Cisco's AI Defense: Tackling the Growing Threat of Adversarial AI

How Cisco's AI defense stacks up against the cyber threats you never see

This article is part of VentureBeat's special issue, "The cyber resilience playbook: Navigating the new era of threats." Read more from this special issue here. As AI adoption accelerates across enterprises, its lightning-fast adaptability creates a security paradox -- how do teams protect a system that constantly evolves while scaling it enterprise-wide? Adversarial AI is now dominating the threatscape, fueling a stealth cyber war. Adversaries are quick to weaponize every aspect of AI, including large language models (LLMs). AI's rapid adoption is opening up new attack surfaces that security teams can't keep up with using current security technologies. The bottom line is that the gap between adversarial AI and defensive AI is growing fast, with enterprises' security and financial stability hanging in the balance. From data poisoning to prompt injection attacks, adversaries are already exploiting AI's vulnerabilities, turning the technology into a vector for misinformation, security breaches and business disruption. How Cisco is helping close the gaps Cisco's AI defense strategy aims to close these widening gaps between adversarial AI tradecraft and its potential to harm enterprises. With the majority of gen AI deployments expected to lack adequate security by 2028, Cisco's timing is prescient. Gartner also reported in its Emerging Tech Impact Radar: Cloud Security that 40% of gen AI implementations by 2028 will be deployed on infrastructures lacking adequate security coverage, exposing enterprises to AI-driven cyber threats at an unprecedented scale. No business can afford to procrastinate about protecting AI models -- they need help addressing the paradox of managing such a highly adaptable asset that could be easily weaponized without their knowledge. Launched in January, Cisco's AI Defense addresses this conundrum, integrating real-time monitoring, model validation and policy enforcement at scale. The unseen war: AI as the attack surface AI's biggest strength, and where it is delivering the most value to enterprises, is its ability to self-learn and adapt. But that's also its greatest weakness. AI models are non-deterministic, meaning their behavior shifts over time. This unpredictability creates security blind spots that attackers exploit. Evidence of just how severe the stealth cyberwar is surfacing as the paradox grows wider. Data poisoning attacks are corrupting training datasets, causing AI to produce biased, flawed or dangerous outputs. Prompt injection attacks are designed to trick AI chatbots into revealing sensitive customer data or execute commands that harm models and data. Model exfiltration targets proprietary AI models, stealing intellectual property and undermining a company's competitive advantage. Shadow AI -- or the unsanctioned use of AI tools by employees, who inadvertently (or not) feed sensitive data into external AI models like ChatGPT and Copilot -- is also contributing to a problem growing wider and at a faster rate. As Jeetu Patel, EVP and CPO at Cisco told VentureBeat: "Business and technology leaders can't afford to sacrifice safety for speed when embracing AI. In a dynamic landscape where competition is fierce, speed decides the winners." Simply put: Speed without security is a losing game. Cisco AI Defense: A new approach to AI security Cisco's AI Defense is purpose-built, embedding security into network infrastructure so it can scale and protect every aspect of AI development, launch and use. At its core, the platform delivers: By embedding AI security into Cisco's networking fabric, AI Defense ensures that AI security is intrinsic to enterprise operations -- and not an afterthought. AI Defense embeds security into the DNA of AI-driven enterprises Anxious for results and fearful of falling behind competitors, more organizations are rushing to deploy AI at scale. The growing "deploy now, secure later" rush to results is risky at best and helps fuel the stealth cyberwar against well-funded adversaries intent on attacking target organizations at will. Cisco's 2024 AI Readiness Index found that only 29% of enterprises feel equipped to detect and prevent unauthorized AI tampering. This means that 71% of enterprises are vulnerable to AI-driven cyberattacks, compliance violations and catastrophic AI failures. Gartner warns that enterprises must implement AI runtime defense mechanisms, as traditional endpoint security tools cannot protect AI models from adversarial attacks. To stay ahead, enterprises must: Cisco AI Defense: Hardening enterprise AI against evolving threats AI is the future of enterprise innovation, but unsecured AI is a liability. Left unprotected, AI can be manipulated, exploited and weaponized by cybercriminals. Cisco AI Defense is not just a security tool -- it is an enterprise-wide AI security strategy. By integrating real-time AI monitoring, automated model validation and network-embedded enforcement, Cisco is setting the new standard for AI security at scale. As Patel warned: "The security challenges AI introduces are new and complex, with vulnerabilities spanning models, applications and supply chains. We have to think differently. AI Defense is purpose-built to make sure enterprises can innovate boldly, without tradeoffs."

Your Endpoint Is Secure Against AI Supply Chain Attacks

The recent emergence of powerful open-source AI models like DeepSeek has sent many enterprises scrambling to block access per their security policies. While AI teams increasingly turn to open repositories to leverage free and highly capable models like DeepSeek, security teams face mounting pressure to prevent unrestricted downloading of artifacts from untrusted sources. The bottom line is clear: organizations deeply care about trust in their AI Supply Chain. That's why we're especially pleased to announce that, beginning immediately, all existing users of Cisco Secure Endpoint and Email Threat Protection are protected against malicious AI Supply Chain artifacts, whether downloaded directly from the Hugging Face open-source repository, shared via email, or downloaded from a shared drive. At Cisco, we've observed firsthand that while organizations worry about various AI security concerns like prompt injections and jailbreaks, their security instincts first react to risks in the AI Supply Chain. ML teams face a critical challenge: security teams often completely block access to platforms like Hugging Face, preventing the use of open-source models. This creates a difficult tension - the rapid pace of open-source innovation means teams risk falling behind if they can't access these models, yet security teams' concerns about harmful models causing widespread organizational issues are equally valid. AI Supply Chain Security encompasses the practices and measures designed to protect enterprises and applications throughout the AI development and deployment process. This includes securing software stacks, training data, and third-party models against vulnerabilities and attack vectors such as software flaws, deserialization issues, architectural backdoors, and data/model poisoning. "Securing the AI supply chain is more than a technical necessity, it's the foundation of trust in technology. Organizations worldwide are increasingly recognizing that supply chain security is foundational to protect both AI applications and traditional systems from vulnerabilities inherited at every stage of development and in production. At Cisco, we are committed to leading this charge by equipping our customers with advanced protections against these emerging threats, ensuring that innovation does not come at the expense of security." The software component of AI supply chain security addresses several critical areas: Models present unique security challenges, including: The data aspect of AI supply chain security focuses on: Organizations face several pressing challenges in securing their AI supply chain: "Open-source repositories like Huggingface are a particularly interesting quandary because we need access to validate models we are working with, but it is also an uncontrolled repo of potentially malicious models. It is a strategic imperative to allow access, but also a security imperative to block the use of malicious models." We're excited to announce that all existing Cisco Secure Endpoint customers now receive automatic protection against malicious AI Supply Chain artifacts sourced from Hugging Face. No additional configuration is required. The solution offers: In addition, Cisco Email Threat Detection has been upgraded to automatically block email attachments containing malicious AI Supply Chain Security artifacts as attachments. The upgraded capabilities specifically protects against five critical threats: Now a part of Cisco, threat intelligence from our AI Security Threat Research team now informs Malware Defense (previously known as Advanced Malware Protection or AMP). Malware Defense has long benefitted from world class threat research and intelligence feeds from Cisco Talos. Security threats in machine learning models and data formats has been studied and reported on by Robust Intelligence (now a Cisco Company) since 2021, where we were early to establish an AI Security Threat Research Team and subsequent intelligence services. In 2023, we released AI Risk Database as an AI Supply Chain investigation tool, and enhanced it and released it as an open source project on GitHub in partnership with MITRE, under the broader set of MITRE ATLAS tools. This is just the beginning of our commitment to AI supply chain security. There's so much more to come to protect developers of AI systems against supply chain risk. As AI continues to evolve and integrate into enterprise systems, securing the AI supply chain becomes increasingly critical. Organizations need not sacrifice security for innovation with Cisco AI Security offerings.