Cisco launches new identity access management products, services

The digital enterprise’s old-boy “network” is establishing a strong, new identity.   

Networking monolith Cisco announced Wednesday the release of a new identity access management offering, Duo Identity and Access Management (IAM), which purported to “transform how organizations combat persistent identity-based attacks that are accelerating in the AI era.”  

Driven by the growing number of cybersecurity threats related to identity specifically, Cisco’s Duo IAM promised to promote better security by incorporating a user directory to “simplify storing user identities – including usernames, emails, and roles … managing their access to resources.”

The new Cisco Duo tools promised to work in conjunction with existing capabilities, including multi-factor authentication (MFA) and single sign-on (SSO) to give users easy and safe access to hundreds of applications from one login page.

The release comes in response to the increasing incidence of identity-related IT security attacks. IAM accounted for 3 in 5 incidents discovered by the Cisco Talos Intelligence Center last year. Cisco’s new Duo IAM promised to rectify these issues through its use of multi-factor authentication (MFA) and zero-trust parameters.

“The security industry is facing an 'identity crisis' as persistent identity-based attacks are among the most dangerous and costly challenges for security teams. Attackers don’t need to hack in, when they can simply log in,” said Jeetu Patel, Cisco’s president and chief product officer.

“While identity is the foundation of strong security, traditional IAM solutions have failed to prioritize security despite increasingly sophisticated threats," Patel continued. "With this massive innovation, Duo is moving beyond MFA and restoring trust in identity security with a fundamentally different approach that attackers hate, and users love.” 

Identity ranks as the most significant IT security challenge for nearly one-third of global enterprises, according to Cisco’s 2025 Cybersecurity Readiness Index. Yet for many organizations, IAM is considered a discretionary or tacked-on feature to security, rather than a purpose-built part of the foundation.

Cisco’s Duo IAM boasts a variety of benefits, including: an Identity Routing Engine, to allow for integration with third parties (including identity brokers or secondary providers); password-less authentication; the ability to connect and authenticate using Bluetooth Low Energy (BLE) via mobile devices; the removal of browser-based cookies to authenticate, thereby limiting session hijacking.

Towards the goal of building an interconnected network, Duo IAM will integrate with Cisco Identity Intelligence, linking up with identity and access data across the Cisco Security Cloud platform, incorporating AI analytics and threat detection, as well as “the ability to take graduated responses like quarantining an identity, killing active sessions or isolating the network.”  

“Identity breaches are no longer the exception — they're the rule,” said Todd Thiemann, principal analyst for the Enterprise Strategy Group, in a prepared release. “Seeing a trusted security brand like Duo broaden from access management to include identity management and provide a security-first approach in the market is both timely and refreshing.”

“In particular, their approach to end-to-end phishing resistance marks a major leap forward,” according to Thiemann, “not just in security, but also in ease of deployment, to combat the latest identity threats.”