Skip to Main Content
(Press Enter)

Security, privacy, and trust resources

Being trustworthy, transparent, and accountable are key to Cisco's approach to security and privacy.

Empowering people through a foundation of security, privacy, and trust

Today, almost everything is connected and generating data. These connections have become fundamental to our communities, livelihood, and futures. We have unprecedented opportunities to boost human potential through technology innovation, enabling us to solve urgent societal problems like decarbonizing energy, preventing and curing deadly diseases, and feeding a hungry planet. Yet these new capabilities require connections that also make us more vulnerable unless we proactively address the security and risk challenges that come with innovation. While organizations have always needed security and privacy to protect and secure their customers, operations, solutions, and data, today’s risks and challenges have made these disciplines mission critical.

Our holistic approach to security and privacy sets us apart. The Cisco Trust Portal provides customers with access to security and privacy documents, offering assurances that Cisco solutions align with market security and privacy expectations. The Cisco Trust Center demonstrates our thought leadership across our principles of trustworthiness, transparency, and accountability.

Trustworthiness

We strive to build security and privacy in and throughout each of our solutions' lifecycle. Our solutions are designed to secure and protect personal data and customer data by design and default, creating a competitive advantage for our customers by helping to make their critical infrastructure, applications, and data more secure.

Transparency

We are open and transparent about the security and privacy approach we take across our solutions portfolio, including our compliance with global standards, certifications, and government regulations. And we share our cyber-resilience strategies with organizations around the world with the intention of collectively raising the bar for global cybersecurity and trust.

Accountability

Cisco’s dedicated team of security and privacy experts supports our customers’ business resilience and continuity by being proactive and providing timely detection, notification, response, and remediation of security incidents.

  • Our Security & Trust infographic provides a closer look at the people, processes, technology, and policies that enable Cisco to help protect the security and privacy of our customers.
  • The Cisco Security Vulnerability Policy and Cisco Security Advisories provide guidance and information in the event of a reported vulnerability in a Cisco product or service.
    • Cisco Product Security Incident Response Team (PSIRT) adheres to ISO/International Electrotechnical Commission (IEC) 29147:2018—for disclosure of potential vulnerabilities established by the International Organization for Standardization (ISO)—grounding our work in receiving information about potential vulnerabilities from the public, handling and using those reports, and communicating transparently about our findings.
  • Cisco Event Responses provide information about security events that have the potential for widespread impact on customer networks, applications, and devices.
  • We hold ourselves accountable for resolution of security and privacy incidents. When issues arise with Cisco’s solutions, our global Security Incident Response Team responds swiftly, using a playbook with documented resolution procedures.
  • When security or privacy incidents occur, our Computer Security Incident Response Team and Data Incident Response Team perform 24/7 comprehensive incident investigation and prevention.
  • Cisco Talos is a proven and trusted threat intelligence research team comprising world-class researchers, analysts, and engineers. Talos powers the Cisco portfolio with comprehensive intelligence that supports our customers' environments, every single day, all over the world. Talos provides verifiable and customizable defensive technologies and techniques that help customers, users, and the Internet at-large quickly protect their assets, including:
    • Talos Incident Response offers a full suite of proactive and emergency services to help organizations prepare, respond, and recover from a breach.
    • Reputation Center provides access to expansive threat data and related information for domains, Internet protocols, and files.
    • Talos Vulnerability Research investigates software and operating system vulnerabilities to discover them before malicious threat actors do. We provide this information to vendors so they can create patches and protect their customers as soon as possible.
    • The Talos Blog shares the latest threat research on malware campaigns, nation-state activity, and indicators of compromise, while the Threat Source newsletter offers a weekly recap of some of the biggest headlines in cybersecurity. The Beers with Talos podcast series explores all things security, while Talos Takes breaks down complex issues for listeners.
    • Talos Year in Review is an annual analysis of key incident trends that affect organizations. The 2024 report will be available early in 2025.
  • We are committed to maintaining strong protections for our customers, solutions, and company. The Cisco Online Privacy Statement captures our approach to earning and growing customer trust and is also available in summary form.
  • Cisco supports free and trustworthy data flows, providing third-party attestations of its privacy practices, assuring customers that Cisco meets its privacy and data protection obligations, and offering its solutions worldwide. To this end:
    • Cisco’s global privacy program and policies have been approved by EU privacy regulators as providing additional safeguards for protecting privacy, fundamental rights, and freedoms of individuals for transfers of personal data protected under EU law. Cisco’s EU Binding Corporate Rules—Controller provide that international transfers made by Cisco as a controller worldwide of EU Personal Information benefit from additional safeguards.
    • For customers who prefer contractual commitments of adherence to EU privacy requirements, Cisco enters into Standard Contractual Clauses, which are incorporated into our Data Protection Agreement.
    • Cisco’s global privacy program is certified under the Asia Pacific Economic Cooperation (APEC) Cross Border Privacy Rules system (CBPRs) and Privacy Recognition for Processors (PRP). The APEC CBPR system and PRP provide a framework for organizations to help protect personal data transferred among participating APEC economies.
    • Cisco is EU-U.S. Data Privacy Framework (DPF) and Swiss-U.S. DPF certified for the transfer of personal data, and Cisco and its U.S.-based subsidiaries comply with the EU-U.S. DPF, the U.K. Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF for transfers of personal data from the EU, European Economic Area, United Kingdom (and Gibraltar), and Switzerland to the United States.