Cisco on Advancing Proactive Threat Detection and Response - Six Five On The Road

The future of cybersecurity is about more than just defense – it's about enabling innovation. 💡

‍

At RSAC 2025, host Will Townsend is joined by Cisco's Tom Gillis, SVP and GM Infrastructure and Security Group, for a discussion on how Cisco is driving major changes in threat detection and response. Discover how cybersecurity is evolving and how AI-powered automation and proactive defense empower organizations to confidently navigate the challenges and opportunities of the AI era.

‍

Key takeaways include:

‍

🔹The Network as a Security Sensor: Cisco leverages the network's inherent visibility to enhance its security posture, moving beyond traditional perimeter defenses to a more proactive and intelligent approach.

‍

🔹AI-Driven Automation: The conversation explored how AI is being used to automate complex security tasks, reducing the burden on security practitioners and enabling faster, more effective threat response.

‍

🔹Preventing Network Outages: Cisco is developing AI-powered tools, like synthetic traffic generation, to proactively validate network policy changes, minimizing misconfigurations and maximizing network uptime.

‍

🔹Extending Zero Trust: Cisco is expanding Zero Trust principles to encompass not only users and devices but also AI agents, ensuring secure communication and access in increasingly complex environments.

‍

Discover the latest innovations and insights from Cisco.

‍

Watch the full video at Six Five Media, and be sure to subscribe to our YouTube channel, so you never miss an episode.

‍

Or listen to the audio here:

‍

Disclaimer: Six Five On The Road is for information and entertainment purposes only. Over the course of this webcast, we may talk about companies that are publicly traded, and we may even reference that fact and their equity share price, but please do not take anything that we say as a recommendation about what you should do with your investment dollars. We are not investment advisors, and we ask that you do not treat us as such.

‍

Will Townsend: Hi, I'm Will Townsend and this is Six Five Media On The Road at RSA Conference 2025. And I have an opportunity to speak with Tom Gillis. He's the Senior Vice President and General Manager of the Infrastructure and Security Group at Cisco. Tom, how's it going?

‍

Tom Gillis: Good to see you, Will.

‍

Will Townsend: Yeah, it's always great to see you. 

‍

Tom Gillis: Likewise. 

‍

Tom Gillis: You know, you're famous for your “Tomisms”, and so I'm going to lay one on you. Cisco is really bringing sexy back to security. And your return is one of the reasons why, in my humble opinion. But the payload of announcements this week was quite impressive. And can we spend some time and talk through those?

‍

Tom Gillis: Yeah. I think that there's some big trends that are happening in the industry that are allowing Cisco to innovate in ways that are pretty unique relative to other vendors out there. The common denominator on all of that is the network. That's what we're great at. And the network is playing a more important role in how we manage and secure existing applications against, say, known vulnerabilities. It seems like a pedestrian type problem, but we could do amazing things there as well as these new crazy emerging threats that we see, targeting infrastructure and then the movement towards AI. So huge amounts of changes, but they all seem to have a common thread, which is that the network can play a critical role in the architecture of the future as well as today.

‍

Will Townsend: Yeah. In AI defense, when you launched that in January, I was at that launch event in Palo Alto, really impressed with robust intelligence and that automated red teaming capability. I know tied to some of the announcements there's some enhancements to AI defense as well as some other things as well.

‍

Tom Gillis: Yep. For those that aren't familiar with AI defense, let me describe the problem it solves. Traditional application is very predictable, very deterministic. Right. You've got data that lives in a database, You've got an acceptable question answer pair, and we can look at each one of those question answer pairs in isolation and you can figure out, is this okay or not okay? Now we introduce an AI based application. You inject this new thing called a model. The model takes all that data, slurps it in. When a model learns something, it never forgets. So the model knows all your secrets. Right. And the question answer pair, it's not always the same. You could ask the same question twice and get two slightly different answers. And so where there is an opportunity for manipulation is what I like to think of it as. When you were a kid, did you ever play the game with 20 questions? Oh, yeah, I've got a secret. You got 20 questions to guess my secret. You almost always get it. It's in less than 20 questions. So that's the world we're living in now, where attackers can play 20 questions and try to find the secrets that these models contain. And the only way to stop that, you can't stop that with a firewall rule. So you need to be able to understand and apply reasoning to that back and forth series of questions. Not just one, but the 20 questions. With Cisco's AI defense, we do two aspects to it. We can qualify a model ahead of time by playing not 20 questions, but the 2 billion questions. We constantly try to trick the model and we can find its weaknesses and vulnerabilities. But then we also have the ability to bring that same capability into the runtime. So when the model's being used, we can look at those question answer pairs and say, wait a minute, this model is supposed to be about scheduling delivery of sheet metal. Why are you asking about credit card information?

‍

Will Townsend: And you can dynamically guardrail.

‍

Tom Gillis: Correct. It's guardrails and this is an important point. It's guardrails that live in the network. And so we fundamentally believe in the separation of duties model where an app team may have guardrails that they can bake into the application. That's good and that's important. But there are going to be many, many different models running in the enterprise, many different applications. We give the IT and security teams the ability to say no matter what happens, no matter what model they download or what they set, they set it in the application. The guardrails that we provide are in the network, that common thread, and therefore create a common substrate for security independent of the application.

‍

Will Townsend: And you announced the ServiceNow SecOps integration this week, right? With AI defense. Correct. Can you talk about that?

‍

Tom Gillis: Yes. So the idea is that AI behaves so much differently than a traditional based application. We have built a workflow where if we see something anomalous, we connect that we'll open a ticket in ServiceNow. And ServiceNow is taking an audit of. Oh, wait a minute, we didn't even know that was an AI based workload. Right. So just having visibility and discovery into what's happening in the enterprise environment is super important. And our view, ServiceNow is like the kind of registry, you know, of record. Right. It's trying to keep track of a CMDB and all the various pieces.

‍

Will Townsend: It’s more than ITSM, right?  I mean they've really evolved that platform over time.

‍

Tom Gillis: Correct. It's understanding what are the components that go in to make up an application. And that's essential for us because in this distributed world beyond just AI defense, all of our security controls are becoming much more fine grained. And so if I'm sitting under a postgres database, I want to know which version of postgres am I running on so that we can apply controls specific to that postgres database or that SQL database or that Apache server or that Kube cluster. So integrating with ServiceNow, I believe that what we started with AI defense is the first in a series of steps on that journey.

‍

Will Townsend: Yeah, for sure. And then there are other things tied to the launch payload this week, but can you talk about foundation AI?

‍

Tom Gillis: Yeah. So the whole world has been trying to use these sorts of general purpose models, which are quite a step. How smart these things are.

‍

Will Townsend: It's crazy.

‍

Tom Gillis: Crazy, right? Like, and the speed at which they're developing, like every few months.

‍

Will Townsend: I asked Grok, like, are my Texas Longhorns going to win the national championship this year. And it was incredible the response that came back.

‍

Tom Gillis: And so I would argue that is a perfect example of the strength, but also the weakness of these general purpose models and that you can ask it anything.

‍

Will Townsend: Yeah.

‍

Tom Gillis: You know, what should I do with my life? And it's going to give you a plausible answer.

‍

Will Townsend: Right.

‍

Tom Gillis: If we can constrain a model to say, look, I don't want, I want to use a model for doing incident response, it shouldn't have an opinion on The Longhorns.

‍

Will Townsend: Shouldn't be relevant.

‍

Tom Gillis: And if you're listening to your firewall, you know, sort of AI agent about advice on football games, like, you're in deep trouble. Right. So we're trying to make that easy for you. Where a focused model that is looking at a very specific data set that we can tune for the security use case, we think could drive much higher levels of accuracy and efficacy and we believe that this should be ubiquitous. So foundation AI is an open source model. It's trained on a much smaller data set, so it's not going to use a massive GPU cluster. Right.

‍

Will Townsend: And it's security focused as well, which I find really compelling.

‍

Tom Gillis: Very purpose built. And we think this is where the industry is going to go. There's going to be these purpose built models that are better able to. It's like a specialist is better than a generalist.

‍

Will Townsend: Sure.

‍

Tom Gillis: Right. That medical analogy is actually perfect. You have general practitioners, you always will, but you have a cardiologist and a neurosurgeon and an anesthesiologist. And so this is that for security and the fact that it's open source, we believe that the community will be able to use this model, train this model and continue to sharpen its focus. And this gets even more interesting when we introduce reasoning into the model where it could be like, oh, that looks funny. Right? Maybe we should look deeper.

Will Townsend: Yeah. Do you expect that data lakes will be organized into security ponds or lakes or?

‍

Tom Gillis: Well, the head of Splunk Security, Mike Horn, is an old friend of mine. He and I are sharing the discussion. But the whole way that security SIEM has worked was take all the data you possibly can and slurp it into this data lake. In an AI world where applications are generating lots more data, their agents are talking to each other, the amount of data you need to slurp in is growing exponentially. And these apps are not just in a data center. So they are.

‍

Will Townsend: They're distributed.

‍

Tom Gillis: They're moving into the real world. It's just not practical to ingest all that data into one big giant data lake. And the economics make no sense at all. So we believe the blueprint in a post AI world will be a distributed model where you have data ponds and even data.

‍

Will Townsend: Did I use the right terminology?

‍

Tom Gillis: Absolutely right. And what's kind of cool about how we're doing this is where it's a little bit techie here, but bear with me.

‍

Will Townsend: Okay.

‍

Tom Gillis: The Splunk team has been driving the thinking of let's take that one big SIEM data lake and break it into five pieces. Data lakes. One of them might be an S3 bucket on Amazon. Another would be the firewall log administrator console on your premise based firewalls. Now you don't have to ingest those firewall logs. You capture them. They live locally, but you can search across them. So we're taking one, breaking it to five, bringing it to 10 and kind of pushing down but from the very, very bottom of this stack, the device itself. We're actually with hypershield we're able to understand a transaction on the network at the process level. So not just that it's an Apache server connecting to a Kube cluster. We can see what process in Apache is connected to what process in Kubernetes.

‍

Will Townsend: The visibility is incredible.

‍

Tom Gillis: Unbelievable. Right? And in a world where you have attackers that are stealing credentials and moving through legitimate pathways, you really need to look at the process level to be able to figure out friend from foe. That's three orders of magnitude more data than you're ingesting in firewall walls. So we're able to capture that data in this graph and give you an end to end view of this process. Started the connection, this process terminated the connection. Here's what the connection looks like in a very compact fashion that we send up into Splunk. So this idea of creating an architecture where the infrastructure itself can express east west traffic into a security analytics layer without blowing up some giant ingest build. Distributed architecture is the way to do it. We have a kind of tops down federation and the bottoms up graph that's coming from the devices themselves and they'll sort of meet together.

‍

Will Townsend: Yeah. I mean there's just been a ton of integration. I mean in innovation, when you look at AI defense and hypershield, I mean so I mean you set the bar really high. Tom. So like what's next? What's next?

‍

Tom Gillis: Look at the end of the day, people expect product excellence in their security products. Right. Like trying to sell a “me too” security product. You know, it's like trying to sell a mediocre pacemaker.

‍

Will Townsend: Right. Not a good thing

.

Tom Gillis: Yeah, right. Like I've got this pacemaker, it's not quite as good as the Medtronic one, but it's, you know, it's half the cost and if it fails, we'll send a technician to your house the next day. What?

‍

Will Townsend: Right.

‍

Tom Gillis: So product excellence is the foundation and then. But the reason why Cisco's been getting momentum and attention is because customers are very interested in this platform. Platform idea. We've proven that just adding one more tool into the tool chain is not going to deliver a better outcome. In fact, it creates,

‍

Will Townsend: It creates sprawl and management friction.

Tom Gillis: Correct. So having a more narrow set of functionality that's extremely well integrated and can oftentimes be transformative. Like look at what we did with the firewall with hypershield, we're putting firewalls into switches and routers and we talked about this this morning. It's not going to have every feature of a mature hardware firewall appliance. It never will. 

‍

Will Townsend: But by the way, on average, I think you and I discussed that 10 to 20% of the actual firewall's capabilities are actually deployed.

‍

Tom Gillis: Correct. So we take that core functionality that people actually use and we actually make it better. With a hypershield, we can put that little baby firewall everywhere. So we know, hey, this is a postgres server. Nobody patches a database or infrequently. Right. So it's riddled with vulnerabilities. We can apply compensating controls to that database. Good luck trying to do that with a hardware firewall appliance. Right. So we take the core functionality and actually make it better with this integrated approach.

‍

Will Townsend: Yeah, no, I love it. Agentic AI. I mean it's on everyone's minds, lips, you know, it's a big theme this year. How are you thinking about the application of Agentic AI with respect to Cisco security?

‍

Tom Gillis: It's a double edged sword. So on the positive, we showed you some demos of what we're doing with Cisco XDR where we're taking these kinds of complex attack graphs where you can see this, this, and it's depicted as like a little bubble and an arrow and like a bunch of information. A security analyst looks at that and says, oh, I know what it is. But a lot of people look at it like, I know that's gibberish. We're using Agentic AI to turn that into a movie so we can present this to a network administrator or to a less sophisticated security analyst. And like, oh, here's what happened. This email came in, someone clicked on it, we saw movement over to this host, they contaminated that host. They updated, they went and changed configuration in a router. So being able to lay that all out in kind of plain English, common sense, that's real. Right. So that's our agents that are doing that, which is awesome. The flip side is that let's think about the access control problem in security. Right. The basic function of a network is who gets to get in and what they get to get to.

‍

Will Townsend: Sure.

‍

Tom Gillis: Basic. That's what a network does. Least privileged access is what the industry is looking for. So salespeople can go to sales apps, IT people can go to IT apps. But you don't want salespeople getting into IT apps. Right. Almost like common sense. Well, we want to apply those same least privileged principles to things. Right. So in the office, a printer is coming.

‍

Will Townsend: What have you said? Printers are people.

‍

Tom Gillis: Printers are like people too. Exactly. Right. They're very simple people. But the printer wants to talk to the print manager. So we need to apply least privileged policies to that. A printer is not going to log in and register itself on a proxy. So having the ability to tag that identity in the network, this is all stuff that's here and now today.

‍

Will Townsend: Sure.

‍

Tom Gillis: This is what Gartner calls universal ZTNA. So it's people and things that we apply these privileges to. AI agents are going to muddy that water like crazy. Because all of a sudden a printer that has an AI agent on it could actually kind of look like a human. And I think the more sticky problem is, is a machine where it's Tom. And I'm logging into the Cisco network and I'm on my Cisco machine and my signatures are up to date and everything's validated and I've got a legitimate username and password and I start checking in code into the source code repository. But I'm on vacation in Mexico because there's an agent that's checking in that code.

‍

Will Townsend: That could be no bueno.

‍

Tom Gillis: Tricky, correct?

‍

Will Townsend: Yeah, tricky.

‍

Tom Gillis: Right now you can't even see it. Right. So the first thing was, can we extend this notion of identity to understand the identity of an agent? 

Will Townsend: Which is going to be crucial to making agentic.

‍

Tom Gillis: You got to be able to see it. Then we can build policies where we can identify when an agent is free to just go do things and when are they not? And this is all happening at breakneck speed. This isn't like five years from now.

‍

Will Townsend: No. It's been incredible to watch it.

‍

Tom Gillis: Flying cars and all that. This is happening now. Right. So, yeah.

‍

Will Townsend: Well, hey, to close our conversation, I'd love to touch on complexity and the skills shortage in the industry. And certainly Generative AI has done a lot to reduce friction to onboard SOC analysts more quickly. But specifically, what is Cisco doing to further reduce complexity and improve agility for security operations?

‍

Tom Gillis: Yeah, I'll give it a very specific example. One of the things customers love about Cisco is that you could run a Cisco switch without a reboot for a decade. We have customers that do.

‍

Will Townsend: It's bulletproof. Yeah, I've heard the same thing.

‍

Tom Gillis: Two decades, 20 years, this thing has been running without a reboot. Can you imagine that?

‍

Will Townsend: Right. That's crazy.

‍

Tom Gillis: I had a customer that literally was like, I spilled a beer on my CAT 6K. It kept running. Now the question is, why did you have a beer in a data center?

‍

Will Townsend: But like, liquid cooling, maybe?

‍

Tom Gillis: Special kind of customer, liquid cooling. So the hardware almost never fails in the network.  And when it does fail, there's enough redundancy and resilience built in that a failure can be tolerated. It's the policy, all the policies that we layer on top, that's where the trouble comes in.

‍

Will Townsend: Misconfiguration.

‍

Tom Gillis: Misconfiguration or misunderstanding of the configuration. AI is changing that now. So we have capabilities in the market today where you go to make a change to the access control policy, instead of. Have you ever played the game Jenga? In the old world, it's like Jenga, you pull the block out and you're like, oh, look at that. Nothing broke. Right? In the new world, we use synthetic traffic generation and AI to say, you want to make this policy change? Let's verify. From the endpoint to the application, it's doing what we thought it would do. I believe that we will drive network outages due to misconfiguration, which is the dominant form of network outage, to zero or very close to zero. And that's happening now, right? Yeah. So it's an exciting time.

‍

Will Townsend: It really is. Tom. Hey, I always enjoy our conversations. I always learn something new. Always pick up a little catchphrase from you as well. But I just want to thank you for the conversation and I want to thank our viewers for tuning in. This is Six Five Media on the road at RSA Conference 2025.

‍