Welcome to the WEI Tech Exchange Blog

Why Cisco Talos is a Differentiator for your Enterprise Security Strategy

Written by Greg LaBrie | Apr 4, 2019 12:45:00 PM

If your company is undergoing its digital transformation in order to achieve greater levels of agility, scalability, and efficiency, you may have realized the following correlation between size and security. As your digital environment increases, so does the number of attack opportunities into your network. As enterprise density escalates, so does your attack surface. The question then becomes, is the continued exponential growth of our networks today sustainable from a security point of view?

If you are a Cisco customer, the answer is yes!

Every enterprise vendor today is seeking some type of differentiator to separate themselves from their competitors. That’s a good thing for their customers because vendors continue to unveil feature rich updates to their products on a regular basis. Cisco implements this practice as well, but several years ago, they decided to also differentiate themselves by focusing on security more than anyone in the industry. After all, is there anything more important than protecting your data, users, and capital investments? All the new product features in the world won’t matter the day your network is breached due to a lack of security. Cisco Talos isn’t a product, it’s a strategy. You might not be able to see it, or even know its there, but hackers know of its presence.

The Talos Security Intelligence and Research Group

That’s why Cisco created an internal threat intelligence organization called Talos. For those familiar with Greek mythology, Talos was a giant bronze man who guarded the island of Crete from pirates and invaders. He circled the island’s shores three times a day, throwing stones at the ships of any unwanted visitors. Cisco created their own version of Talos. Rather than a bronze automation, the Talos Security Intelligence and Research Group is comprised of security experts who work in five areas.

  1. Detection Research – This team analyzes threats and vulnerabilities that are then used as detection content for all Cisco related systems.
  2. Threat Intelligence – This team is dedicated to the practice of identifying threats and threat actors in record time so clients have a faster response to incoming attacks.
  3. Engine Development – Talos works constantly in order to update and enhance the inspection engines contained in all of their security appliances.
  4. Vulnerability Research and Development – Talos seeks out new ways to uncover new and existing vulnerabilities in the operating systems utilized by its customers and then develops ways to eradicate these weaknesses.
  5. Outreach – The Talos team practices stewardship by sharing its research regarding newly discovered trends used by malicious attackers both today, and tomorrow.

Cisco Talos is one of the world’s largest hubs of cyber threat intelligence in the world, leveraging a pool of resources that is second to none which includes:

  • Over 250 full-time threat researchers
  • More than 11,000 decoy systems and threat traps
  • Millions of telemetry agents built into their products deployed across the globe

How Talos Watches Over Cisco

Talos is omnipresent throughout the entire Cisco ecosystem, collecting information concerning any and all threats. This ecosystem includes email, networks, cloud, web sites, and applications and endpoints, to name just a few of its collective resources. Just as the Talos of Greek mythology was a giant, Cisco’s giant presence in the world allows it to leverage near limitless data samples from incoming telemetry. In fact, Cisco has more visibility than any other security vendor in the world today thanks to its sheer size and extension product portfolio. By harnessing this vast legion of collection mechanisms, Talos can best combat an untold number of threats. Some specifics of these analyzation processes include the following:

  • Talos inspects 300 billion emails each and every day by drawing from layered detection technologies, machine learning-based reputation filters and Cisco’s Advanced Malware Protection (AMP). Thanks to its vast collection power, Talos is able to block approximately 200 billion malicious emails a day (2.3 million per second).
  • Talos analyzes over 17 billion web requests every day, allowing them to swiftly identify new and emerging web exploitation techniques. The collected data is then used to fortify its multiple protection methods. In fact, the database of Cisco’s Umbrella web filtering solution is created and maintained by Talos.
  • Talos analyzes around 1.5 million instances of malware each day. It is because of this daily effort that Cisco is able to stop 7.2 trillion attacks annually.

Cisco data scientists are then able to find and correlate subtle nuances out of all of this extrapolated data to create new combative strategies. Malware experts then reverse engineer newly discovered threats to create protections against them. Just as Cisco has always committed to the utmost quality of its products, they are just as devoted and steadfast to security.

Conclusion

No matter how big your organization is or what industry you are a part of, by being a Cisco customer, you are entitled to benefit from this mammoth concentration of resources. It is really that simple. If you own a Cisco security product, you’re harnessing the power of Talos’s threat intelligence, and this power underpins each and every one of Cisco’s security related products. Talk to a trusted IT solution provider today about the power of Cisco Talos.

Even if you aren’t a Cisco customer, you are still profiting from its public security reports and alerts as it shares key information directly with not only its customers, but IT vendors, service providers, and yes, even its competitors. Securing the digital world is a collective effort.  That is the commitment of Cisco Talos. A seemingly invisible giant, securing the digital world through its immense visibility into the world.

Next Steps: Create an environment where employees are inspired to approach security with fewer assumptions, greater curiosity, and more strategic thinking by downloading our white paper, “Connecting Executive Leadership with Enterprise IT Security.”