Cisco Duo’s New IAM Offering: Is it Enough for Agentic AI?

By Jim Lundy

 

Cisco Duo’s New IAM Offering: Is it Enough for Agentic AI?

The escalating threat landscape, fueled by sophisticated AI-driven attacks, is forcing a re-evaluation of traditional cybersecurity measures. Cisco, a stalwart in networking and security, recently unveiled its Duo Identity and Access Management (IAM) solution, aiming to combat persistent identity-based threats.

This blog overviews Cisco Duo’s new IAM offering and analyzes its readiness for the emerging challenge of agentic AI.

Why Did Cisco Duo Unveil a New IAM Offering?

Cisco Duo’s new IAM solution comes at a critical juncture in cybersecurity. Identity-based attacks, including sophisticated phishing and account takeover attempts, now account for a staggering 60% of Cisco Talos Incident Response cases in 2024. Traditional IAM solutions have struggled to keep pace, often treating security as an afterthought rather than a foundational element. Cisco’s response is Duo IAM, designed as a security-first approach that builds upon its globally trusted multifactor authentication (MFA) capabilities. 

The offering includes a new User Directory to simplify identity storage and access management, alongside existing MFA and Single Sign On (SSO) for streamlined application access. Crucially, Duo IAM offers an Identity Routing Engine for flexible integration with third-party identity providers. To combat AI-accelerated social engineering, Duo has also introduced complete passwordless authentication, proximity verification via Bluetooth Low Energy (BLE), and session theft protection to enhance end-to-end phishing resistance. The Cisco AI Assistant is embedded to facilitate deployment and management, and Duo IAM integrates with Cisco Identity Intelligence for unified visibility and AI-driven behavioral analytics across the Cisco Security Cloud.

Analysis: Duo IAM’s Readiness for Agentic AI

Cisco Duo’s new IAM offering represents a significant leap forward in addressing current identity threats. The emphasis on phishing resistance, particularly with complete passwordless options and session theft protection, directly counters the growing sophistication of AI-driven social engineering. The integration of the Cisco AI Assistant for management and the unified Identity Intelligence through the Cisco Security Cloud are vital steps in leveraging AI for defense.

However, the emergence of “agentic AI” presents a new frontier in cybersecurity. Agentic AI refers to autonomous AI systems capable of executing complex tasks, making decisions, and even adapting their strategies without constant human oversight. While Duo IAM excels at securing human identities and their interactions with systems, the question arises: is it enough to secure the identities and access of autonomous AI agents? Agentic AI won’t “log in” in the traditional sense; instead, they will require secure, machine-to-machine authentication and authorization. Their access patterns will be far more dynamic and less predictable than human users, demanding real-time behavioral analytics and dynamic policy enforcement at a granular level. 

While Duo’s Identity Intelligence provides a foundation for this, the complexity of managing a potentially vast network of autonomous agents, each with unique access requirements and constantly evolving behaviors, will necessitate a far more sophisticated identity framework specifically designed for non-human entities. Cisco’s current focus on human users, while critical, may need to expand to encompass the unique identity management challenges posed by truly autonomous AI.

What Should Enterprises Do About This News?

Enterprises should view Cisco Duo’s new IAM offering as a critical upgrade for their existing identity security posture. The enhanced phishing resistance and focus on user experience are immediate benefits that can significantly reduce current attack vectors. Organizations should evaluate Duo IAM, particularly if they are already leveraging Duo for MFA. The comprehensive nature of the solution, including the new User Directory and Identity Routing Engine, makes it a compelling option for consolidating identity management efforts.

However, for organizations venturing into agentic AI deployments, this news serves as a watch item. While Duo IAM addresses immediate identity threats, enterprises should also begin to understand the nascent field of “machine identity management” or “AI identity management.” This will involve exploring how to establish, authenticate, authorize, and audit the identities of autonomous AI agents. While specific solutions for agentic AI identity management are still evolving, enterprises should consider pilot projects and research initiatives in this area to prepare for the security challenges of highly autonomous systems.

Bottom Line

Cisco Duo’s new IAM offering provides a robust, security-first solution for combating the escalating wave of AI-driven identity attacks targeting human users. Its advancements in phishing resistance and integrated intelligence are crucial for strengthening organizational defenses.

While highly effective for human identities, the unique challenges posed by agentic AI – autonomous systems requiring secure, dynamic, and granular access – will demand further innovation in identity management. Enterprises should immediately consider upgrading to Duo IAM to fortify their current defenses and simultaneously begin to explore the specialized requirements for securing the identities of future AI agents, ensuring a holistic approach to security in the age of autonomous systems.

 

 

 

UPCOMING EVENT

 

 

 

We invite you to join us for Aragon’s June Transform Tour, a virtual event designed to equip business leaders with actionable insights into driving real-world results through AI and strategic planning.

This event features two focused sessions:

Session 1: A Practical Guide to Strategy, Architecture, and Operations – Unlock Tangible Business Value from AI

Many organizations struggle to move beyond AI hype to real-world results. During this session, we will provide actionable insights into crafting a clear, business-driven AI strategy, architecture, and operations framework. We’ll explore how to establish effective governance, build the right organizational structures and Centers of Excellence, design robust AI architectures, develop practical roadmaps, and implement a proactive security strategy.

Join us to discover:

• How a proactive and practical AI strategy can significantly decrease risk.
• How to leverage your AI strategy to effectively guide architecture and governance decisions.
• Practical change management approaches to ensure successful and widespread AI adoption.

Equip yourself with the knowledge to translate AI’s promise into measurable business impact.

Session 2: A Practical Guide to Development, Training, Management and Security

Navigating the complexities of AI development, deployment, and security requires a solid technical foundation. The emergence of this new software and hardware technology stack requires mastering introducing new development, integration, data management and technology architecture skills. This webinar offers practical guidance for IT leaders on building efficient training datasets and pipelines, selecting the right development frameworks, implementing robust security measures across the AI lifecycle, and establishing effective management practices for your AI infrastructure.

We will address critical questions such as:

• How does AI fundamentally change the IT landscape?
• What are the best practices for developing and managing AI?
• How do IT leaders and developers support security, integration and data management?

 

Register Today