Cisco has launched a new AI Defense security solution it says covers the entire range of potential LLM security threats to help businesses implement generative AI across their organization with confidence.
As firms rush to deploy generative AI tools, be that through internally developed models, customized APIs, or external applications, they significantly increase their attack surface – and Cisco is targeting new demand for holistic LLM security.
Cisco’s new AI Defense platform uses a combination of its existing cloud-based security expertise alongside the latest research to protect organizations against the misuse of AI tools, data leakage, and new LLM jailbreaking techniques.
With respect to tackling the dangers of shadow AI, AI Defense leverages Cisco’s Secure Access product to prevent employees from accessing unsanctioned AI tools and misusing authorized systems, as well as protecting them from accidentally introducing confidential company information into these external models.
But the challenge of securing internal AI systems from external threats is equally pressing for businesses looking to leverage generative AI.
New LLM jailbreaking techniques such as Deceptive Delight, Skeleton Key, Low-Resource Languages, or context window overload have all exposed relatively simple ways in which attackers can manipulate the security guardrails of popular LLMs.
Speaking to ITPro, DJ Sampath, VP of product, AI software and platform at Cisco, said the problem is even worse once companies start to customize the models for their organization, meaning IT teams need to continually reassess the integrity of the model and overlay additional guardrails.
“Each time you want your models to behave a little bit better with the data that you have, you start doing some fine-tuning, you’re changing the state of the model. You don’t know with that fine-tuning if you are knocking off some of the internal guardrails or not,” he explained.
“The only way you know that is by doing model validation over and over again. That’s one of the core pieces of Cisco AI defense, which ensures that even after a fine-tune the model is not changing and, then if it has changed, you have the ability to protect it using guardrails.”
Cisco looks to establish itself as a knowledge leader in LLM security
Sampath said Cisco is able to protect models from the latest jailbreaking methods by leveraging research from a recent acquisition it made last year.
Cisco acquired security startup Robust Intelligence in August 2024, which soon afterwards published a paper on its pioneering approach to LLM jailbreaking called Tree of Attacks with Pruning (TAP).
The TAP method is essentially an automated method for generating jailbreaks for LLMs without requiring access to its internal mechanisms, Sampath explained, noting that once it identifies a weakness it digs down to uncover every possible way in which an attacker could compromise the model using this vulnerability.
He added that the team published another paper on potential techniques that could be used to jailbreak a chain of thought or reasoning model, which he said requires a fundamentally different approach.
RELATED WHITEPAPER
Sampath said such is the quality of this unit’s research that they are collaborating with bodies including NIST, MITRE, and OWASP to come up with standards to define how the industry should approach AI security.
He argued this gives Cisco a privileged position to establish itself as a knowledge leader on LLM security, and help the model makers themselves shore up their products.
“We, Cisco, now have a seat at the table with these standards organizations. Not just that we’re influencing it but we’re able to publish some of this bleeding edge research and that research feeds into making these models better.”
Cisco AI Defense is still currently in private beta and will be available in March 2025.
MORE FROM ITPRO
- Cisco wants to capitalize on the ‘DeepSeek effect’
- DeepSeek R1 has taken the world by storm, but security experts claim it has 'critical safety flaws' that you need to know about
- What is hackbot as a service and are malicious LLMs a risk?
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Foreign AI model launches may have improved trust in US AI developers, says Mandiant CTO – as he warns Chinese cyber attacks are at an “unprecedented level”News Concerns about enterprise AI deployments have faded due to greater understanding of the technology and negative examples in the international community, according to Mandiant CTO Charles Carmakal.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapersNews While not malicious, the bots can overwhelm web applications in a way similar to bad actors
-
Law enforcement needs to fight fire with fire on AI threatsNews UK law enforcement agencies have been urged to employ a more proactive approach to AI-related cyber crime as threats posed by the technology accelerate.
-
OpenAI announces five-fold increase in bug bounty rewardNews OpenAI has announced a slew of new cybersecurity initiatives, including a 500% increase to the maximum award for its bug bounty program.
-
Hackers are turning to AI tools to reverse engineer millions of apps – and it’s causing havoc for security professionalsNews A marked surge in attacks on client-side apps could be due to the growing use of AI tools among cyber criminals, according to new research.
-
Multichannel attacks are becoming a serious threat for enterprises – and AI is fueling the surgeNews Organizations are seeing a steep rise in multichannel attacks fueled in part by an uptick in AI cyber crime, new research from SoSafe has found.
-
12,000 API keys and passwords were found in a popular AI training dataset – experts say the issue is down to poor identity managementAnalysis The discovery of almost 12,000 secrets in the archive of a popular AI training dataset is the result of the industry’s inability to keep up with the complexities of machine-machine authentication.
-
Microsoft is increasing payouts for its Copilot bug bounty programNews Microsoft has expanded the bug bounty program for its Copilot lineup, boosting payouts and adding coverage of WhatsApp and Telegram tools.
