Cisco Blogs


Cisco Blog > Energy - Oil & Gas and Utilities

Securing Your Industrial Networks by Aligning IT and OT

In the first six months of 2013, 53 percent of cybersecurity incidents were in the energy sector, according to the Department of Homeland Security. As cyber-attacks are becoming increasingly prevalent in industries that support our critical infrastructure, it’s crucial that business leaders adopt security process designed to address these new threats. Are you ready?

While I was at CERAWeek last month, former US Secretary of Energy, Daniel B. Poneman, and Under Secretary, NPPD, US Department of Homeland Security, Suzanne Spaulding had a  message to attendees. Their message was clear:

Cyber Security is a “C-Suite” topic of Enterprise Risk Management.

Their recommendations are strong: Security needs to be baked it in from the beginning! Physical and Cyber Security and Secure Coding of Software!

• Implement Layered Protection; we cannot depend on just a perimeter defense
• Apply Cyber Security Framework: 1. Assess, 2. Protect, 3. Detect, 4. Respond, 5. Recover
• Attend to the nexus of Physical and Cyber Security
• Test your response, including business recovery and continuity

Digital strategy and business strategy are becoming one and the same. Forward-looking energy firms see opportunity in today’s turbulent market and seek to pull ahead by changing their operating models through the Internet of Everything (IoE). Transformative digital technologies have to potential to deliver many advantages to O&G firms, including increased business agility and risk awareness, lower cost of operations, and reduced downtime. But before the industry can embrace these new strategies, an effective, end-to-end cybersecurity approach—including alignment between IT and OT—is needed.

Security a Catalyst for Transformation
Digital transformation means that a range of new and diverse devices are connecting to industrial oil and gas networks, generating greater amounts of data. When managed effectively, this data delivers the right information to the right place, at the right time, helping create a competitive advantage. However, as the IoE proliferates, the accompanying explosion of devices and applications will lend itself to increased areas of attack that criminals will seek exploit.

Oil and gas companies must replace traditional approaches like physical segmentation and security by obscurity. They need an integrated approach where information flows in real time to enable immediate action. Cybersecurity doesn’t need to be an inhibitor. It should be the catalyst for new ways of working. It can help oil and gas companies work more safely and better protect the environment by obtaining remote visibility and control over operations, including processes in refineries. It can make processes more efficient, increase production and reduce overall costs.

Addressing the Entire Threat Continuum
Cyber-attacks occur on a continuum of before, during, and after. The same digital hyper-connectivity that oil and gas managers use to collect data and control machines and processes, can also allow cyber attackers to get into system networks and steal or alter classified information, disrupt processes and cause damage to equipment. Threats to a company’s information systems and assets could come from anywhere. State and non-state actors from around the globe are constantly working to penetrate the networks of energy providers and other critical infrastructures in the U.S.

Energy firms must address this entire continuum with a visibility-driven, threat -focused, and platform-based framework:

  • Visibility-driven means having an accurate, real-time view of the network fabric, endpoints, mobile devices, applications, virtual environments, the cloud, and their interrelationships. High visibility allows you to make sense of billions of devices, applications, and their associated information, while helping you see an attack coming, control the environment, and mitigate threats.
  • Threat-focused means focusing on detecting, understanding, and stopping threats. Policies and controls reduce the surface area of attack, but threats still get through. Focusing on threats can help you identify threats and indicators of compromise based on a well-honed understanding of normal and abnormal behavior. This requires continuous analysis and real-time cybersecurity intelligence across all technologies. With contextual awareness, you can identify false-positives and assess the impact of a threat.
  • Platform-based means we have an integrated system of agile and open platforms that cover the network, devices and the cloud. It is a true platform of scalable, easy-to-deploy services and applications. You gain powerful end-to-end visibility with centralized management for unified policy and consistent controls

Securely Converge IT and OT
As oil and gas companies embrace the IoE, they bring together the use of information technology (IT) and operational technology (OT). Security needs to be as pervasive and applied in a unified way across the extended network. Physical and cybersecurity solutions must work intelligently together to reduce unauthorized system access – in order to protect networks, devices, applications, users and data. For example, in many oil and gas companies today, upstream and downstream domains use different solutions for common tasks such as asset performance management. In addition, OT is often managed autonomously from IT, even for critical functions such as reliability and cybersecurity.

Cisco has the broadest set of solutions covering the broadest set of attack vectors, leveraging both global and local intelligence. Cisco’s Secure Ops Solution is helping oil and gas companies secure industrial control networks by combining on-premises technology, processes, and managed services. For example, Royal Dutch Shell (Shell) was challenged with increasing its security maturity level. By implementing the Secure Ops Solution, Shell was able to improve its cyber security and risk management, lowering costs of delivery while significantly reducing its costs of securing the process control systems that keep billions of pounds of toxic material under control. Cisco Secure Ops Solution provides remote proactive monitoring and Service-Level-Agreement (SLA) driven management of security, applications and infrastructure, making it easier to:

• Manage cyber-security risk.
• Support compliance.
• Secure the perimeter between enterprise and operational networks.
• Implement and maintain layered security controls

How can Cisco help your energy organization? Read More »

Tags: , , , , , , , , ,

Cisco Partner Summit 2015: Final Thoughts from Bruce Klein

MVPS

Since the close of Cisco Partner Summit 2015, I have brought you interviews with John Chambers, Rob Lloyd, Edison Peres and Sherri Liebo. Each gave their thoughts on important takeaways and announcements from Partner Summit and Marketing Velocity. I also put together a montage of interviews with numerous other executives from last week.

To close out the executive interviews during this week of wrap up coverage from Montreal, let’s hear Bruce Klein’s thoughts on this year’s Partner Summit:

So there you have it. A little later today I am bringing back the Weekly Rewind blog and I will have full recap of the events from last week there as well.

It’s a unique opportunity I have to speak with the executives every year at these events and I hope it’s worth it to you for me to relay those conversations. I would like to thank all the Cisco executives who were able to make time in their busy schedules to speak with me and a huge thanks to my co-workers and crew who help make these video interviews such a success each year. Finally, none of this is possible without you, the Cisco partners. Thank you, as always, for reading my blogs and for all your feedback on how to make these blogs and videos better.

Tags: , , , ,

Cisco Fellow talks to Telecom TV about 5G and Information Centric Networking

While at the NGMN Industry Conference in Frankfurt, Germany, the folks from Telecom TV interviewed Paul Polakos, Cisco Fellow. Paul is our CTO office lead for 5G research. During this interview, Paul talks about Cisco’s active work driving towards 5G technology. Cisco is active in both Research and Development and the various standards organizations that are focusing on 5G development (like 3GPP, NGMN, etc.). Cisco is also working with our customers to align strategies.

Mr. Polakos stresses that 5G is about diversity of uses cases and devices unlike what we have seen in all the previous generations (i.e. 3G, 4G).

Cisco is very interested in Information Centric Networking (ICN) as a possible solution Read More »

Tags: , , , , ,

Cisco Marketing Velocity and Partner Summit 2015: Thank You Social Ambassadors!

MVPS

I always want to provide you with the best coverage possible for Marketing Velocity and Partner Summit each year. Often that means giving you a perspective other than my own. For instance, earlier today I posted the main takeaways from our Cisco executives. Sometimes though, the best way to give you an even more transparent look at these Cisco events, an outside perspective is preferred.

This is exactly why we ask select Cisco partners each year to work with us as social ambassadors for these events. Their insight at events like Marketing Velocity and Partner Summit are invaluable. This is our fourth year of the Cisco social ambassador program and it gives a unique look at both of these events.

This year, we had 10 Cisco Partner Summit Ambassadors who represented different backgrounds and regions, and who focused on different events. We invited each of them to participate in Cisco Partner Summit 2015 as official social ambassadors who focused on tweeting and blogging about things they heard at our annual events. In addition, three of them were performing the same duties around Cisco Marketing Velocity before moving on throughout the week to give you a marketer’s perspective on Partner Summit.

There are always great stories to tell at these events, and who better to tell them than the partners themselves. Some ambassadors were on site with us in Montreal, while others participated via Virtual Partner Summit (VPS), but in both cases, the partner ambassadors did great work in capturing everything they heard last week. Read More »

Tags: , , , , ,

Building the Cable Access Network for the Next Decade

When I talk with service provider customers these days about their goals, it’s a very different conversation than in the past. It’s no longer just technology and procurement people in the room; more and more, the people launching the actual services are steering the discussion. And they don’t want to hear about all the complexity of what happens in the network, or focus on cable modem termination system (CMTS) speeds and feeds.

These customers are facing stiff competitive pressure to scale bandwidth many times more than what the current network supports. They’re looking to increase top-line revenues by launching new cloud-enabled services Read More »

Tags: , , , , ,