Having built several security programs from scratch, a strategic combination of “best of suite” and “best of breed” can go a long way in securing your company. That’s why Elevate Security is super excited to partner with Cisco on what’s clearly a ‘1+1=3’ better together proposition.
As we spoke to Cisco customers, they loved the idea of combining Elevate’s rich insights around employees and threats with key Cisco products. In those conversations, two things stood out that they wanted:
- Understand employee risk across Cisco products
- Dynamically automate interventions in Cisco based on that risk
As we dug in, it was clear that the critical technologies to integrate with to achieve this were identity, email security, endpoint, and web gateways. That’s why we’re thrilled to announce new integrations with Cisco Duo, Cisco Secure Email, Cisco Secure Endpoint, and Cisco Umbrella.
There’s a lot of power in the Elevate platform. Let’s dive into a couple of use cases to show off what Elevate + Cisco can do together.
High-Risk Privileged Employees
You may have heard us say this before, but 8% of users cause 80% of security incidents. If we know who is risky (based on role, behavior, and adversary tactics), we can better protect them.
This becomes even more important when the employee is highly privileged. Let me introduce you to Walter. He’s a DevOps engineer and has shown over time as being risky.
We’ve pulled behavioral and adversary risk data across all of our Cisco integrations. This has informed us that Walter is highly attacked and is particularly risky around his web browsing habits, which could lead to account compromise threats.
Our playbooks take automated action on this risk by:
- Protecting Walter’s web browsing by requiring remote browser isolation in Umbrella for non-critical business sites
- Assigning Walter to a high-risk Duo group that requires phishing-resistant MFA and requires logins from a trusted location
All of this is done through automation, all easily customizable and configurable in the Elevate platform. Watch the video here.
Break Glass
Let me introduce you to another canonical employee, Donny. Donny is also an engineer, but has generally good behavior and doesn’t get targeted by adversaries a ton. However, on this day, we see a phishing detection from Secure Email, an alert from Secure Endpoint, and an event from Umbrella all within minutes. This is clearly telling us an attack chain story—a phishing email with an attachment led to outbound communication caught by our web gateway. Log details tell us it’s an account compromise attempt.
In this case, we need to respond quickly. Our automation quickly goes to work to protect Donny by:
- Enabling data protection policies to BLOCK in Umbrella for Donny to prevent possible data exfiltration. Disabling access to critical applications in Duo and enabling phishing resistant MFA for others.
- This is a nuanced and strong response that’s appropriate for the risk.
Final Thoughts
Employees have become the primary adversary target. In fact, last year we saw a 2.5x increase in attacks targeting engineers. As our adversaries get more targeted, our responses need to keep pace as well.
Taking a dynamic approach to how we respond to risks and threats, Elevate customers have seen up to a 70% decrease in account compromise, data loss, and phishing risks. We’re excited to partner with Cisco and its customers to bring the same value and risk reduction across the Cisco technology stack.
To see a demo in action, sign up here.
