Cisco is phasing out insecure legacy features and hardening device configurations as part of a new resilient infrastructure initiative. The effort is a direct response to threats from AI-powered attacks and prepares networks for post-quantum cryptography. In the process, it is making secure-by-default the baseline.
Organizations face escalating risks from outdated protocols and misconfigurations that weren’t designed for modern threats. Cisco’s approach shifts responsibility away from administrators manually hardening systems. “We believe it is the responsibility of all trustworthy vendors, including Cisco, to inform customers when the use of certain technology may expose them to potential risks,” chief security and trust officer Anthony Grieco stated in a blog post.
The initiative accelerates retirement of older capabilities embedded across networking platforms. This includes deprecating risky features, tightening baseline configurations and providing clearer guidance on hardware that should be phased out. There’s a clear acquiescence to the fact companies will be slow to adapt, meaning the push for secure default configurations begins with a light tap on the shoulder.
Initially, customers are set to receive security warnings recommending against insecure features. In subsequent releases, features will be disabled by default or require additional configuration steps. Eventually, insecure options disappear entirely.
Technical debt creates vulnerability
A Cisco-commissioned report found 48 percent of network assets worldwide are aging or obsolete. This creates significant technical debt that diverts budgets toward maintenance rather than modernization. Put more simply: technical debt leads to risks both for one’s own continuity as well as more potent cyber threats from the outside world. Network infrastructure designed decades ago didn’t anticipate today’s hostile security environment, Cisco states. Organizations that haven’t updated their infrastructure miss opportunities to fix known vulnerabilities and update configurations based on latest security best practices.
“It is the equivalent of a city relying on a rusted, cracked bridge for all its traffic,” Grieco wrote. As dependence on global networks grows, failing to break the current cycle of escalating threats could significantly impact the ability to trust future digital systems.
Real-time shields and detection
Cisco is designing features to deploy targeted real-time shields that protect against specific vulnerabilities soon after identification. This approach allows teams to mitigate potential risks immediately without interrupting operations or performing unplanned maintenance. Instead of waiting for patches or scheduling emergency upgrades, protection happens while critical services stay online.
The company emphasizes making it easier to perform effective monitoring, detection and response within network infrastructure. Historically, network infrastructure hasn’t received the same scrutiny as other IT parts. That is no longer viable.
Preparing for quantum threats
Cisco is preparing platforms for quantum computing’s impact on encryption and AI-driven exploitation techniques. The company is investing in post-quantum cryptography, expanding hardware root-of-trust capabilities and tightening supply-chain security posture for long-term resilience.
“We know security and trust in technology will look different in 2040, as it did 15 years ago,” Grieco said. This isn’t simply a switch to flip as AI becomes the norm and quantum computing inches toward mainstream adoption. Those that don’t act now will do so at their own peril.
The resilient infrastructure push includes a stronger stance on infrastructure modernization rather than continually patching aging systems. Organizations running outdated devices or relying on legacy configurations face rising operational and security risks, especially as generative AI sees attackers automate reconnaissance and exploit development.
Broader implications
Cisco’s announcement comes as the company also revealed plans to build a quantum internet by the late 2030s in partnership with IBM. That effort involves building a large-scale fault-tolerant network enabling tens of thousands of qubits to work together. It’s easy to see how a post quantum-resilient network and said IBM effort line up. You simply cannot have one without the other.
The company is aware of other organizations affected by threats similar to those driving this initiative. Microsoft and HPE both faced infiltrations by sophisticated state-sponsored actors in recent years, highlighting the urgency of hardening network infrastructure.
Cisco urges all network operators to act now to comprehend and mitigate infrastructure risk. This means keeping systems up to date, using secure configurations and planning for device lifecycle management. For more information on Cisco’s security commitment, the company directs users to its Trust Center.