Cisco builds AI agents to defend IT against AI attacks
TL;DR:
- Cisco has launched Cloud Control, a system letting businesses and governments build and manage AI agents that watch over their IT systems and block intruders.
- The pitch: cyber threats increasingly come from swarms of AI agents, so defenders must respond at “machine scale” rather than human scale.
- Cloud Control includes an app-store-style marketplace for AI coding tools, starting with OpenAI’s Codex embedded directly in the platform.
Cisco’s framing reflects a shift in the threat model. As attackers deploy autonomous agents to probe and exploit systems faster than humans can react, the company argues defence has to be automated in kind. “You can no longer do things at human scale,” said DJ Sampath, who leads Cisco’s AI software and platform work.
The agent-versus-agent era
The launch is deliberately timed against Anthropic’s forthcoming Mythos model, which some experts fear could supercharge cyberattacks by exploiting software vulnerabilities at scale — the same capability that has already prompted UK banks to seek access to defensive cyber-AI tools. Cisco’s answer is to give customers the means to assemble their own defender agents quickly, betting they will reach for AI coding tools to do so. Its marketplace, taking a cut of sales, signals the platform economics emerging around enterprise AI security.
For UK businesses, the development underlines that agentic AI is becoming both the threat and the shield. Security teams already stretched by conventional attacks now face adversaries operating continuously and autonomously — and vendor tooling to govern and counter autonomous agents inside corporate networks is moving from concept to product. The risk is a new dependency: defending with proprietary agents ties organisations more tightly to the platforms selling them.
Looking forward
Cloud Control is available in North America now, with the third-party marketplace due in the second half of 2026. UK availability and uptake will be worth watching as agentic threats spread. The deeper question for security leaders is governance — who audits the defender agents, and how organisations retain oversight of autonomous systems acting on their behalf at machine speed.