Cisco announced a series of new developments at RSA Conference 2025, aimed at helping organizations secure and harness AI while navigating a more complex threat landscape. With the growing adoption of AI technologies and a global cybersecurity talent shortage, organizations are under pressure to secure machine-scale environments with greater speed and precision.
According to Cisco’s upcoming 2025 Cybersecurity Readiness Index, 86% of organizations reported experiencing AI-related security incidents in the past year. To address these challenges, Cisco introduced expanded capabilities across its security portfolio, strengthened key partnerships, and launched open-source tools to foster broader security innovation.
Streamlining Threat Detection with Cisco XDR and Splunk Security
Security teams face an overwhelming volume of alerts daily, often lacking the resources to investigate and respond at scale.
Cisco’s expanded XDR solution integrates agentic AI to correlate telemetry across networks, endpoints, cloud services, and email to surface the most critical threats.
New capabilities include Instant Attack Verification, which uses Splunk data and threat intelligence to create and execute investigation plans automatically, helping teams verify incidents and accelerate response times. The addition of automated XDR Forensics provides deeper visibility into endpoint activity, improving investigation accuracy. A new XDR Storyboard feature enables security teams to quickly visualize and understand complex attacks, reducing the time needed to respond. Complementing these updates,
Splunk Enterprise Security and
Splunk SOAR 6.4 introduce enhanced detection accuracy, greater automation, and expanded network visibility. Organizations that integrate Cisco XDR with Splunk solutions can build more efficient security operations centers capable of faster investigations and improved threat management.
Cisco Broadens AI Security Initiatives
Building on its AI Defense initiative, Cisco announced several major steps to strengthen AI security across enterprises. This includes the
launch of Foundation AI to develop open-source security models, and new AI Supply Chain Risk Management controls. Foundation AI, a team formed through Cisco’s Robust Intelligence acquisition, introduced the first reasoning model tailored to enhance security applications. Cisco also plans to release benchmarks and building blocks to support real-world cybersecurity use cases. Additionally, the AI Supply Chain Risk Management tools will help organizations detect and block malicious or non-compliant AI model files before they enter production environments, addressing threats like poisoned datasets and intellectual property risks.
Cisco and ServiceNow Deepen Partnership for AI Risk Management
Cisco and ServiceNow are also expanding their collaboration to simplify AI risk management and governance. The companies plan to integrate Cisco AI Defense with ServiceNow’s Security Operations platform, enabling organizations to automate vulnerability assessments, enhance visibility into AI applications, and improve real-time protection. Through this integration, organizations will be able to streamline how they govern AI assets across internal, third-party, and unsanctioned environments. Cisco AI Defense will feed telemetry and vulnerability insights directly into ServiceNow workflows, aligning security, IT, and compliance teams around proactive AI security strategies. Initial field trials are expected to begin soon, with broader availability planned for the second half of 2025.
Strengthening Industrial IoT Security
As digitization expands into critical infrastructure and industrial environments, Cisco is extending its cybersecurity solutions to better protect operational technology (OT) environments. Enhancements to Cisco’s Industrial Threat Defense now integrate with Cisco Cyber Vision, providing organizations with deeper risk prioritization through Cisco Vulnerability Management and Splunk Asset and Risk Intelligence. Additional integrations with Cisco Secure Firewall and Splunk Enterprise Security enable automated network segmentation, unified IT and OT visibility, and improved detection of threats across operational and enterprise systems.
