2 min Security

Cisco XDR now automatically restores data after ransomware attack

Cisco XDR now automatically restores data after ransomware attack

Cisco’s XDR platform can now provide “near real-time recovery” of business operations. In partnership with Cohesity, the company now takes a snapshot of important data to provide instant recovery in the event of an incipient ransomware attack.

We previously learned from Cisco that its own XDR platform would receive a“rolling thunder of innovations” through 2023. Within that, the new announcement certainly fits.

Cisco cites research from its own Talos Incident Response team that showed Q2 2023 featured lots of ransomware attacks, with the highest number of incidents in more than a year. With the new announcement, the company promises that such an incident can be nipped in the bud quickly.

Still problems at organizations

Security specialist at Cisco Netherlands Jan Heijdra notes that paying ransom to criminals should not be the way out of a ransomware attack. However, to recover quickly, improvement is needed. “Unfortunately, we often see companies facing severely outdated backups, resulting in data loss, significant costs and reputational damage. Merging the detection and backup process in the Cisco XDR platform enables organizations to immediately generate appropriate backups at the first signs of a ransomware attack. This ensures that very little to no data is lost when restoring the last available backup.”

Cisco is partnering with Cohesity to strengthen its XDR platform, namely by integrating with that company’s DataProtect and DataHawk solutions. Country manager Cohesity Benelux Dilip Timal hopes to work with Cisco on cyber resilience for businesses. “Proactively scanning for anomalies, potential threats and other indicators of a ransomware attack, is an important part of our data security and management vision. We are excited to partner with Cisco to bring this new functionality to market first.”

It will not be the only integration with another security party for Cisco XDR, but for now it is the only announcement the company is making about it. This at least shows Cisco that it can’t take care of security alone, so such integrations can prevent security holes.

Also read: Cisco integrates generative AI into Webex and security