Cisco today announced a security architecture for internet of things (IoT) environments based on multiple IoT technologies the company acquired in the last year that are augmented by Talos security monitoring software and services from Cisco.
Joe Malenfant, director of IoT at Cisco, said as IT and operational networks converge in the age of IoT, organizations are looking for ways to extend visibility across networks that are made up of a diverse number of protocols being employed to connect devices running a wide range of operating system software.
Cisco Cyber Vision analyzes traffic from connected assets and then creates segmentation policies that are applied with Cisco Identity Services Engine (ISE) and Cisco DNA Center, a network management platform, to prevent lateral movement of threats across IoT environments. Cisco Cyber Vision also makes use of Cisco Edge Intelligence software to extract data at the network edge. That approach, Malenfant noted, eliminates the need for Cisco customers to deploy a separate platform to manage IoT environments.
Malenfant said securing IoT environments is more challenging because cyberattacks against any specific platform tend to be highly crafted. In addition, most organizations don’t have a central repository to keep track of the location of devices connected to the internet.
Many of the attacks aimed at IoT devices are developed by nation-states with the intent to cripple, for example, critical industrial control systems. Securing those environments requires a security architecture capable of surfacing actionable intelligence in real-time that includes not just what type of attack is being made but also where that device is physically located, he added.
Unfortunately, most organizations are still trying to work through melding IT and operational technology (OT) teams to manage IoT environments. Most organizations don’t have a lot of cybersecurity expertise within OT teams, which tend to report to line-of-business executives. As such, many OT teams are now looking to internal IT organizations for that cybersecurity expertise, noted Malenfant.
It may be a while before best cybersecurity policies and practices catch up to the rate at which new devices are being connected to the internet inside many organizations. The good news is the gap should not be quite as large as it was when organizations started embracing mobile computing devices.
In the meantime, Malenfant said many organizations would be well-advised to start applying best DevSecOps practices to their IoT environments as well. Many of the applications being deployed at the edge would be much more secure if developers embedded controls directly within applications when they are being built and deployed. That approach would then make it easier to programmatically integrate platforms such as Cisco Cyber Vision, he added.
Naturally, Cisco is not the only major provider of security and networking software focusing on IoT security. The challenge organizations face now is not just determining which vendor to rely on but also how best to realign their own internal culture to rise to the IoT security challenge.