How would you design a system to detect and respond to advanced persistent threats targeting Cisco environments?