IT Brief Canada - Technology news for CIOs & IT decision-makers
Canada
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Firewalls
#
Ransomware
#
Network Security

Cisco unveils Duo IAM to strengthen identity-based security

Yesterday
Author image
By Jed Nykolle Harme, Editor

Cisco has introduced its new Duo Identity and Access Management (IAM) solution, designed to address modern identity-based cyber threats accelerated by the rise of artificial intelligence.

According to Cisco, the increasing use of AI by attackers has made digital identities and valid online accounts a primary target for cyberattacks. Cisco noted that 70% of ransomware attacks now use valid credentials to gain access and that 80% of Canadian organisations faced AI-driven attacks over the past year.

"The security industry is facing an 'identity crisis' as persistent identity-based attacks are among the most dangerous and costly challenges for security teams. Attackers don't need to hack in, when they can simply log in," said Jeetu Patel, President and Chief Product Officer, Cisco.

"While identity is the foundation of strong security, traditional IAM solutions have failed to prioritise security despite increasingly sophisticated threats. With this massive innovation, Duo is moving beyond MFA and restoring trust in identity security with a fundamentally different approach that attackers hate and users love," Patel continued.

Cisco reports that 60% of Cisco Talos Incident Response cases in 2024 were related to identity-based threats, highlighting the urgency for organisations to bolster their defences. The launch of Duo IAM builds on Cisco's existing multi-factor authentication (MFA) features and places security at the core of access management tools.

Duo IAM introduces a new User Directory, which centralises and simplifies how organisations store user identity information such as usernames, emails, and access roles. This feature works with existing MFA and Single Sign On (SSO) capabilities, offering employees secure and streamlined access to numerous applications from a single login page.

The solution is open and integrates with third-party identity systems. Duo's new Identity Routing Engine allows organisations to use Duo as either an identity broker or a secondary identity provider, aiming to fit easily into varied IT environments. The product is designed with security as a default setting, with the aim of reducing both risk and management costs for organisations.

The Cisco AI Assistant is built into Duo IAM to support organisations with out-of-the-box deployment and ongoing management of the solution. This further aligns with Cisco's stated commitment to providing user-friendly tools for enterprise security.

Cisco described significant advancements in phishing resistance within the updated suite. Notable features include a complete passwordless authentication option, which removes the need for users to handle passwords, and proximity verification using Bluetooth Low Energy (BLE) to ensure that the user's mobile and access devices are physically near each other during authentication.

To further combat emerging threats like session theft, enhancements to Duo Passport now eliminate reliance on browser cookies for authentication, aiming to protect against session hijacking risks.

Security intelligence is also a focus. Duo IAM integrates with Cisco Identity Intelligence, connecting with the Cisco Security Cloud platform to enable unified monitoring. With AI-driven behavioural analytics and expanded network insights, organisations gain the ability to detect threats and respond with measures such as quarantining identities, ending active sessions, or isolating network segments.

Feedback from industry stakeholders reflected cautious optimism for the expanded capability.

"Cisco Duo has been a trusted security partner when it comes to MFA, and in today's environment we're eager to use these new capabilities to fight growing identity-based attacks," said Todd Perrault, Senior Vice President of Client Advisory, Optiv.

"Duo's expanding suite of identity and access management solutions will deliver even stronger results for our customers with a security-first approach to identity while providing reduced friction for end users," Perrault added.

Analysts have also commented on the evolving landscape.

"Identity breaches are no longer the exception—they're the rule. Seeing a trusted security brand like Duo broaden from access management to include identity management and provide a security-first approach in the market is both timely and refreshing," said Todd Thiemann, Principal Analyst, Enterprise Strategy Group.

"Duo's commitment to maximising security while minimising user and admin friction is exactly what the industry needs. In particular, their approach to end-to-end phishing resistance marks a major leap forward, not just in security, but also in ease of deployment, to combat the latest identity threats," Thiemann stated.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Radiant Logic launches AI tool for identity visibility
Skyfire & Cequence enable secure digital access for AI agents
ExtensionPedia launches with risk scores for 200K browser add-ons
LexisNexis data breach exposes 364,000 personal records
Adidas data breach highlights supply chain risk for retailers
Top stories
dbt Labs unveils AI tools to boost data autonomy & governance
Salesforce to acquire Informatica for equity value of USD $8 billion
UKG & ServiceNow to integrate AI for seamless HR & payroll
AI agents spark new enterprise security fears, report shows
Westcon-Comstor hits record USD $5.24 billion sales in FY25