Techaisle Analyst Insights

On Monday morning, 1^st June, 2026, a total of 1,500 customers had self-onboarded onto Cisco IQ. By evening, it was 1,600. Tuesday morning, 1,700. By the time I left Cisco Live 2026 in Las Vegas, Tuesday evening, I was told the number had crossed 2,000.

But I am getting ahead of myself.

The Constraint Cisco IQ Removes

Enterprise support has been a reactive business for twenty years, and not for lack of ambition. It was reactive because it was blind. Between audits, no vendor had an accurate, up-to-date picture of what a customer was running, which devices were exposed, and which had drifted out of compliance. Support waited for the failure and billed to fix it. That blindness, not the absence of AI, is the constraint that defined the category.

Cisco IQ removes the constraint. At its simplest, it is an intelligence layer that sits over a customer’s entire Cisco estate. Strip away the module names, and what it does is make that estate continuously legible. It fuses asset telemetry pulled from the live network, contract and entitlement records, and two decades of support history into a single, always-current model of what the customer runs, and it reasons over that model without waiting to be asked. The AI is the visible part, but it sits atop the harder thing: a reconciled, constantly updated model of the estate. That model is what competitors cannot easily reproduce, because it is built from years of data rather than shipped as a feature.

Cisco Owns the Control Plane of the Agentic Era. Nobody knows it yet.

The market is currently operating under the assumption that the architectural gravity of AI belongs entirely to the orchestration layer of the hyperscalers or the workflow engines of SaaS giants. But those software surfaces only control logic within their own proprietary walls or virtual boundaries. When an autonomous agent goes rogue, encounters a looping cost explosion, or faces a machine-speed exploit, that liability manifests in the physical world as a network routing challenge, a telemetry event, and a data-fabric security crisis.

By building the infrastructure that unifies visibility and enforcement from the silicon to agent-action trust, Cisco has quietly captured the layer that governs how autonomous workloads actually execute.

Cisco did not join the AI conversation. It redefined it.

For 2 years, enterprises have funded the AI buildout as a capacity race, measured in GPUs, power, and capex, on the assumption that compute is the scarce input. It is not. Compute that cannot be connected, secured, and operated at scale is stranded capital, and most AI infrastructure budgets have underfunded the layer that decides whether the GPU spend ever produces a business outcome. Cisco used Cisco Live 2026 to name that gap and claim it. Capacity commoditizes. Control compounds. The contest that decides the next decade of enterprise infrastructure is the contest for the control plane of agentic AI, from programmable silicon to agent-action trust, and Cisco is the only company holding the full stack.

That reorders the buying decision. If control, rather than capacity, is where durable value accrues, the criteria most businesses use to select AI infrastructure are wrong-footed, because the vendor best positioned is not the one selling the most compute but the one that governs how compute is connected and trusted. Cisco just claimed that position, and every announcement at the event is a move to occupy it.

The swarm breaks the assumptions networks were built on

The Sub-OS Threat Landscape: Expanding the Perimeter

For the better part of the last decade, enterprise security operations centers (SOCs) have monitored, modeled, and mitigated hardware and firmware-level vulnerabilities. Yet for SMBs and midmarket organizations, this subterranean threat vector remains a massive blind spot. Most of these businesses allocate their cybersecurity budgets heavily toward operating system-level defenses - Endpoint Detection and Response (EDR), Next-Generation Antivirus (NGAV), and perimeter firewalls. Their entire security model inherently assumes the operating system is the foundational, immutable layer of their security posture.

This assumption is structurally flawed. Advanced threat actors are actively bypassing crowded OS-level defenses by dropping lower into the technology stack. Techniques like BIOS tampering, supply chain interdiction, and the deployment of persistent firmware rootkits - designed specifically to survive complete OS wipes and hard drive replacements - are proliferating rapidly. These are no longer bespoke, nation-state-only techniques. The malicious toolkits have been commoditized on the dark web, shifting the economics of cybercrime. Today, a 200-person regional manufacturing company or a mid-sized healthcare clinic is a highly viable target for the exact same class of sophisticated sub-OS attack once reserved for defense contractors.

For SMBs and mid-market enterprises, the calculus around endpoint security has shifted from standard technology procurement to a critical risk management challenge. SMBs are confronting existential threats from commoditized sub-OS attack kits that easily bypass legacy OS-level defenses, yet they operate without the financial shock absorbers or dedicated security headcount to survive a resulting breach. Conversely, mid-market organizations are caught in a severe compliance squeeze. As they integrate into larger enterprise supply chains or federal defense networks, they are held to stringent, auditable standards that their lean IT teams are ill-equipped to manage natively. This dual pressure creates a hard reality: these organizations cannot secure what they cannot cryptographically verify, but they also cannot operationalize that verification without external managed services. Sub-OS telemetry is no longer just a feature upgrade for these segments; it is a structural necessity that relies entirely on the channel ecosystem to deploy, monitor, and effectively manage.

Dell’s endpoint security roadmap, formalized as Dell Trusted Workspace, is a direct architectural response to this shift. The strategy is methodically organized around three intersecting layers: security “built with” the device (focusing on supply chain and component verification), “built in” to the native hardware (delivering firmware, identity, and BIOS protections), and “built on” through deep software integrations with third-party security vendors. The underlying technology in this stack represents a significant architectural shift, but the strategic imperative - and the core focus of this assessment - lies in how SMBs with zero dedicated security staff, lean midmarket IT teams, and the channel partners that serve them can actually operationalize these complex capabilities.

As the cybersecurity industry gathered for RSAC 2026, the prevailing narrative underwent a seismic shift. The conversation moved decisively beyond the theoretical risks of generative AI into the operational realities of securing an agentic workforce. Vendors, channel partners, and enterprise customers collectively confronted a sobering truth: as everything moves toward agentic models, a fundamental rethinking of cybersecurity is required. Cisco’s announcements at the conference served as a critical focal point for this industry-wide pivot. The company unveiled a free-tier Explorer Edition for its AI Defense platform, introduced algorithmic red-teaming and a runtime SDK for agent validation, integrated a Model Context Protocol (MCP) proxy into Cisco Secure Access for agent-level action control, launched DefenseClaw - an open-source secure agent framework with NVIDIA OpenShell integration - and expanded its Splunk-powered “Agentic SOC” with six purpose-built AI agents spanning the full detection-investigation-response lifecycle.

For technology vendors and the channel partners responsible for architecting enterprise environments, the challenges are immediate and multifaceted. Organizations remain constrained by physical infrastructure limitations, struggling to securely network and connect the compute capabilities demanded by AI. Simultaneously, a pervasive trust deficit continues to hold customers back from moving as quickly as they desire with AI deployments. Compounding this is a growing data gap: while early AI was trained predominantly on human-generated content such as voice, video, and text, the emergence of physical and agentic AI necessitates greater reliance on machine-generated data and telemetry. Addressing these constraints demands a holistic, platform-driven approach - and Cisco’s RSAC payload attempted to address all three simultaneously.

Photo credit: Joely Urton

The Agentic Paradigm: When AI Stops Talking and Starts Doing

To understand the gravity of the current moment, one must dissect the evolutionary leap from chatbots to AI agents. The chatbot era was defined by human-to-AI interaction, in which the primary security concern was limiting what the AI might say. The risk profile was largely confined to data leakage, hallucination, or inappropriate outputs.

Agentic AI fundamentally alters this equation by automating complex workflows. These agents are designed to function essentially as co-workers, operating side by side with humans to drive unprecedented productivity. Consequently, the security industry’s primary worry has shifted from what AI says to what AI can do.

The defining, and perhaps most concerning, characteristics of AI agents are their operational velocity and literal interpretation of commands. Agents execute tasks relentlessly and entirely without judgment. They will do exactly what they are told to accomplish a task, which is not necessarily what the human operator actually meant. This autonomy means that even a minor failure or misinterpretation can instantly snowball into significant real-world consequences, transforming AI from a mere tool into a vast, active attack surface. The open-source ecosystem has already provided a vivid demonstration of this risk: the explosive adoption of OpenClaw - which attracted hundreds of thousands of GitHub stars within months - was immediately followed by a wave of critical vulnerabilities, including a remote code execution flaw, over 135,000 exposed instances on the public internet, and a coordinated supply chain attack that planted approximately 800 malicious skills into the ClawHub registry. These are not theoretical edge cases; they are the lived reality of what happens when agentic systems outrun their security foundations.

Cisco’s Tripartite Framework for Agentic Security

The threat landscape is already validating this urgency. Adversaries are using AI to compress attack cycles to near-instant exploitation windows; their targeting has shifted from basic credential theft to the centralized trust infrastructure - Active Directory, application delivery controllers, identity platforms - that will underpin agentic workloads, and most organizations are deploying AI on top of network foundations still riddled with legacy vulnerabilities. Against this backdrop, Cisco articulated a framework at RSAC that reimagines security for the agentic workforce, organized into three distinct operational pillars. For channel partners, this framework offers a structured lens for consulting engagements and a go-to-market motion for implementing AI security architectures.