldwide, impressive.

Tuszik promises that Cisco will never stop investing in its certified engineers.

Tuszik cites some Gartner research on the size of the ICT market worldwide, which in some areas of the world is growing faster than GDP.

He falls back to the claim that every business in the world will become a tech company. But this will not be easy he says, there will be big shocks in operational cost, digital transformation strategies , and navigating these changes sustainably.

Moving onto AI, Tuszik concedes that there were some aspects of the AI boom that were 'overhyped', but claims that we are now moving out of this hype cycle and the real value of AI is being revealed.

The industry is emerging from the tunnel of disinformation swirling around AI, Tuszik says.

He cites Cisco's research that found 97% of CEOs plan AI integration but 80% worry gaps in their understanding will hurt their strategic decision-making, and risk falling behind the competition.

Skills gaps, infrastructure challenges, "the complexity you have to deal with is mind blowing", Tuszik warns, and there are not many people you can hire to help remedy this problem.

"This is the main reason everybody is looking for standardizations. Moving away from best of breed and towards automation."

Tuszik says Cisco are committed to helping busisses in three key areas picured below.

He says that if Cisco fails to help businesses meet their challenges in these three areas it is not meeting its standards.

Tuszik says last year the company committed to its platform approach, promising to become more integrated and more open in a landscape where businesses are reliant on a multitude of digital services and hardware.

As Tuszik mentions platform, its only right he gives way to Jeetu Patel, EVP and chief product officer at Cisco, who is the platform tsar at Cisco who is now onstage and for some reason praising Tuszik's dance moves.

Patel is walking through some of his core philosophies when it comes to product, firstly that quality is 'priority zero'.

He notes that Cisco has had some products that perhaps have not lived up to this mantra in the past, but the firm is relentlessly focused on ensuring every one of their products 'just works'.

He also says Cisco wants to think asymmetrically about the market. Rather than thinking linearly that follows trends Patel wants Cisco to make sure that it isn't playing catch up and actually leapfrogs the market in a way that will redefine how Cisco is not just 10% better than 'our' competition but 10% better than 'your competition'.

With that in mind, Patel now moves on to talking about some recent trends he thinks will have substantial impact, or seismic shifts, on the market going forward.

First is the DeepSeek effect, which means that cost is going down precipitously and as a consequence businesses won't just have tens or hundreds of models, but they might have thousands.

Next is the operator effect, essentially the agentic shift of AI, where users wil be able to get computers to ensure tasks are completed autonomously.

These seismic shifts will introduce new challenges Patel says including what infrastructure looks like, and what the risk looks like attached to these new technologies.

Patel says that Cisco want to leverage three areas in which it believes it has key advantages over the market to help businesses meet these challenges.

These are the platform advantage, silicon advantage, and an AI advantage.

Patel now wants to talk about products, he runs through Cisco recent innovations including its dedicated AI PODS and its Nvidia AI server.

Patel announces the Cisco UCS C854A M8 server which is a flexible AI server using Nvidia MGX reference architecture with a modular design that can be scaled from 2 - 8 GPUs, giving businesses flexibility when it comes to their AI spend.

This is met with some applause and I expect we will hear more about this later where we will get a bit more of a deep dive on this.

Patel quickly moves on to another announcement two new Cisco N9300 Smart Switches with Hypershield.

These are two switches, one that is an on-ramp and the other a top-of-rack switch that feature data processing units (DPUs) built int, meaning that not only do they just switch traffic but they also enable running advanced services such as Cisco's firewalling capability Hypershield directly on the fabric of the network.

This brings Patel to the concept of the Cisco Hybrid Mesh Firewall which uses the N9300 smart switches with Hypershield integration businesses can meet the needs of today’s threat landscape.

It means that businesses can leverage the latest cloud security frameworks, as well as third party firewalls to give a distributed fabric in a hybrid mesh firewall that can be managed through a single pane of glass, being Cisco's Security Cloud Control system.

This, he adds, is available now.

That was an incredibly quick whistle stop tour of some pretty big announcements, and to dig deeper in the impacts of these systems Patel brings on Tom Gillis, SVP and GM of the Cisco Security, Data Center, Internet, & Cloud Infrastructure Group at Cisco.

Gillis says this new category of smart switch is the most exciting announcement Patel just made, describing it as the dream of many years.

The addition of the DPUs means businesses can combine a security processor and network processor in one device.

"We want to put controls around the services that surround an application" meaning every microservice gets its own perimeter with an individually configurable layer 7 firewall.

This does sound like a very significant improvement for businesses that are able to take advantage of these smart switches.

One major recent trend we've seen over the last decade is that applications are increasingly distributed and fine-grained, often running across multi-cloud data centers, and are composed of hundreds of thousands of microservices

Recent threat landscape activity from state-sponsored groups like Volt Typhoon show that the era of blind trust is over. Businesses need to validate and inspect every single connection running across distributed applications.

DPUs on the N9300 switches mean users can embed inspection functions onto the fabric of the network via Hypershield, and this is one component of Cisco’s Hybrid Mesh Firewall

Hybrid in that Cisco is also introducing cloud-native integrations so this solution can be deployed natively into all of the different cloud environments regardless of provider (AWS, Azure, Google).

Combines with eBPF to give organizations deep visibility into workloads in the extended network, external workloads, allowing for autonomous segmentation and distributed exploit protection to prevent cyber intruders from moving laterally.

Cisco says it is committed to an open ecosystem, so the mesh firewall will also support third-party firewalls as enforcement points.

"Keep your infrastrucutre", Gillis explains, stating that Cloud Control will sit as the umbrella over these systems and takes control of all of your old tools, and as you modernize you can start to introduce this more advanced infrastructure and "put security inplaces you couldn't imagine".

That's it from Gillis who almost sprints back off the stage.

Now Patel is moving onto securing AI itself, and Cisco's recently launched AI Defense system.

AI Defense was introduced three weeks ago and helps businesses protect their generative AI systems, be that external applications of internally developed tools.

AI applications have introduced a new attack surface for threat actors to target, as well as introducing risk in terms of misuse in the workplace

AI defense is an end-to-end solution that protects both the development and use of generative AI applications.

In terms of external generative AI applications, AI defense allows security teams to discover what generative AI tools people are using and how they are using them. In some businesses using external generative AI tools is banned so this can help them detect their use and block it, or for traffic that is allowed businesses can watch the interactions to ensure the tool is being used responsibly.

For internal generative AI developments, AI defense can help conduct vulnerability tests on the application. The user can configure policies to protect them, for instance prompt injection. Or they can introduce privacy guardrails to protect the model from seeing sensitive information, or safety guardrails to stop the model from outputting dangerous or harmful content.

To talk about AI Defense a bit more, Patel brings on DJ Sampath, VP of AI product at Cisco, who is going through a quick demo of how model companies validate models, and how AI defense speeds up this process.

Sampath explains that AI Defense shrinks the validation time, that would normally take a model maker seven to ten weeks but with Cisco AI Defense this process takes just minutes.

Sampath explains that businesses can configure their access policies for external AI, but also their privacy and safety guardrails for internal systems which can detect and block violations at runtime.

Deepseek gets a mention as it has recently been widely covered that the model is particularly vulnerable to jailbreaking.

Sampath says Cisco used its jailbreaking techniques that are integrated into AI Defense's vulnerability testing system to put Deepseek through its paces and found it was vulnerable to 100% of the attack methods the system implemented.

That's it from Sampath, and Patel changes pace with some announcements for Cisco's connectivity range and reimagining the workplace.

He announces a a series of new Cisco of new access points, specifically designed to work with WiFI 7.

He rolls a video featuring SAP with over 250 offices around the world, and expects having upwards of 350,000 devices, including IoT devices on its network.

The SAP spokesperson says using CIsco's switches and access points it has been able to make its network simpler, using Cisco's zero friction to improve their trust access policy, ensuring that all trusted devices have access to corporate resources.

Cisco is extending its its zero trust network access (ZTNA) offering with Hybrid Private Access that will optimize the office experience without compromising data privacy.

This comes in conjunction with Policy Assurance, which will enable enterprises to predict and prevent policy-related access disruptions.

This universal ZTNA of features deeper integrations with Google Chrome for the enterprise meaning unmanaged devices can be used more seamlessly, where third parties (contractors for example) don’t need to install additional software to gain access to their applications

This sounds like a very useful feature and will protect users as they connect to applications. It takes the traditional concept of zero trust access that centers around people and managed devices connecting to modern applications that will support one of these zero trust gateways,

Cisco claims its taking zero trust to the next level adding the capability to connect any user on any device in any location to any application.

Patel invites Colin Bannon, CTO at BT Business Services on stage to talk about how they have reimagined their workplace.

Bannon says as a CTO one thing he has learned to be true is that digital resilience is business resilience, and that without the network there is no plan B.

Bannon lists a series of critical organizations that rely on BT networksm, powering national critical infrastructure, and as such described Cisco as its fundamental partner underpinning this relationship.

He discusses redesigning the firm's offices, explaining it carried out persona-based designed according to apps, things, and people, baking in resilience to ensure that every aspect of the business as resilience and it can serve its customers reliably.

Asked what's next, Bannon says CIOs he's talking to are very afraid of shadow AI and byod, and having a network that can manage this access in an efficient way is essential.

Businesses need these fine-grained controls, Bannon explains. He also touches on the importance of AI-ready networks, making sure the network can stand up to unexpected spikes on the network and ensuring they are ready for unprecedented AI adoption.

Patel now wants to talk about Cisco's new optics system.

Patel says using Cisco's new optics opt, the size of a USB drive, which businesses can use to replace their entire optical system.

This promises to bring bring power efficiencies and latency gains.

Martin Lund, EVP of Common Hardware Group at Cisco, and also inventor of the layer three networking.

Lund explains that it's it is going to be very hard to predict AI traffic, as companies can stand up new models all the time. Deepseek only accelerated this problem, and as such service providers need to be more flexible and agile and simplifying or converging their optical system will go some way to addressing this challenge.

To finish off today's keynote, Patel wants to talk about resilience and some of the new strides Cisco is making to help businesses stay resilient today.

Firstly, he announces ThousandEyes Traffic Insights which will provide deep visibility over network network traffic and not only identify suspicious suspicious behavior or potential disruptions but accelerate remediation too.

ThousandEyes Traffic Insights will be available in March, Patel announces

Finally, Patel announces the integration of its wireless arm Meraki with its XDR solution. This will mean organizations can feed their Cisco XDR with telemetry directly from their Meraki MX appliance.

As such XDR incidents will populate their Meraki dashboard and the administrators will have better visibility to take quick action against potential threats.

With that, Patel passes over to Tuszik, who joins us from via video link. He is on the floor of the exhibition center, which Cisco dub the World of Solutions.

Tuszik takes care of the closing ceremonies and brings the opening keynote to a close.

That was a veritable whirlwind of announcements and Cisco really packed a lot in to time they had.

Here's a quick summary of the biggest announcements from today's presentation:

• Cisco UCS C854A M8 server – AI server based on Nvidia's MGX reference architecture featuring a modular design to give organizations flexibilty and cost efficiency for their AI deployments.
• Cisco N9300 Smart Switches with Hypershield – first of their kind smart network switches featuring onboard DPUs to power advanced services directly on the network fabric.
• Cisco Hybrid Mesh Firewall – series of new advanced capabilities enabled by the N9300 Smart Switches that allow fine-grained control across distributed networks and various microservices.
• AI defense – Cisco's end-to-end solution for locking down generative AI use and development in the enterprise.
• Universal Zero Trust Network Access – extended ZTNA offering with hybrid private access to optimize office experience without compromising data privacy.
• Meraki MX integration with Cisco XDR – Merkai telemetry will now directly feed into Cisco's XDR which will populate incidents in the Meraki dashboard
• ThousandEyes Traffic Insights – unified solution offering deep visibility into how network traffic the performance of the network

We hope you enjoyed today's live coverage on the from the ground at Cisco Live EMEA 2025. Stay tuned for more great coverage from ITPro diving deeper into the announcements and what they mean for businesses around the world.

Cisco has rolled out software updates to address a pair of critical vulnerabilities in its Identity Services Engine (ISE) that could let hackers take over devices and access data.

The flaws affect Cisco ISE and Cisco ISE Passive Identity Connector, versions 3.0 to 3.3, but not 3.4. A workaround is not possible, so a software upgrade is required.

Cisco said in its support pages that the vulnerabilities aren't dependent on each other, so can be exploited separately. To take advantage of the flaws, an attacker would require "read-only" administrative credentials.

The first flaw, with a 9.9 critical rating, is in an API for Cisco ISE. The company explained this vulnerability was due to "insecure deserialization of user-supplied Java byte streams by the affected software".

"An attacker could exploit this vulnerability by sending a crafted serialized Java object to an affected API. A successful exploit could allow the attacker to execute arbitrary commands on the device and elevate privileges," the advisory noted.

The second vulnerability is also in a Cisco ISE API with a 9.1 critical rating.

"This vulnerability is due to a lack of authorization in a specific API and improper validation of user-supplied data," the company said.

"An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device," the company added. "A successful exploit could allow the attacker… to obtain information, modify system configuration, and reload the device."

Cisco issues free patch for customers

Cisco advised that companies with service contracts will receive the security patches through their usual update channels, but added that it had released a free update that's available for everyone.

The company thanked a set of Deloitte researchers for reporting the flaws, which aren't believed to be in use by hackers in the wild yet.

"The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory," the company said, referencing its Product Security Incident Response Team.

At the end of last year, hackers claimed to have successfully hoovered up key data from Cisco that was left public on the internet following a misconfiguration, including ISE details.

At present, there is no connection between that incident and the flaws spotted by security researchers.

MORE FROM ITPRO

• Everything you need to know about Cisco
• Cisco thinks AI is 'changing everything' - including cybersecurity
• New $1 billion AI investment fund launched by Cisco

An ever-increasing and concerning array of wireless networking equipment is now being used to track employees around the office, according to new research.

A study from Cracked Labs found that technology vendors are using wireless networking infrastructure to pinpoint the location of devices such as smartphones, laptops and so on, in order to track their location.

That is paired with Bluetooth beacons linked to access badges, security cameras, video conferencing systems, and even environmental sensors to understand employee behaviour, alongside more obvious tools such as motion sensors under desks.

The report specifically highlighted the monitoring activities of networking giants Cisco and Juniper Networks, as well as Swiss firm Locatee and European company Spacewell.

Cisco, for example, offers a product that makes use of Wi-Fi access points and other existing IT infrastructure to understand how people move throughout a building.

The report pointed to Cisco marketing material on the product, which claims it can enable companies to ”gain insights into how people and things move throughout their physical spaces” and “understand the behavior and location of people (visitors, employees) and things (assets, sensors)”.

“Companies can get a 'real time view of the behavior of employees, guests, customers and visitors' and 'profile' them based on their indoor movements in order to 'get a detailed picture of their behavior',” the report added.

Cisco hadn't replied to a request for comment at the time of publication.

Big Brother is watching

In one Cisco example, tracking 138 people via 11 Wi-Fi access points generated several million location records, the report said. That allows the company to track where each device is in the building — as well as the employees who carry them.

Beyond Wi-Fi, researchers said Cisco's systems also tap into security cameras, WebEx video conferencing, and make use of linked apps.

According to the report, the purpose depends on the nature of the company. Retailers or restaurants, for example, can use the tools for behavioral profiling to offer personalized recommendations, or merely to understand where and when to clean.

In offices, companies can better understand desk usage — helpful during the shift to hybrid working — but also track IT assets to ensure they don't leave the building.

While those use cases may feel innocuous, the systems are also promoted as being able to measure "behaviour metrics" to aid internal campaigns to change employee behaviour and to understand "employee behaviour that affects performance."

In one example using technology from Juniper Networks, it was possible to see how long employees spent in break areas and kitchens.

Function creep

Even if the aim is useful, researchers warned such systems come with risks.

"Tracking and analyzing employees’ desk presence, indoor location and movements represents intrusive behavioral monitoring and profiling," the study said.

"Even if employers analyze the data only at the aggregate level, they process extensive personal data on employee behavior.

"Once deployed in the name of 'good', whether for worker safety, energy efficiency or just improved convenience, these technologies normalize far-reaching digital surveillance, which may quickly creep into other purposes."

The report is part of wider work into surveillance in the workplace, run by a team of researchers at Cracked Labs alongside partners at AlgorithmWatch, academics at the University of Oxford, and EU and Austrian trade unions.

The report marks the latest batch of research into the rise of workplace monitoring, which has been growing in frequency across a range of industries.

A study in November revealed one-in-five workers is now being monitored by an activity tracker of some kind, and it’s having a significant negative impact on employee morale.

Tracked employees are 73% more likely to distrust their employer, and twice as likely to be job-hunting as those who aren’t tracked in their workplace, the study noted.

The issue reached such an extent that the UK’s Information Commissioner’s Office (ICO) issued fresh guidance on the practices last year. The data watchdog urged businesses to “consider workers’ rights” when introducing workplace monitoring tools.

This advisory was issued alongside a survey conducted by the ICO which found seven-in-ten respondents found workplace monitoring practices to be “intrusive”.

Cisco has announced a major overhaul to its partner program, looking to boost the value partners bring to customers by addressing their evolving needs.

The new Cisco 360 Partner Program will connect partners’ success to how they meet customers’, with a focus on AI workloads, modernizing infrastructure, and bolstering cyber resilience.

Cisco said it overhauled the initiative in collaboration with partners and customers, adding it will provide guidance and support during the 15-month transition period before the program’s launch in February 2026.

Cisco 360 is billed as a strategic shift in Cisco’s partner ecosystem, redefining who value is measured over transactions and how partners address customer requirements.

“To further strengthen what is already a world-class partner ecosystem, this new program allows us to recognize and reward successful partners and better address the evolving needs of our customers,” said Elisabeth De Dobbeleer, SVP of the Cisco Partner Program.

“Our goal is to transform partner success, elevate Cisco partners, and upgrade the partner experience to align with Cisco's strategic vision.”

Cisco wants to redefining partner value

The Cisco 360 Partner Program will feature three core objectives, the first of which is redefining partner value through a simplified framework that recognizes the various ways partners can add value for customers.

Cisco said partners will be rewarded based on how their business model supports lifecycle and managed services, skills investment, customer base expansion, and engagement across the customer-partner ecosystem.

The stature of partners will also be elevated as Cisco moves to two designations, Cisco Partner and Cisco Preferred Partner.

Partners will be able to ‘earn’ these designations for each portfolio such as networking or security.

The program will also look to help partners differentiate their market standing through the development of specific expertise, continuing to shift from Architecture Specializations to Solution-Based Specialization.

In addition, Cisco also announced its first specialization focused on AI – the Cisco AI-ready Infrastructure Solution Specialization – to help partners become experts in delivering AI-ready infrastructure, security, and observability solutions to customers.

Cisco announces $80 million skills investment

Alongside the unveiling of Cisco 360, the firm also announced a $80 million skills investment, which will look to improve competencies and provide the tools needed to compete in the market.

The investment will include $60 million to support qualified partners with benefits such as all-access to Cisco’s digital learning platform Cisco U, as well as $20 million to fund quarterly training events for all partners.

This training will focus on AI, security, and networking, providing self-paced learning, hands-on labs, and continuing education credits.

Rodney Clark, SVP of partnerships and small and medium business at Cisco, said the investment is centered around giving customers the proficiencies needed to harness new technologies and achieve their business objectives.

"Today, it's about helping customers unlock the power of technology to achieve their business outcomes. That's the foundation of the Cisco 360 Partner Program. Whether through lifecycle practices, technical capabilities, or managed services, partners can drive profitable growth with our new value-based program,” he explained

“With a 15-month transition, partners have time to prepare and maximize their potential in [the] Cisco 360 Partner Program.”

Cisco has closed public access to one of its third-party developer environments after threat actors successfully stole data from a public-facing DevHub environment.

On 14 October, the prominent threat actor IntelBroker posted on BreachForums that they compromised data including source code, hard-coded credentials, certificates, API tokens, private and public keys, AWS private buckets, Docker builds, and Azure storage buckets as well as GitHub and GitLab projects.

The listing also claimed to have access to confidential documents and premium products belonging to Cisco.

IntelBroker listed a number of companies that had their production source code taken during the attack, including Verizon, AT&T, Bank of America, Barclays, British Telecoms, Microsoft, Vodafone, Chevron and Charter Communications.

On 15 October, Cisco announced it was investigating reports that a threat actor had claimed to have gained access to data belonging to Cisco and its customers.

The firm updated this advisory on 18 October, confirming that the data the unauthorized actors gained access to was hosted in a public-facing DevHub environment used as a resource center for community support.

“At this stage in our investigation, we have determined that a small number of files that were not authorized for public download may have been published,” the statement added.

“As of now, we have not observed any confidential information such as sensitive PII or financial data to be included but continue to investigate to confirm.”

Evidence points towards compromised third-party as Cisco maintains none of its systems were breached

IntelBroker, a Russia-based Serbian hacker, has been active in the black hat community since October 2022, and came to prominence after their attack on US food delivery service Weee! In 2023.

Since then IntelBroker has targeted major organizations including Europol, Pandabuy, Apple, and AMD, although in these most recent cases the victims have all queried the scope of the breach, claiming the threat actor’s access was limited to a small amount of data.

IntelBroker took to X on 16 October to goad Cisco, claiming they still had access to the developer environment.

The post noted that Cisco had previously attempted to disable its access but had used hard-coded credentials on an SSH server IntelBroker identified within the exfiltrated data.

Two days later, Cisco announced it had disabled public access to the site while it continued its investigation, which IntelBroker confirmed shortly afterward on X, stating that the company had “finally revoked all our access. Closed our Docker, Maven hub[s] and SSH access.”

In its latest update, Cisco maintains it is confident there was no breach to its systems.

ITPro has approached Cisco for clarification on this matter but has not received a response.

Meta is reportedly laying off workers across several divisions as part of a continued cost-cutting drive.

First reported by The Verge, roles at WhatsApp, Instagram, and the Reality Labs units are among those in the firing line. The move from Meta appears to coincide with an ongoing reorganization scheme within specific teams.

Some workers have taken to social media in the wake of the move to confirm their roles have been cut. Jane Manchun Wong, who became known for revealing unannounced features coming to apps before joining the Threads team in 2023, is among those affected.

"I’m still trying to process this but I’m informed that my role at Meta has been impacted," she wrote on Threads. "Thank you to everyone, especially my Threads and Instagram teammates, for my wild journey at Meta."

"Today, a few teams at Meta are making changes to ensure resources are aligned with their long-term strategic goals and location strategy," a company spokesperson told ITPro.

"This includes moving some teams to different locations, and moving some employees to different roles. In situations like this when a role is eliminated, we work hard to find other opportunities for impacted employees."

This isn't the first time in recent years that Meta's made layoffs. In 2022, it shed 11,000 employees, around 13% of its total workforce, after being overoptimistic about its prospects following the Covid pandemic.

2023, which CEO Mark Zuckerberg famously described as the ‘year of efficiency’, saw the tech giant lay off another 10,000 workers and cancel 5,000 job vacancies in a bid to reduce headcount and cut costs.

The latest move marks the second batch of layoffs at the Reality Labs division in a matter of months. In the summer, Meta confirmed plans to restructure the hardware unit into two groups, resulting in a small number of job losses.

Meta cuts the latest in another troubling year for big tech

Meta isn’t alone in its cost-cutting efforts in recent years. A host of other major players in the global technology industry have followed suit, largely due to challenging macroeconomic conditions in the wake of the pandemic.

In August, for example, Cisco announced plans to cut thousands of roles - around 7% of its staff - on top of the 4,000 it cut earlier in the year.

At around the same time, Intel announced plans to cut its workforce by 15%, or 15,000 roles, blaming poor returns on AI and saving a reported $10 billion. Dell also cut 12,500 staff, or around 10% of its workforce, on top of a further 20,000 roles shed over the previous 15 months.

Other major tech firms making large rounds of layoffs since the beginning of the year include Microsoft, eBay and PayPal.

However, according to data from Layoffs.fyi, the number of job losses across the tech industry is lower than at the start of 2023, with a total of 263,000 jobs cut across the tech sector last year.

ITPro has approached Meta for comment.

Cisco has confirmed it’s investigating reports a hacker accessed networks and stole files, leaking them online, but says it has found no evidence so far.

The hacker, known as "IntelBroker", made the claim on BreachForums, a black-hat hacking site, suggesting the data was stolen on October 6, 2024.

“Today, I am selling the Cisco breach that recently happened (6/10/2024). Breached by IntelBroker, EnergyWeaponUser, and zjj," the post read.

According to the thread, the information for sale includes everything from GitHub and GitLab projects, source code, confidential documents, credentials and certificates, as well as AWS and Azure buckets, private and public keys, and much more. The data will be sold in exchange for cryptocurrency Monero.

It's unclear how the hack happened — if it indeed did — as Cisco is still investigating, and IntelBroker didn't divulge such details.

However, reports on Tuesday 15th suggested that the data was stolen by targeting a third-party managed services provider, which could explain why Cisco isn't seeing any evidence of the attack.

According to a BreachForums statement, the impact is far beyond Cisco, with a wide range of companies listed as being affected by the data breach.

This includes Verizon, AT&T, Bank of America, Barclays, British Telecom, Microsoft, Vodafone, and Chevron.

In a statement given to ITPro, a spokesperson for Cisco said it’s still in the process of probing the claims.

"Cisco is investigating reports that an unauthorized actor is alleging to have gained access to certain Cisco data and data of our customers," a Cisco spokesperson told ITPro.

"Cisco takes this allegation seriously and we have engaged law enforcement as part of this investigation.

"To date, our investigation has found no evidence of our systems being impacted. We will notify customers where we confirm that the actor has obtained their confidential information,” the spokesperson added.

Earlier this year, Cisco admitted that state-sponsored attackers used zero-days in its firewalls to target government networks, and a cyber attack on a supplier for Cisco Duo's SMS and VOIP authentication service leaked customer data after being targeted by hackers.

Can IntelBroker be trusted on the Cisco claims?

While such claims aren't inherently trustworthy, the criminal operating under the IntelBroker brand has previously listed 80 tranches of leaked data for sale on BreachForums.

A June 2024 hack of AMD is attributed to IntelBroker, though the company said the breach was limited in scope.

The same month, IntelBroker claimed to have gotten hold of source code for internal Apple tools, while in May managed to nab data from Europol. Again though, the agency said the leak was limited and didn't contain operational details.

It's believed IntelBroker is based in Russia but is Serbian. Beyond that, IntelBroker reportedly now owns BreachForums as of August, as the site has changed hands multiple times amid targeting by authorities.

Cisco’s investment in CoreWeave could mark a major step in the tech giant’s aggressive AI push, analysts have told ITPro.

Reports emerged last week that Cisco plans to invest in CoreWeave in a deal that will see the GPU firm valued at $23 billion. While neither firm has confirmed the agreement as of yet, CoreWeave does appear to be setting its sights on bumping its financial valuation as it considers an IPO early next year.

Bloomberg reported earlier in the year that CoreWeave CEO Michael Intrator had discussed a transaction that would enable existing shareholders to sell between $400 million and $500 million of their holdings.

CoreWeave, which produces and develops cloud-based solutions for GPU infrastructure, could be a smart investment for Cisco for a number of reasons.

With enterprises globally looking to adopt and deploy generative AI tools, the demand for the services of a company like CoreWeave’s has potential to soar. By pitching itself with CoreWeave, Cisco could give itself a stronger footing in the AI market.

Cisco must expand its footprint and ensure that it can meet the needs of customers looking for AI support, CCS Insight analyst Bola Rotibi told ITPro.

“I think this is why they are investing in companies like CoreWeave,” Rotibi added.

It’s also a shrewd move from a financial perspective, Rotibi added. Cisco, and companies like it, are faced with the options of starting from scratch with AI or buying something out in its entirety.

Rotibi thinks Cisco is taking a savvy, third option though, by making an investment rather than attempting to buy the entire company.

To an extent, it “piggybacks” on CoreWeave’s existing research and development and strength in the market without Cisco having to make the full commitment of purchasing the company.

“It’s shoring up its capacity through the strength of another company that already invested heavily, has already got backers,” Rotibi said. “I think it's a smart move, personally.”

As Rotibi noted, Cisco slashed it’s workforce by 7% globally back in August, amounting to over 6,000 members of staff internationally. This may have affected Cisco’s financial decision making.

“It's let a lot more people go than maybe everybody had thought, so therefore it's had to put money aside for that, which I can imagine means it has to be quite sensible and careful with where it puts its money,” Rotibi said.

“This seems like a sensible option,” Rotibi added.

At the time of the layoffs, Cisco’s CFO said they were not about cost savings but about relocating resources into growth areas such as AI.

Cisco’s razor sharp AI focus takes shape

Cisco has sharpened its AI focus over the last 18 months, much like counterparts elsewhere across the global tech industry. A key component in its recent push here, however, lies with Splunk.

The networking giant confirmed the acquisition of Splunk in 2023 as part of a $28 billion deal. At the time, Splunk CEO Gary Steele specifically highlighted the AI focus of this deal, underlining Cisco’s ambitions in the space.

So far, the acquisition appears to be paying dividends for Cisco. At the firm’s annual Cisco Live conference in Las Vegas this year, the pair unveiled a raft of new AI-focused services and tools for customers.

Splunk’s annual conference saw similar messaging on the AI front, highlighting the growing synergy between the two companies.

Rubrik and Cisco have announced a new partnership to enhance organizations’ cyber resilience and defense against cyber attacks that target critical data.

As part of the collaboration, Rubrik has joined Cisco’s SolutionsPlus program, while its security offering now integrates with Cisco XDR.

As part of the SolutionsPlus program, customers will have access to Rubrik’s range of products via Cisco’s Global Price List. 

That includes the firm’s data security posture management (DSPM) offering, which works to proactively reduce the risk of data exposure and exfiltration across on-premises, cloud, and SaaS environments, as well as provide data visibility.

Cisco’s direct and channel sales network will also now offer Rubrik Security Cloud with Cisco Unified Computing Systems (UCS) and Cisco XDR, enabling joint customers to leverage validated architecture to mitigate ransomware and ensure boost business continuity.

Rubrik Security Cloud on Cisco UCS is tested and pre-engineered with Cisco Validated Designs and offers automated deployment, multi-site scaling, as well as lifecycle management thanks to Cisco Intersight.

In an announcement, the pair said the partnership will deliver unified computing, zero trust data security, and data resilience through a single, streamlined purchasing source.

“Complex, siloed systems create gaps in visibility that hinder operations and slow down organizations’ ability to detect and respond to threats,” said Jeremy Foster, senior vice president and general manager of Cisco Compute.

“Cisco and Rubrik are delivering threat detection and data context in one place, enabling security teams to effectively prioritize critical attacks and respond to them quickly.”

Cisco XDR integration

As well as joining SolutionsPlus, Rubrik now integrates with Cisco XDR to help enterprises swiftly identify targeted data attacks and implement secure recovery.

The fresh integration promises comprehensive threat coverage that provides unified visibility of customers’ environments, improved threat investigation and prioritization capabilities, as well as streamlined security and IT operations for recovery and restoration.

Organizations are also set to benefit from improved TCO and simplified lifecycle management, the pair added, with Cisco Intersight enabling deployment and tuned configuration of the Rubrik Data Management Platform on Cisco UCS Computing Infrastructure at global scale.

“This partnership reflects our commitment to providing unified, modern solutions on computing infrastructure that simplifies operations and empowers organizations to protect and derive more value from their data,” Foster added.

Networking giant Cisco is the latest tech company to slash jobs while pledging to refocus on AI as well as cybersecurity. 

The company said it would slash its global staff numbers by 7% – more than 6,000 jobs – following a drop in revenue of 10% in its fourth quarter. That follows a first round of layoffs earlier in the year which cut the workforce by 5%.

Cisco's core networking equipment business has struggled due to supply chain disruptions and a wider slowdown in enterprise spending, though CEO Chuck Robbins said in a conference call that demand was beginning to return.

The company has sought to diversify, purchasing big data monitoring platform Splunk last year for $28 billion and said in June it would invest $1bn into AI tech startups.

CFO Richard Scott Herren said in a conference call that the layoffs weren't about cost savings but reallocating resources into growth areas.

"But it's much more about finding efficiencies across the company so that we can pivot more resources, much like we did last year, into the fastest growth areas within the company, which are pivoting more into AI, pivoting more into cloud, and pivoting more into cybersecurity," he said.

Robbins said Cisco had topped $1bn in AI orders with web scale customers, with three of the top four hyperscalers deploying Cisco's ethernet AI fabric. While telco and cable customer demand remained muted, he said there was strength in EMEA driven by AI operations and autonomous networks.

"AI is transforming every aspect of our customers' IT environments," Robbins added in a conference call. "They need to modernize their infrastructure, harness the full power of AI and data, and improve their cybersecurity posture, all while building agility and resilience across their entire digital footprint."

Cisco layoffs are the latest in big tech’s AI-fueled ‘streamlining’ spree

Cisco is the latest in a string of tech companies to restructure to better invest in AI to take advantage of the boom in generative AI. 

Intuit said last month it would cut 10% of staff, but aimed to replace the 1,800 lost roles in order to focus on critical areas, such as AI.

Similarly, last year Dropbox slashed its workforce numbers by 16% in order to refocus on AI product development. Those cuts come amid wider layoffs in the tech industry, including cuts earlier this year at Google and Amazon.

"Cisco announced a restructuring plan to allow it to invest in key growth opportunities and drive more efficiencies in its business," Cisco added, saying in a financial filing that the total cost of restructuring would be $1bn.

"Cisco expects to recognize approximately $700 million to $800 million of these charges in the first quarter of fiscal 2025 with the remaining amount expected to be recognized during the rest of fiscal 2025."

Cisco results

The confirmation of layoffs came alongside Cisco's fourth quarter and annual financial results. For the fourth quarter, Cisco reported a decline in revenue of 10% year-on-year, down to $13.6 billion. 

This marks a sizable decrease, but above Cisco's own guidance — with earnings per share down 44%. Full-year revenue was down 6% to $53.8 billion.

"We delivered a strong close to fiscal 2024," said CEO Robbins in a statement. "In our fourth quarter, we saw steady customer demand with order growth across the business as customers rely on Cisco to connect and protect all aspects of their organizations in the era of AI."

In its guidance for the next year, Cisco predicted revenue to grow slightly for the quarter and the full year.

Cisco's Splunk big data platform also drove sales, marking a promising start to the company’s integration with the tech giant. Product order growth was up 14% year over year, though only 6% without Splunk, which made up 51% of subscription revenue.

Cisco announced it would buy Splunk last year for $28 billion to help its growth in AI, and the acquisition was finalized in March this year.

Cisco is set to cut thousands more jobs this year as it shifts its focus to higher-growth areas and adjusts to current economic conditions.

The exact number of jobs to be slashed has not been confirmed, but sources close to the matter told Reuters they expect the figure to be similar or slightly higher than the 4,000 staff it laid off earlier this year.

The previous round of layoffs was announced in February, and saw Cisco unveil plans to reduce its global workforce by 5%.

This latest round of cuts is expected to be formally announced on Wednesday 14 August alongside Cisco’s fourth quarter financial results.

As of July 2023, Cisco boasted a workforce comprising 84,900 staff, not accounting for the approximately 4,000 jobs it cut in February 2024.

Cisco’s shares fell by nearly 1% after the first round of layoffs were reported, and at the time of writing the firm’s stock is down approximately 15% on the previous year.

The company has seen slowing demand for its traditional business segments, with insiders telling Reuters the layoffs were aimed at restructuring the business around areas with higher growth potential.

Two areas the company is said to have identified as core drivers of the business moving are cybersecurity and AI, reflected in the firm’s recent major acquisition of Splunk in March 2024.

ITPro approached Cisco for comment on this development, but it did not immediately receive a response.

Cisco is the latest to cut jobs and focus on AI

Cisco’s layoffs come amid a flurry of similar announcements from large tech firms, signaling the sector is adjusting to shifting economic conditions and an evolving workforce.

Both Dell Technologies and Intel also recently confirmed they would be cutting 15% of their headcount by the end of 2024, with Dell stating it was reorganizing its go-to-market teams to become “leaner” as it transitions its focus to AI.

Salesforce laid off thousands of employees in January 2023, stating it planned to begin rehiring for tech roles in September, but this approach was reportedly paused as of January 2024.

German software giant SAP also announced restructuring plans would affect approximately 8,000 job roles  in January 2024, once again targeting integrating generative AI tools into its operations.

The company was quick to clarify this would not constitute mass job cuts, stating the majority of the affected positions were “expected to be covered by voluntary leave programs”.

Experts told ITPro in February that the driving force behind these large-scale restructuring efforts was associated with a transformation of tech industry requirements.

Characterized as a “readjustment”,  Bola Rotibi, chief of enterprise at CCS Insight explained that while jobs are being cut, new roles are constantly emerging in growth areas like AI, cybersecurity, and cloud infrastructure.

As such, she described the general trend as closer to rebalancing the business, moving staff from stagnant segments to high growth areas, stating that while some staff may be let off in one area of the business, this number could be absorbed by a hiring push six months later.

Cisco has announced the appointment of Sarah Walker as its new chief executive for the UK and Ireland.

Walker steps into the role having led Cisco’s Enterprise business in the UK and Ireland for the last two years, where she was responsible for the company’s relationship with more than 100 large, private sector organizations across key sectors.

She is also involved in Cisco’s relationship with wider communities, being the executive sponsor of Women of Cisco in the UK and Ireland, non-executive director at Liverpool Women’s Hospital Trust, and is the Chair of the Board of Trustees at Greater Manchester Academies Trust.

Prior to joining the business, the seasoned technology and communications veteran spent almost 25 years at BT in various senior leadership positions across both the public and private sectors - most recently serving as the company’s director for corporate and public sector.

Walker succeeds David Meads, who now transitions to lead Cisco’s operations in the Middle East and Africa.

“Sarah brings not only a proven track record in leveraging technology to solve problems and create value for organizations across the public and private sectors, but also a wealth of energy and innovative thinking,” commented Oliver Tuszik, Cisco’s president for Europe, Middle East, and Africa.

“I could not be more confident in her ability to lead the Cisco team in the UK and Ireland to create an even greater impact through our solutions, benefiting our customers, partners and the community.”

Appointment comes at a critical time for Cisco

Cisco plays a prominent role in internet connectivity across the UK and Ireland, with nearly every connection in the region touching the company’s technology and services. Through its Digital Impact office, Cisco also specializes in digital skills training in more than 300 Cisco Networking Academies across the UK and Ireland.

To date, the firm has successfully supported hundreds of projects to help accelerate digitisation in the region via its Country Digital Acceleration (CDA) program, from connecting remote communities, to improving connectivity and the digital skills of the national health service.

Commenting on her appointment, Walker said the move comes at an “important juncture” for the region, the technology industry, and Cisco’s customers as new technologies such as AI gain prominence.

“AI is creating even clearer lines between the outcomes that technology can support, the strategic objectives of organizations and the needs of society,” she explained. “The way we utilize and build for AI now, will shape the next decade and I truly believe that no one is better placed than Cisco to ensure that we do so securely and responsibly.

“We have some of the best technology minds in our community of over 4,000 partner organizations, over 200 universities and colleges and over 500,000 Cisco.

Advancements in AI will affect nearly all IT jobs and employers need to get serious about training, according to the AI-Enabled ICT Workforce Consortium.

The consortium, which includes a number of major tech players such as Cisco, Microsoft, and Google, said 92% of IT jobs are likely to undergo either high or moderate transformation due to advancements in AI.

Entry-level and mid-level IT professionals are expected to see the biggest changes, with 40% of mid-level positions and 37% of entry level positions expected to have high levels of transformation.

"AI represents a never-before-seen opportunity for technology to benefit humankind in every way, and we have to act intentionally to make sure populations don't get left behind,” said Francine Katsoudas, chief people, policy and purpose officer, at Cisco, and founding member of the AI-Enabled ICT Workforce Consortium.

"Across the Consortium member companies, we have made it our collective responsibility to train and upskill 95 million people over the next ten years. By investing in a long-term roadmap for an inclusive workforce, we can help everyone participate and thrive in the era of AI."

And as AI continues to redefine job functions, the consortium said, skills such as AI ethics, responsible AI, prompt engineering, AI literacy, large language model architecture, and agile methodologies will increase in importance.

Meanwhile, others, such as traditional data management, content creation, documentation maintenance, basic programming and languages, and research information may become less relevant.

AI literacy in the spotlight

All this means that organizations need to get serious about training, the consortium warned, suggesting that there are three essential common foundational skills required.

Data fundamentals training should cover data science principles and techniques, data classification, basic analytics, and story-telling with data; while prompt engineering should include how to interact with AI systems with prompts, prompting techniques, and developing an understanding of the potential and limitations of prompt engineering.

"As we look to unlock the full promise that AI brings, it is essential that we equip people with the skills they will need, and which they are eager to learn," said Ellyn Shook, chief leadership and human resources officer at Accenture. 

"The far-reaching impact of this technology demands that we design learning pathways that will position everyone to have deeper AI skills as the work in our industry requires.

"The initial report from the Consortium is an important step to turn aspiration to action – with specific reskilling recommendations that can accelerate progress for individuals, organizations, and society."

Nicole Helmer, vice president and global head of development learning at SAP, echoed Shook’s comments, adding: "What stands out from this research beyond the undeniable needs for responsible AI development and broad AI literacy across all ICT jobs, is the necessity for all roles to enhance their higher-order skills, such as critical thinking, creativity, and complex problem-solving."

As Splunk .conf24 draws to a close, partners and customers may be breathing quiet sighs of relief. 

While the event has touched on the expected topics of AI, observability, and security in good measure, it’s in its successful messaging around corporate continuity under Cisco that its real success lies.

Cisco announced its $28 billion acquisition of Splunk in September 2023 and the deal closed on 18 March 2024. In the months since, it has gradually revealed more of its vision for Splunk’s future.

Before the conference began there had been some speculation that this could be the last .conf, with some predicting Cisco would simply roll Splunk into its Cisco Live events. But having seen the continued energy of the crowds and leaders at the event firsthand, along with the pledges made by Cisco throughout, it seems safe to say that these rumors are incorrect.

It was also clear that Splunk would need to dedicate significant time to explaining the benefits of being a Cisco company at .conf24, tackling potential customer and partner concerns head-on.

No one knows this better than Cisco, it seems, given the company spent the entire event stating and restating that it’s not looking to rip up Splunk’s existing strategy.

Chuck Robbins, CEO at Cisco, told the audience in the first keynote that Cisco’s job is “not to screw up” what customers already have with Splunk. The loud applause and cheers that this remark elicited from the crowd speaks to the febrile nature of the event up to that point.

Despite reassurances at Cisco Live 2024 that Splunk was to remain an important player in its own right, customers and partners turned up to .conf24 needing clear acknowledgment of what will and won’t be changing under Cisco’s control.

“We believe in, we love, and we will embrace the Splunk community,” said Gary Steele, president of go-to-market at Cisco and GM at Splunk in the .conf24 opening keynote.

“That means the Splunk brand stays. That means this community that fosters innovation and coolness, that gets the most out of Splunk, we will continue to drive that and encourage it in every way we can.”

A mutually beneficial Splunk portfolio under Cisco

The phrase “Better together’ was used throughout .conf24, referring to the benefits that both Cisco and Splunk can leverage from the acquisition.

The pair have announced a raft of new product integrations across their portfolios, with benefits flowing in both directions. For example, the integration of Cisco Talos threat intelligence across Splunk security products including Splunk Attack Analyzer, Splunk Enterprise Security, and Splunk SOAR to enrich security investigations and make links between detected activity and known threats rooted in Talos’ extensive threat expertise.

On the other hand, Splunk’s pedigree in data analytics puts it in prime position to supplement and supercharge Cisco’s existing products and to act as a powerful backing force as the companies move ahead with AI.

Acknowledging Splunk’s tenth time being acknowledged as a Gartner Magic Quadrant leader for SIEM, Steele told the audience that its security and observability drive “only gets better with Cisco”.

“We'll get greater visibility, we'll get greater insights across the network, through the endpoint, across devices. And I feel like my excitement and enthusiasm is that I fundamentally believe we can drive better outcomes for you, that's what I think about every single day,” he said.

Both Splunk and Cisco have taken something of a cautious approach on AI, a shared trajectory and strategy that has helped keep the acquisition smooth. Splunk has been somewhat slow to adopt popular or generic generative AI assistants within its products, choosing to focus instead on improving its in-house model used for turning natural language prompts into data reports within Splunk.

The new AI Assistants for observability and security, alongside an improved AI assistant for producing Splunk’s Search Processing Language (SPL), are the fruits of this approach.

“I don't think you're going to see AI in itself as a thing, I think you're going to see everything powered by AI in the roadmap going forward with Cisco,” says James Hodge, GVP and chief strategic advisor EMEA at Splunk, in conversation with ITPro.

“There’s a lot more coming in the future by combining the best of Cisco and Splunk,” said Hao Yang, VP of AI at Splunk in the opening keynote. Noting that “data is the fuel for AI,” Yang stated that there’s an unprecedented opportunity for AI expansion in Cisco and Splunk working together.

“As part of Cisco, we’ll have more data relevant to security and observability than any other company and we’re confident that together we will be able to deliver amazing outcomes with AI to make you more digitally resilient.”

Once again, all of these announcements were grounded with repeated claims that Cisco is not looking to change any of Splunk’s AI roadmaps.

Tom Casey, SVP and GM of products and technology at Splunk told ITPro that Splunk’s approach to AI has been “domain-centric AI”, rooted in three core principles that set it apart from the competition:

• Domain-specific
• Human in the loop
• Open and extensible.

“While we’re integrating with Cisco and that fits really well, so you can chat from that chat experience right into the workloads … we remain open and extensible, so that continues to work and you can bring your own AI models for the industry as well.”

In its continued commitment to these principles, partners and customers can find more cause for reassurance. Cisco is pushing ahead with its AI focus, with ample access to data grounded in its detection platform ThousandEyes, and it seems both it and Splunk are in lockstep on the importance of an open approach to AI in the long term.

Encouraging and educating Splunk partners

The relationship between Splunk and its partners is a clear indicator for how successfully it is navigating the acquisition. When ITPro attended Splunk’s Global Partner Summit keynote at .conf24, it was clear that the mood in the room was one of excitement rather than concern.

Even one of the larger ballrooms within the Venetian Conference Center was no match for the attendees, with latecomers forced to stand to the side for lack of seats.

Alexandra Turbitt, GVP for alliance & channels, EMEA, tells ITPro that achieving this goodwill has been a mixture of listening carefully to partner concerns and taking advantage of the good deal of crossover already present in Cisco and Splunk’s ecosystems.

“For many of our partners they are now Cisco and Splunk partners,” Turbitt tells ITPro, noting that around 75% of Splunk’s partners fall in this overlapping category. In feedback sessions, she adds, Splunk partners have praised Splunk’s observability go-to-market, expressing that they no longer feel the need for vendors outside Cisco and Splunk to meet their observability needs.

For the remaining 25%, Splunk is encouraging them to get stuck in with Cisco and introducing Cisco team members into their contact with Splunk to ease this process. Turbitt says that there’s also “huge interest” among Cisco partners who aren’t yet acquainted with Splunk to get certified on its solutions and join the Splunk ‘Partnerverse’

There’s no doubt that Splunk is being incredibly careful with how it’s communicating the acquisition to partners, having doubled down on the message of there being no dramatic changes planned under Cisco.

With the disclaimers and logistics out of the way, Splunk put great emphasis on how its products can work together to achieve overall digital resilience. As partner strategies go, this is excellent. Having focused so much on its observability and security achievements in both keynotes, Splunk has ensured that the idea of resilience is front of mind for customers and that partners are equipped with tools tailor-made to solve this problem.

Turbitt tells ITPro that she particularly likes Splunk’s Hidden Cost of Downtime report for the same reason. The report reveals that the top 2,000 firms worldwide lose $400 billion per year due to downtime incidents and Turbitt says it provides all the relevant context to explain why Splunk’s observability, security, and AI solutions are so badly needed.

“I got really good feedback on the report in terms of numbers like this really help with conversations on a CFO level, for example, to simplify what the technology impact is on their business.”

“So they were very appreciative for helping to really get the value in front of their C-suite.”

Earlier in the year, Splunk wasn’t certain that the deal would clear before .conf24. In another world, this would have resulted in an event with the Cisco acquisition looming over it unspoken rather than up in bright lights on the keynote stage.

We don’t live in that world and anyone with a stake in Splunk should be glad that’s the case. In arguing why it deserves to keep its identity under Cisco – and repeatedly giving a platform to Cisco executives who explained how much they value Splunk as a complete package – Splunk has walked away from .conf24 having very clearly explained what being a “Cisco company” means for its future.

Cisco has learned a big lesson from the last technology wave – and wants to make sure it’s ready for the one that’s on the way.

The networking giant wasn’t fast enough to respond to the rise of cloud computing and wants to make sure it’s ready this time around so that it can do a better job of capitalizing on the AI surge.

AI is important for Cisco for a few reasons. Firstly, as is the case with many tech companies, it can use AI to improve its products.

Right now, that’s particularly evident on the security side. Here, AI can help Cisco to advance its network monitoring tools, for example, so that they are able to spot potential weaknesses or attacks more quickly. Some of that was on display at Cisco Live in Las Vegas, with several updates to the company’s security portfolio unveiled.

At the same time, like many other tech companies, Cisco is trying to shift to more predictable recurring revenues like subscriptions, rather than relying on one-off and unpredictable purchases of networking hardware. This is in line with the lessons from Cisco’s most recent results, with subscriptions now accounting for more than half of the company’s revenue. Building more services based around AI are a good way to support that shift.

Cisco’s recent acquisition of Splunk fits with this strategy very well. Cisco announced its $28 plan to acquire Splunk in September last year. The deal – Cisco’s biggest ever acquisition – integrates Splunk’s products which collect security information and event management data from across a customer’s enterprise technology infrastructure and process all of it for big data analytics. Splunk also brings more than $4.2 billion in annual recurring revenue.

Further justification for the deal the deal at Splunk .conf24, set to run in Las Vegas from 11-14 June, is a given. Gary Steele, former CEO at Splunk, told ITPro at Cisco Live that there’s “tremendous opportunity” in the arrangement, with Splunk playing a core role in Cisco’s AI approach.

The sales opportunities of AI

A major reason that AI is important for Cisco is that it sees a big potential opportunity for new sales. In any gold rush, it’s the people selling picks and shovels that get rich. Right now it’s the GPU companies like Nvidia that are reaping the benefits of the generative AI frenzy as the hyperscalers buy as many high-end chips as they can train their large language models.

Cisco is betting that the next step is for big businesses like banks, healthcare and automotive – as well as government agencies – to build their own AI infrastructure too. This is reflected in its recent partnership with Nvidia.

That’s because they will want to keep their data and the AI models they train it on, to themselves. That data may well be the real differentiator in the AI era, Cisco thinks, and reckons that companies, over the next five years or so, will be willing to invest in their own hardware to protect it.

Cisco already had good connections with a vast array of enterprise customers thanks to selling them networking kit for decades. It is rapidly building an alliance with AI companies to sell this new proposition: the AI companies are willing to play ball because they don’t have these deep enterprise connections themselves.

For all of this, the excitement around AI is mainly focused on personal productivity. The companies with the LLMs, like OpenAI, or the big tech companies that made the fastest moves to invest in or partner with them (like Microsoft) are the ones that are reaping the benefit in terms of sales and share price bumps. Cisco has recognized this, too, in its announcement of a $1 billion investment fund for AI startups such as Mistral.

Cisco’s AI trajectory

So, can Cisco really catch up with them?

Certainly, the company seems to be shifting its strategy towards being more open to partnerships with other tech companies, a recognition that it can’t provide everything for its customers every time.

“If you are going to have great AI, your compute and your network have to work in lockstep,” says Zeus Kerravala, founder and principal analyst with ZK Research.

“If you are spending millions of dollars on GPUs and they sit idle because your network can’t push information across the network fast enough, then you’re not going to get the returns you want,”

“Networking and AI are going to be inherently locked together and nobody’s got a bigger footprint in networking than Cisco,” he tells ITPro. He said that, with the collection of technologies including Splunk, the Catalyst the switching business, and the likes of Miraki and ThousandEyes there are few companies with as many AI-related assets as Cisco. “They did an effective job of bringing that story to life, now we need to see them continue that and execute on that,” he added.

At the company’s Cisco Live event this week, the mentions of AI were so numerous as to become something of a running joke. But make no mistake: for Cisco, AI is a deeply serious business.

Now that Splunk is part of Cisco, the priority is to keep delivering on the tech roadmap while taking advantage of the networking giant’s scale to grow into new markets, according to Splunk boss Gary Steele.

Steele was CEO of Splunk before it was acquired by Cisco – the networking giant’s biggest ever acquisition at $28 billion – and is now responsible for the 7,000-strong Splunk business and serves as Cisco's president for Go-to-Market.

“Where we’ve been focused is continuing on the existing roadmaps that we have in terms of innovation delivery to customers, and the way Cisco had built their integration plan was to have funding available so that we could do integration on top of our existing roadmap,” Steele told ITPro.

“We wanted to maintain our pace of innovation while delivering really important integration capabilities.

“I’ve been describing this as the strong ground game. A lot of times when integration happens people get distracted and nothing gets done and customers get frustrated, and so we’ve taken a lot of lessons from the past and really thought about how to ensure there’s this continuous delivery of critical things that customers care about.”

Steele said that being part of Cisco gives Splunk advantages from a product and technology perspective, plus the ability to grow into new markets.

“With Cisco’s reach in terms of markets we’ve just never been in, we have a tremendous opportunity,” he said. For its part, Splunk brings to Cisco $4.2 billion of annual recurring revenue and a set of customers primarily focused on the global 2,000.

“We are deeply embedded in those organizations and then we bring this broad platform and engine to process lots of data which, in this world of AI, there’s probably nothing more important than that,” he added.

Splunk has a critical role to play in Cisco's AI roadmap

In terms of technology roadmap, Cisco announced the first early integrations between its products and Splunk’s during the Cisco Live event in Las Vegas.

Steele noted that these integrations will play a key role in delivering impactful solutions for customers, enabling them to maximize the use of internal data and unlock tangible business benefits.

“One of the great things about Splunk is its super easy to get data in and be able to do very rich detailed analytics and all kinds of AI on top of that, and so we’ve made a lot of progress in a really short time, but I feel like the opportunity is out in front of us,” Steele said.

“What you will see is, over the next two years probably, you’ll just see continued incremental delivery of opportunities where we can connect critical technology and deliver better outcomes for customers.”

Steele noted that Splunk and Cisco are already working on “broad data integration across the whole company”, and that this process is expected to take around four quarters.

After which, he expects “pretty much all the critical products” across the company being able to bring in Cisco data to improve enterprise decision making and analytics capabilities.

“And we’re going to be on this journey of AI where you will see better and better AI outcomes starting almost immediately but continuing for several years. There’s a lot happening,” he said.

Every enterprise will need to build some level of AI infrastructure over the next few years – and Cisco hopes to be one of the big winners from the building boom.

Cisco is making a big bet on AI, and Steele also thinks it will have a big impact across business in general.

“I think this is hugely transformational. I don’t think we fully understand the impact or the opportunity yet and I find it interesting because I have a lot of friends that are early-stage entrepreneurs and some of the results they are seeing and some of the things they are working on, it's actually really cool.”

Cisco hopes to capitalize on the generative AI boom

Steel argued that the impact of AI will be different and faster when compared to the last big technology wave, cloud computing. This was a talking point highlighted by Cisco CEO Chuck Robbins during the opening keynote at Cisco Live.

Robbins described the current wave of AI adoption as being like the early days of cloud computing “on steroids”, with companies rapidly accelerating to integrate the technology within operational processes.

“The cloud didn’t unlock the potential that AI will unlock. They are different dimensions. I think the results will happen faster, I think the impact will happen faster, the impact on the bottom line will happen faster,” he said.

Steele, like Robbins, argued that Cisco is well positioned to be a leader in the generative AI race due to its deep, long-standing ties with enterprises globally.

Cisco’s expectation here is that while much of AI is running in the infrastructure of the hyperscalers, over time, enterprises will start running their own AI infrastructure to take advantage of internal data stores more efficiently.

Early adopters are likely to be financial services, automotive, healthcare, and government agencies, he said.

“As we look across the globe, we think every enterprise is going to need some form of AI infrastructure and we are in a very unique position to go and help those customers modernize their infrastructure to go and take advantage of the AI wave.”

Cisco has unveiled the first fruits of its $28 billion acquisition of Splunk, with a series of integrations combining the duo’s observability technologies.

Cisco completed acquisition of Splunk – its biggest ever – earlier this year. Spunk’s products collect security information and event management across a customer’s enterprise technology infrastructure to spot any sort of anomalous behavior.

Now, Cisco has started some integrations between its monitoring tools and those from Splunk. Observability tools collect and analyze data from infrastructure and networks to spot – and hopefully – resolve issues before they impact the business.

In the keynote on the second day of Cisco Live, Tom Gillis, general manager for security products at Cisco, said the combination of Cisco and Splunk will unlock data that’s invisible to security teams right now.

Network security was services that came in a box, but that is now being broken up into smaller pieces nearer to the user – secure access services edge (SASE). But the next step for security is even more fine-grained security controls aimed at unlocking more internal data with technologies like Cisco’s recently announced Hypershield product, he told the audience in Las Vegas.

Diving deeper into data and applications will also create three orders of magnitude more data than security teams are looking at today, Gillis said. This, he noted, is where Splunk comes in.

Cisco said that, as a result of integrating these tools, organizations would have improved visibility across their environments including on-premises, hybrid, and multi-cloud, while using real-time analytics for faster, more accurate detection, investigation, and response.

“By bringing together Splunk and Cisco observability solutions, customers now have unified visibility across their entire digital footprint so they can detect, investigate and resolve problems faster to create a reliable, resilient experience for their users,” said Tom Casey, SVP and GM for products and technology at Splunk.

“Having full control over their data helps them make more targeted, effective and smarter investments in their digital systems and services, allowing them to better leverage their entire digital footprint to attract more business and grow the company.”

Cisco said new unified experiences across Cisco and Splunk observability products enable better efficiency and accuracy in troubleshooting hybrid environments.

For example, a new single sign-on (SSO) feature will help simplify and streamline shared workflows between Cisco AppDynamics and Splunk products.

Meanwhile, the introduction of context-aware deep linking will enable Cisco AppDynamics customers to switch straight to logs in the Splunk Platform as part of their troubleshooting workflow, which should result in faster mean time to resolution. 

Single Sign-on and Log Observer Connect for Cisco AppDynamics, part of the preview of the Unified Observability Experience, will be generally available in the third quarter of 2024

Cisco also showcased a raft of other integrations during the day-two keynote. This included the launch of Splunk Log Observer Connect for Cisco AppDynamics. Available in July, this combines the Splunk Platform with Cisco AppDynamics APM to drive faster, in-context troubleshooting across on-premise and hybrid environments.

Cisco said this integration allows SaaS and on-premises customers to analyze logs when troubleshooting application performance issues.

Similarly, the Cisco AppDynamics integration with Splunk Enterprise/Splunk Cloud and Splunk ITSI will allow users to correlate application metrics and events from AppDynamics with other data about systems and services in Splunk Enterprise and Splunk Cloud.

Cisco AppDynamics will also be available on Microsoft Azure, the company told attendees. This expansion of cloud-hosted observability brings Cisco AppDynamics APM service.

Cisco AI integration with Splunk gathers pace

AI has been a key topic so far at Cisco Live 2024, so it was inevitable that there were going to be some Splunk integrations in this domain. 

At the day-two keynote, the firm unveiled the launch of Cisco AI Assistant for Cisco AppDynamics. Integrated into the AppDynamics Help Center, the new AI Assistant uses generative AI technology to help identify and support the workflows used by security teams.

Advanced AI in Splunk IT Service Intelligence (ITSI) was also revealed by the networking giant. This uses AI and machine learning capabilities to help teams quickly and easily configure and implement dynamic, adaptive thresholds, and manage and optimize configurations.

This means, for example, users will be able to fine-tune alerts with machine learning and look at slowly changing dimensions in KPIs that humans might not spot. The updated Splunk TA for AppDynamics and Splunk ITSI App for Content Packs will be generally available in June.

Cisco CEO Chuck Robbins set out his case for why the tech giant will play a key role as enterprises seek to harness AI to improve their operations, and how the networking company has learned from early days of the cloud computing rush.

In the opening keynote of the Cisco Live event, held in Las Vegas this week, Robbins said enterprises were now dealing with massive complexity and businesses often have less control over the services they are using.

“I remember the old days. It was simple: everyone sat in our offices and I had a private data center and everything was within my walls,” he told attendees. 

“It’s not the case anymore: you don’t have control of some of the assets. You’re leveraging core technology in your technology architecture that you have to place a lot of faith in. You don’t have the control of everything like you used to.”

It’s a problem that’s been growing rapidly in recent years. But with the emergence of generative AI over the last 18 months, one that enterprises globally must grapple with to unlock the power of AI and deliver tangible business benefits.

This process, however, will undoubtedly place additional pressure on enterprise IT teams. Robbins said that many companies are trying to figure out use cases for generative AI and that there's going to be lots of pressure on IT to deploy the technology fast.

“My guess is much like the cloud era,” he said. “If you were around when the big cloud transition began, and all the cloud hype started, every CEO I knew was pressuring all of you to get to the cloud and they had no idea why, other than ‘everybody says we should be in the cloud, so let’s go.

“I think AI is going to be that on steroids because my peers, and I’ve heard it from them because they are all asking me [are saying] 'If we don’t move quickly my competitors might kill us, I don’t know what they might do with AI that will put us at an incredible competitive disadvantage.'”

Cisco has a plan to help accelerate enterprise AI adoption

One thing that Robbins wants to be different from the cloud computing rush will be Cisco’s response. The company has learned vital lessons over the last decade, and appears keen to avoid the same pitfalls encountered during the early days of the cloud.

“From the Cisco perspective, many of you would probably tell us that when the cloud era hit, we perhaps weren’t as prepared as we should have been. I will tell you today as this AI era begins we are very, very prepared to help you navigate this as we go forward,” Robbins said.

Cisco used the keynote to showcase a number of technologies which it said can help customers navigate the complexity of their infrastructure, such as extended capabilities for its ThousandEyes monitoring software to spot problems across corporate networks and the cloud, plus a raft of security updates.

The networking giant also announced a $1 billion investment fund to support AI startups, and has already pledged support for Mistral, Cohere, and Scale AI as part of the scheme. Robbins said Cisco wasn’t just investing in generative AI companies for the return, however. This is all about creating closer collaborative relationships with dynamic innovators in the AI space.

“Part of our investment thesis is that unique co-development activities that we can enter into to bring you more innovative solutions and help you navigate the AI transition,” he said.

“We're going to bring services to you to help you understand how to navigate the AI journey, how you get started, how you choose the right LLMs, and what’s the difference between some of these companies and what their capabilities are and how they can help you,” Robbins said.

Later, at the executive panel he said that when forming partnerships with AI companies, Cisco’s enterprise relationships are seen as a very attractive proposition.

“Many of these partners don’t have enterprise go-to-market and they are going to lean on us, which gives us an opportunity to play a very strategic role for enterprises as they think through how to deploy a lot of this emerging technology,” he said.

Robbins added that Splunk, Cisco’s largest-ever acquisition, will play a key role in helping with some of the challenges facing enterprise IT organizations. Gary Steele, former CEO of Splunk, and now Cisco’s president of ‘Go-to-Market’ took to the stage to make the case.

“One of things that’s happened is we are drowning in data, everyone struggles with this issue today and long gone are the days when you can centralize across a multi-cloud hybrid world and bring all that data to one spot,” he said.

“Our fundamental philosophy is that we can bring the analytics to the data. Think about the most cost-effective place to store that data and we’ll bring the analytics to the data.

“AI is the catalyst that makes all of this much more predictive. We can be so much better being able to look all the way down the stack and the infrastructure and to the network and understand what is happening, leveraging that data to ultimately be predictive to prevent these outages.

Cisco has announced a number of updates across its security portfolio, saying that security has to be reimagined for the age of AI.

“AI is changing everything,” said Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco. Patel noted that Cisco’s security division has delivered more innovation in the past year than in the previous decade combined – and that this year will see multiples of what was delivered in the previous 12 months.

He said that, as adversaries are weaponizing AI, enterprises need to rethink security which has to be done at the machine level rather than by humans.

For example, while vulnerabilities are exploited rapidly by attackers, those flaws are often not patches for somewhere between 22 and 49 days, he said. Natively building AI into core defenses is part of the fix, as well as end-to-end visibility across networks.

In April 2024, Cisco announced Cisco Hypershield, a new security architecture designed to defend modern, AI-scale data centers. Hypershield embeds security enforcement in virtual machines or Kubernetes clusters in public clouds.

It can also insert security enforcement into advanced silicon in servers and networking devices such as switches. Autonomous segregation, distributed exploit protection, and self-qualified updates, all enabled by Hypershield, is the key to fixing the challenges enterprises face, he said.

“It’s the first version of something completely new,” Patel said.

At the Cisco Live in Las Vegas, the networking giant announced Hypershield support for AMD Pensando DPUs. Cisco also said support for Intel infrastructure processing units (IPUs) will be coming, too. Hypershield will be available in August, the company confirmed.

The networking giant also introduced the Cisco Firewall 1200 series, a new family of SD-WAN enabled, high-performing, compact firewall security appliances. This eliminates the need to have multiple appliances for switches, routers, and firewalls at enterprise branch locations, Cisco said.

The first models are expected to be available in October.

Cisco also introduced Cisco Security Cloud Control to unify management for the Cisco Security Cloud, beginning with its network security fabric, including Cisco Secure Firewall. This allows companies to define policies and apply them across a range of devices.

“This is a very modern way of going out and managing your security infrastructure,” he said.

Cisco unveils new security add-ons for Splunk

The company also unveiled a new Security Cloud Technology Add-on for Splunk as a way to get a broad range of telemetry and analytics into Splunk. Cisco Duo and Secure Malware Analytics are available now, with additional sources to be added in the coming months, the company said.

In terms of network monitoring, Cisco has extended the capabilities of its ThousandEyes monitoring software to spot problems across domains for both owned and unowned environments like the cloud.

The networking giant said ThousandEyes Cloud Insights extends end-to-end visibility deep into public cloud environments by providing topological mapping of its customers’ AWS environments.

This includes service connectivity, configuration changes, and traffic characteristics, enabling cloud operations teams to identify and resolve their most challenging issues even if they are not occurring on their own networks.

ThousandEyes Traffic Insights extends ThousandEyes visibility deeper into on-premises networks by collecting and correlating traffic flows with its synthetics measurements. This enables customers to rapidly detect performance issues and pinpoint them to real traffic bottlenecks and anomalies within their networks.

Cisco also said its ThousandEyes Endpoint Experience has added Meraki Wi-Fi and Local Area Network (LAN) telemetry and device information to give customers to gain deeper insight into local network issues impacting user experience.

Cisco has set out why the networking giant should be seen as a key player in the age of generative AI, announcing a billion dollar investment fund and program to make it easier for enterprise customers to run their own AI.

At the Cisco Live event in Las Vegas, the firm launched the fund to invest in AI companies. Cisco said it has already committed nearly $200 million of the $1B investment fund so far, and said it is making “strategic investments” in AI companies including Cohere, Mistral AI, and Scale AI to complement its ongoing AI strategy.

Cohere provides security-focused frontier large language models (LLMs) and Retrieval-Augmented Generation (RAG) capabilities aimed at enterprise customers. 

Mistral AI specializes in generative AI while Scale AI provides training and validation for AI applications. Cisco recently participated in Scale AI’s Series F funding as the round’s largest strategic investor.

The move from Cisco forms part of a concerted effort to tap into what has become a lucrative industry over the last 18 months. The firm pointed to recent research from tech analyst IDC which suggests the global AI market is expected to double in size to over $500 billion in the next three years.

The networking giant wants to use generative AI to enhance its products and services. Investing in these companies and forging closer ties is a good way to keep up with the latest developments, the firm said.

Cisco said that over the past several years, it has made over 20 AI-focused acquisitions and investments, furthering generative AI and machine learning capabilities and integration of AI across its portfolio.

Cisco eyes collaborative ties with AI innovators

In addition to these investments, Cisco will also be working with AI companies on product collaborations that allow it to co-innovate. One thing that makes Cisco attractive to AI companies is its enterprise connections, because that’s something that they don’t have according to chief strategy officer Mark Patterson.

“AI is fundamentally changing every industry around the globe, it's changing the way users and businesses communicate with each other, it's changing the way they leverage technology and Cisco, we believe, has a very significant role to play being the trusted partner to help our customers navigate this new era,” he said.

“At the highest level, Cisco connects and protects the AI era,” he added, pointing how Cisco provides infrastructure to power AI, starting at the hyperscale level, but also with eyes on enterprise customers as they start to deploy AI in their own data centers too.

“Both organically and inorganically you are seeing us invest in a big, big way across the entire ecosystem and across the entire technology stack for AI in an effort to be the partner to help our customers navigate this transition,” he said.

Customers need to secure and protect AI because they are bringing some of their highest value data together, Paterson added.

Cisco unveils Nexus HyperFabric

At the event, Cisco unveiled its Nexus HyperFabric AI clusters which it said will  make it easy for enterprise customers to build infrastructure to run generative AI models and inference applications without deep IT knowledge and skills.

The AI cluster combines Cisco AI-native networking with Nvidia’s accelerated computing and AI software, and a robust Vast data store. The clusters will allow customers to focus on AI innovation rather than managing the IT infrastructure, the company said.

While the promise of AI is clear, the path forward for many just starting out is not, said Jonathan Davidson, executive vice president and general manager at Cisco Networking.

“Customers often face economic and operational challenges to get an AI stack up and running.”

Cisco’s own research suggests that in the next two years, 60% of IT leaders and professionals expect to deploy AI-enabled predictive network automation, and 75% plan to deploy tools that offer end-to-end visibility via a single console into different network domains including campus and branch, WAN, data center, internet, public clouds, and industrial networks.

Cisco Duo has warned customers that threat actors recently compromised the internal systems of an unnamed telephony provider, and were able to access a series of SMS logs used for its multi-factor authentication (MFA) service.

Duo is Cisco’s MFA and single sign-on (SSO) platform, acquired in 2018, and is used by organizations to manage access to a wide range of protected systems.

The Cisco Data Privacy and Incident Response Team issued an alert on 15 April 2024, warning customers the provider it uses to send MFA messages via SMS and voice over internet protocol (VOIP) was breached.

The attackers were able to access an unnamed third party’s internal systems on 1 April 2024, using employee credentials obtained through a phishing attack, according to the alert.

The threat actor then used this access to download a set of SMS message logs sent to users between 1 March 2024 and 31 March 2024.

Cisco’s notice did not disclose the name of the provider in question, nor did it reveal the number of customers impacted by the incident, but with over 100,000 customers, this incident could impact thousands.

The breached telephone provider confirmed to Cisco the attackers were not able to download or see the content of the messages, but the logs did reveal sensitive information nonetheless.

The data accessed contained users’ phone numbers, carrier information, general location data, as well as the date and time of the message. This information could be used by the attackers to orchestrate a wider social engineering campaign on affected Duo customers, Cisco warned.

Cisco added that the provider supplied it with a copy of the message logs the threat actor obtained, which will be provided to customers upon request.

To request a copy of these message logs, or for any further support, Duo customers should contact msp@duo.com.

Customers should beware of further social engineering attacks

Cisco said the provider immediately launched an investigation into the incident as soon as it was aware of the breach, implementing a series of mitigation measures.

The first of these steps was to invalidate the affected credentials and analyze activity logs, as well as notifying Cisco of the incident.

The provider also said it would be refreshing its security posture, to ensure similar incidents do not happen again, including technical measures to reduce the risk of social engineering attacks compromising an endpoint. It would also be requiring its staff undergo further social engineering awareness training.

Due to the nature of the data accessed by the threat actors, Cisco’s incident response team advised businesses to contact their customers with a list of who was affected as soon as possible.

Cisco stressed that the information exposed in the breach could be used to orchestrate further social engineering attacks on Duo customers, and that any suspected attacks should be reported to the relevant teams.

A group of tech sector heavyweights headed by Cisco has launched a consortium aimed at allaying fears over AI-related job losses.

The AI-Enabled ICT Workforce Consortium, which includes Accenture, Eightfold, Google, IBM, Indeed, Intel, Microsoft, and SAP, aims to upskill and re-skill workers whose jobs are most likely to be impacted by the rising adoption of the technology.

As part of the move, the consortium will work alongside advisors from the American Federation of Labor and Congress of Industrial Organizations, CHAIN5, Communications Workers of America, DIGITALEUROPE, the European Vocational Training Association, Khan Academy, and SMEUnited.

"AI is accelerating the pace of change for the global workforce, presenting a powerful opportunity for the private sector to help upskill and reskill workers for the future," said Francine Katsoudas, executive vice president and chief people, policy and purpose officer at Cisco.

"The mission of our newly unveiled AI-Enabled Workforce Consortium is to provide organizations with knowledge about the impact of AI on the workforce and equip workers with relevant skills. We look forward to engaging other stakeholders — including governments, NGOs, and the academic community — as we take this important first step toward ensuring that the AI revolution leaves no one behind."

The first project will be to produce a report with practical steps that business leaders can take to prepare their workers for AI-enabled environments, enabling workers to find and access relevant training programs and connecting businesses to skilled and trained staff.

The consortium will evaluate the impact of AI on, and provide training recommendations for 56 ICT job roles.

These jobs, according to Indeed Hiring Lab, include 80% of the top 45 ICT job titles garnering the highest volume of job postings over the last year in the US and five of the largest European countries by ICT workforce numbers - France, Germany, Italy, Spain, and the Netherlands.

The consortium members said they'll create skills development and training programs for more than 95 million people around the world over the next 10 years.

Cisco will train 25 million people with cyber security and digital skills by 2032, while IBM says it will train up 30 million people in digital skills, including two million in AI, by 2030.

Intel has promised AI skills training for 30 million people, Microsoft will train and certify 10 million people from underserved communities, and SAP will upskill two million people worldwide by 2025.

Meanwhile, Google recently announced €25 million in funding to support AI training and skills for people across Europe.

"Our collective responsibility as industry leaders is to develop trustworthy technologies and help provide workers — from all backgrounds and experience levels — access to opportunities to reskill and upskill as AI adoption changes ways of working and creates new jobs," said Gian Luigi Cattaneo, vice president, human resources at IBM EMEA.

There's growing concern about the impact of AI on existing jobs, with recent research from the UK's Institute for Public Policy Research (IPPR) finding that up to eight million people in the UK could be impacted.

Long-term, it found, this could result in AI carrying out 59% of tasks.

Similar research from Goldman Sachs in early 2023 suggested that up to 300 million jobs could be lost to automation, prompting widespread concerns over the long-term impact of AI on the global labor force.

"Our research shows that virtually every job posted on Indeed today, from truck driver to physician to software engineer, will face some level of exposure to GenAI-driven change," said Hannah Calhoon, head of AI innovation at Indeed.

"The companies who empower their employees to learn new skills and gain on-the-job experience with evolving AI tools will deepen their bench of experts, boost retention and expand their pool of qualified candidates."