Could you provide an overview of Cisco as a company, and why it groups data center and security products under one umbrella?
Cisco is well known as the networking company, providing networking and infrastructure products for nearly every type of customer—ranging from the largest AI rendering farms to the networks connecting places where AI will reside, like factory floors, hospitals, and automotive environments. I run Cisco’s security and data center infrastructure products, which include firewalls, advanced security, silicon, optics, data center switching, and compute infrastructure. We group all of this together because these pieces are converging in a unique way, all driven by the AI revolution.
Given the rise of hybrid and cloud-native environments, how do you see the relationship between infrastructure and security evolving in the near future?
To understand the changes, we first need to look at what drives AI. AI applications, powered by GPUs (graphic processing units), function similarly to a human brain—they can reason and think. Unlike traditional processors that work sequentially, GPUs process data in parallel, with multiple chips communicating with each other. This creates massive GPU-to-GPU traffic, which requires high-speed networking. At Cisco, we are working with NVIDIA and other AI leaders to provide extremely high-speed networking, achieving 800 gigabits per second per port, soon to reach 1.6 terabits. These high data rates are critical for AI training runs, which can take weeks to process, making the network essential in AI infrastructure.
As AI transitions from experimentation to real-world applications, what are the key concerns that you are hearing from customers?
The network is the core of AI’s “mind.” In terms of security, a major challenge is knowing how to trust AI applications. Unlike traditional applications, AI's non-deterministic nature makes its behavior unpredictable.
It can give different answers to the same question, which makes it hard to distinguish normal behavior from abnormal. To address this, we are investing heavily in defending AI, using AI to protect AI. By observing applications and learning what normal behavior looks like, we can detect and respond to anomalies effectively.
We launched Hypershield, a system that integrates security processing and network processing into a single device. This allows us to detect if a model is being manipulated and apply compensating controls to shield vulnerabilities. Both projects are demanding, but they are crucial for securing AI systems.
What impact do you foresee the rise of autonomous networks having on security protocols, and how will human oversight evolve within IT enterprises as a result?
The rise of autonomous networks is disruptive. AI applications now use a protocol called MCP (model context protocol), which allows agents to communicate at machine speed. This means things can escalate quickly—an agent might, for example, automate expense report processing, but you do not want it using your credit card to buy a sports car. Security controls need to be able to reason, just like the AI applications they are protecting. Although it is a difficult challenge, we believe it is solvable. Cisco is working on it, and while AI will become more autonomous, we see a role for human oversight to ensure that AI can be trusted as it earns confidence based on observed behavior.
As both attackers and defenders are increasingly utilising the same technologies, what does resilience now mean in terms of securing modern networks?
This is a very important issue. When an application has a flaw, it is a vulnerability, and vulnerability scanners detect them. In the past, patching these vulnerabilities could take months, but now, attackers use AI to automate their attacks, reducing response times to mere minutes. To combat this, we have developed compensating controls, which shield vulnerabilities while patches are being applied. So, while attackers use AI to exploit vulnerabilities, we are using AI to defend against these attacks.
How is the increasing sophistication of AI-driven attacks influencing the zero-day vulnerability market?
AI-driven attacks are significantly impacting the zero-day market. Attackers are moving away from looking for complex zero-day vulnerabilities and instead focus on known vulnerabilities in applications that have been around for months or even years. Enterprises with thousands of servers struggle to patch all vulnerabilities, and AI helps attackers quickly exploit these weak points. The traditional zero-day approach is no longer the most urgent issue, and the security landscape is evolving rapidly.
What do you consider the most significant and interesting emerging discussions in network security?
Here at Splunk’s annual user conference, there is a clear shift toward zero-trust security. This model assumes that the network perimeter is already compromised, and the focus is now on detecting lateral movement. If an attacker compromises an endpoint, the goal is to prevent them from accessing sensitive information. Cisco is helping customers identify this lateral movement through our Data Fabric platform, which processes data closer to where it is generated rather than moving it to a central processing location. This breakthrough gives us access to data that was not visible before.
Given the proliferation of security tools, do you believe the cybersecurity landscape is headed toward greater integration or increased fragmentation?
The security landscape is currently too fragmented, with customers often using dozens or even hundreds of security tools. While each tool is effective on its own, managing such a large number becomes inefficient. Cisco is addressing this with a platform approach, integrating security tools into a cohesive solution that reduces complexity, lowers operating costs, and improves overall effectiveness. Our platform approach changes the way these tools work together, creating a more streamlined and effective cybersecurity experience.
Some commentators claim that AI is breaking the internet. Do you agree with this assessment, or do you see it differently?
AI is certainly reshaping the internet, but I would not say it is “breaking” it. What’s happening is a massive shift in how computers work. In the past, the heart of a computer was the PCI bus, but with AI, the network becomes the heart of the computer. This change is fundamental in computer science. The business model is also shifting, as AI chatbots reduce the traffic to individual websites. Content providers will need to reinvent themselves in this AI-driven world. Cisco aims to drive this transformation and ensure we emerge as one of the leaders in this new era.
What disruptive technologies, such as quantum computing or photonics, are currently on your radar, and how do you foresee them shaping the future of network infrastructure?
One of the biggest challenges we face is moving data faster as AI supercomputers become more powerful. Currently, we are pushing data at 800 gigabits per second per port, soon to reach 1.6 terabits, and eventually 3.2 terabits. To achieve these speeds, we need to combine silicon and optics, a process called co-packaged optics. Cisco is one of the few companies working on this, and while it is a difficult problem, we are confident it will be solved. Alongside this, we are tackling power consumption and cooling challenges, which will become more critical as systems continue to scale.
How many years until co-packaged optics will disrupt data center architecture in a significant way?
We expect it will take about three years for co-packaged optics to significantly disrupt data center architecture. It is not happening overnight, but it is also not a decade away. We anticipate it will take one or two generations, roughly 16 months. Photonics and quantum computing will play a role, but the challenge of moving data fast enough to power AI applications is something we need to solve in the near future.
