Milan, October 24, 2023. The new Cisco Co-Innovation Center is nestled and perfectly integrated into the splendid setting of the Leonardo da Vinci National Museum of Science and Technology. The first node in Europe, it is at the head of a global network of laboratories of excellence that the company intends for innovation, with particular emphasis on cybersecurity and the protection of privacy. In this modern “Antro” of technology, where the role of the sibyl is occupied by highly specialized engineers and technicians, and where precise analyses, the result of rigorous data processing combined with the adoption of the most scientific criteria more sophisticated, replace prophecies, the month dedicated to cybersecurity saw the 2023 edition of the Consumer Privacy Survay take place, during which the Privacy Report was presented for the second consecutive year.
The company behind Cisco Consumer Privacy Survay 2023
Cisco is an American multinational whose core business is networking, with a broad portfolio of products and services: hardware, software and security applications. With its 80,000 employees located around the world, it carries with it the necessity and complexity of data protection management. Added to this is a high level of professional and cultural sensitivity to the fundamental right of individuals and consumers to have their sensitive data adequately protected.
In this regard, the company's commitment is manifested in Educational Privacy, a set of cultural and educational activities in which CISCO makes its expertise and knowledge in data security available to people and customers and cybersecurity. Sometimes even in the Milan co-innovation center.
Cisco Consumer Privacy Survay 2023: How the conference went
The meeting, held in the Milan Center meeting room, represents the 5th edition of the Consumer Privacy Survay. Meeting during which the Privacy Report was presented, the result of a survey conducted by CISCO among a sample of 2,600 consumers from 12 different geographic areas, including Italy (around 8% of participants). Including Italy (around 8% of participants). In addition, to complete its transparency, the company publishes the Privacy Data Sheet and the Privacy Data Card on its sites. These documents clearly show how the data is processed when it reaches CISCO.
After the warm welcome given to the participants, divided into two groups, one in person and the other remotely, the first speaker, Marianna Ferrigno Head of Communications Italy & Emea South, introduced the speakers, illustrated the program of interventions and dictated the timing of the press conference. The agenda, following a single common thread, was divided into three themes: Privacy – Artificial Intelligence – Training.
Photo by Carlo Denza
Cisco Consumer Privacy Survay 2023
Investigation
Credits: CISCO
As we can see, 87% of the sample concerned are concerned about the protection of their data. Only 81% of them are willing to invest time and money in exchange for greater security. The remaining 46%, which also matches the global average, have already implemented actions to improve the security of their data. If we compare the two percentages: 46% at the global level and 32% at the Italian level, we see that Italy is a little below the average. There seems to be less interest in protecting one's own data. The next slide shows the sample of people interested in data protection, broken down by age group.
Credits: CISCO
Data shows that the age groups most interested and most active in protecting their data are the youngest. The trend goes from:
Age groupPercentage (%)18-2442%25-3442%35-4438%45-5430%55-6425%65-7421%
In contrast, people aged over 75 seem less interested in privacy protection.
The previous results are confirmed in the next slide. People who have already taken steps to protect their privacy and the increase in the number of people who have increased their sensitivity to data privacy from 2022 to 2023. Some of the sample also requested to edit or delete her credentials on the websites where she had registered. This represents an increase of 14% per year and a trend consistent with age groups.
Credits: CISCO
Data localization
Here the sample's perspective changes due to the presence or absence of costs.
Credits: CISCO
Leadership in Privacy Protection
To this question, 35% of respondents responded that control of privacy should be in the hands of the government: Control of privacy should be in the hands of the government.
Credits: CISCO
In Italy the percentage is higher. 43% of people are in favor of public institutions.
Relationship with artificial intelligence
The survey also focused on artificial intelligence (AI). Specifically: Can AI improve our lives? Should the data introduced and used by artificial intelligence be anonymous?
Credits: CISCO
On the right of the slide, the data expresses uncertainties about AI. Generative artificial intelligence (ChatGPT and/or others)
The question was asked: what information is entered into these systems by users?
Source CISCO
Work information39%Name37%Health information32%Financial and religious information28% and 27%Account and identification numbers25%.
A first conclusion of the survey presented during the Cisco Consumer Privacy Survay 2023
The CISCO survey shows that the people most concerned about the privacy and security of their data are the youngest. Consumers are concerned about privacy and AI, showing a loss of trust in organizations that use it. Only half of people who use generative artificial intelligence (Chat GPT or similar) take care not to enter personal or confidential data. Ultimately, this suggests that in the future, privacy management may become something more important to the next generation.
Artificial intelligence and cybersecurity
In this ideal relay, the baton passes into the hands of Giuseppe Massa, national head of cybersecurity. CISCO Cybersecurity Governance Representative in Italy. Two scenarios are highlighted. On the one hand, the security threats posed by artificial intelligence. On the other hand, how this same technology can be used to defend the security and privacy of businesses and customers. Does AI understood in all its nuances (artificial intelligence, machine learning, generative) represent a risk?
Credits: Cisco
In summary, yes. Generative artificial intelligence (e.g. Chat GPT) is capable of writing code. This has made life easier for anyone who wants to create software, even malware. Despite the restrictions placed on the use of this tool, the number of malware on the net has increased. The AI allows all kinds of attacks (listed under the “Swiss army knife” section). Phishing (by email). Subtraction of private information via social engineering. AI is capable of creating even more sophisticated attacks, such as deep-fakes. These are photos and sounds created from real content (images and sounds) which modify or recreate, in an extremely realistic manner, the features of a face and are capable of faithfully imitating a given voice.
It should be noted that the Dark Web already contains versions of generative AI (Chat GPT or similar) which can be used without any restrictions to generate any type of cyber attack. That's not all: among the many types of cyberattacks, AI makes it possible to create malicious systems that internally implement artificial intelligence, which gives them the ability to hide and evade antiviruses.
AI and vulnerabilities. In short: despite the very sophisticated algorithms that run them, introducing erroneous data into the machine's databases will result in erroneous decisions. And this can be made worse by software design errors. All Cisco technologies use artificial intelligence systems. Particularly in the area of cybersecurity
Credits: Cisco
Another interesting feature of Cisco networking equipment is the ability to analyze encrypted traffic. By analyzing network traffic without decrypting it, this function can detect the presence of malware by analyzing metadata (traffic descriptors).
Credits: Cisco
As a leading network infrastructure manufacturer, Cisco is very aware of IT security. One of the most effective countermeasures to intercept network attacks is due to its devices. Tools such as switches, firewalls or security applications are used as sensors. These “network sentinels” monitor and collect information which, once correlated, is sent to platforms.
These platforms, which harness the full power of artificial intelligence, compare traffic passing through the network to a correct standardized traffic model (a behavioral traffic model), looking for anomalies. Potential anomalies are then routed to SOCs, where cybersecurity specialists know how to distinguish inappropriate resource behavior from correct behavior.
Unlike in the past, the briefly described and very simplified analysis (network telemetry) is a fundamental aspect of cybersecurity. It is a new and modern integrated security management that leverages all layers of the network architecture, allowing the system to detect invisible attacks and critical points that would otherwise not be immediately identifiable . It thus guarantees the state of the company's cybersecurity.
Credits: CISCO
SOC & XDR
We do not pass” is the motto with which we could present the SOC (Security Operation Center). Just as France, in the last century, built its fortification circuit along the Franco-German border, the Maginot Line, from named after its designer, engineer André Maginot, companies have also erected their own cybernetic “Chinese wall” to defend their digital borders. They use installations equipped with cutting-edge technology and specialized personnel who guard. their digital fortress 24 hours a day, ready to intervene to neutralize any digital threat or attack.
SOC
The SOC is nothing more than a complex structure, represented by a centralized operations room, where highly specialized personnel, such as software engineers, program analysts, with the help of tools making also using AI, continuously monitors network traffic, suspicious activity, access and credentials to protect company data and resources. One of the tools available to the SOC is XDR (Extended detection and response) technology which, in CISCO's vision, must represent the main dashboard, the fundamental control panel that the operator must use. In this tool, all data coming from: Endpoint, Network, Mail, Cloud, Authentications, Control.
All traffic analysis systems are used to power the XDR which, by correlating and contextualizing data, is able to automatically alert the network operator of critical issues. The advantage of XDR technology is that it is a single tool in which all the information collected by the network, enriched with other contributions, circulates together, without the need to go through other control lines or through remote connections with other types of equipment. This would be a waste of time at the expense of effectiveness and efficiency. Therefore, these tools are also able to give an immediate response thanks to policies predefined by the operator itself.
Credits: CISCO
Conclusions on Cisco Consumer Privacy Survay 2023
Artificial intelligence (AI) certainly represents a revolutionary technology, including in the field of cybersecurity. Like all technologies, its misuse represents a real risk. Cisco is investing heavily in innovation to strengthen business security and make the work of cybersecurity teams easier.
Training
Although CISCO is not active in the training field, it is very active in cybersecurity scholarships, education, and training. Its Networking Academy offers basic training and professional training.
Cybersecurity is an area in which there is strong demand from companies, but where the supply of professional profiles is still insufficient, both in terms of number and skills. In the cultural field, the most recent and ambitious initiative was launched in collaboration with Assolombarda and the Municipality of Milan, as well as other companies, and concerns the Milano Smart City Alliance project.
In particular, the initiative of which CISCO is leading aims to provide basic IT security training to all citizens of Milan and beyond. Officially announced by the municipality of Milan at the end of September, it was also joined by the municipalities of Rome and Monza.