Cisco Blogs


Cisco Blog > Government

Federal Agencies and the Internet of Things

Earlier this week, Federal Computer Week ran an article – “Are agencies really ready for the Internet of Things?” – that discusses the potential challenges government agencies face when implementing the Internet of Things (IoT). The article’s author spoke to Gary Hall, chief technology officer for Federal Defense at Cisco, about these challenges, as well as why federal agencies can’t afford to ignore IoT any longer.

The biggest concern that all organizations have with IoT is the massive scope it involves – there is a huge volume of data being produced and a need to store and process it all. Even just the number of connected devices is expected to explode in the coming years, growing from around 16 billion today to 50 billion by 2020. “Humans can’t deal with the volume of data we’re producing,” Hall said.

All this data means more chances for security breaches as well, which is especially worrying for federal agencies. In this case, awareness is key, as Peter Romness, a business development manager Cisco, spoke about at a recent GovLoop seminar. Romness cautioned that there is no “silver bullet” defense, so agencies must prepare to deal with inevitable hacks. “It’s not a question of if you’re going to get hacked, it’s a matter of when,” he said.

Despite these concerns, IoT experts agree that federal agencies cannot avoid the issue any longer, and if they haven’t already started planning for IoT implementation, they’re behind. Cisco estimates that IoT will generate $4.6 trillion for the public sector over the next 10 years, and agencies that are too wary of potential security issues risk missing out on this value. “This is the next big disruption,” Hall said. “It’s important that we aren’t so afraid of the fear of attack that we don’t realize the value.”

For example, the General Services Administration (GSA) – which manages nearly 10,000 government-owned buildings around the county – is reaping the rewards of its IoT- building management initiative, GSALink. GSA collects almost 30 million data points from sensors throughout its buildings, constantly monitoring everything from light to humidity. Using this data, GSA is able to optimize conditions when workers are present and save on energy costs when buildings are empty. IoT can add significant value like this to all federal agencies – they just have to take advantage of it!

Read more about how IoT can transform the public sector here, and check out more thoughts from Cisco’s experts like Gary Hall on our blog.

Tags: , , , , , , , ,

IoE and Big Data Part 2: Defining the Information Architecture

For an IT department, big data may be the largest and most complex challenge that comes with the Internet of Everything (IoE). We must be able to manage, process, and make that data available to many users and applications so they can turn it into valuable business insights. Read More »

Tags: , , , , , , , , ,

Game Theory and the Power of Innovating as an Industry

The recent passing of John Forbes Nash made me wonder how his ingenious game theory can be applied to technology innovation.

Very simply put, Nash’s theory of equilibrium puts forth that outcomes are more attainable for all parties when they work cooperatively toward a goal rather than against each other in isolation. Knowing each other’s mindset and working together gives each party a better chance at achieving his or her objective than working on their own.

This theory has been used to analyze everything from wars and sports to evolutionary biology and games of skill. Read More »

Tags: , , , , , , , , , ,

Why I Love Big Data Partner Series 5: Cisco and Splunk: The Weapons of a Security Warrior

In this 5th why I love big data blog series, I am joined by Jeff Aboud from Splunk to outline why big data security analytics is essential to today’s security challenges.

Untitled SplunkJeff Aboud, Sr. Solutions Marketing Manager, Security Markets, Splunk Jeff Aboud has more than a dozen years in various areas of the security industry, spanning from the desktop to the cloud, including desktop AV, gateway hardware and software, encryption technologies, and how to securely embrace the Internet of Things. His primary focus today is to help business and security professionals understand how to visualize, analyze, and alert across a broad range of data sources in real time to maximize their security posture.

 

 

It’s no secret that advanced threats and malicious insiders present increasing security challenges to organizations of all sizes. Security professionals know that it’s not matter a question of if, but when an attack will successfully breach their network. Visibility is often what makes the difference between a breach and a major security incident, and enables proactive security posture throughout the attack continuum – before, during, and after the attack. It’s also essential to understand that the fingerprints of an advanced threat are often located in the “non-security” data, so the effective detection and investigation of these threats, before your data is stolen, requires security and non-security data.

So what does all this really mean, and how can you use it do dramatically improve your security posture?

You need to integrate and correlate the data from your firewalls, intrusion prevention, anti-malware, and other security-specific solutions along with your “non-security” data such as the logs and packet information from your servers, switches, and routers. This is no easy task with the large number of different security solutions present in most enterprise networks. But having all your data at your fingertips will help you improve your detection capabilities and automate the remediation of advanced threats.

But how can you do this, since Security Information and Event Management (SIEM) systems only look at traditional security sources? The partnership between Splunk and Cisco is the answer. Splunk is integrated across Cisco security platforms, as well as other places throughout the network including various Cisco switches, routers and Cisco Unified Computing Systems (UCS) to deliver broad visibility across your environment.

Together, Splunk and Cisco provide security and incident response teams the tools they need to quickly identify advanced threats, visualize them in real-time across potentially thousands of data sources, and take automated remediation action on Cisco firewalls and intrusion prevention systems. Read More »

Tags: , , , , , ,

The Network as a Security Sensor and Enforcer

The Digital Economy and the Internet of Everything means everything is now connected. Digitization is fundamentally transforming how we conduct business. It creates new opportunities to develop services and engage with employees, partners, and customers. It’s important to understand that digitization is also an opportunity for the hacking community, presenting new services, information, data, devices, and network traffic as attack targets. To take full advantage of the digitization opportunity, security must be everywhere, embedded into and across the extended network – from the data center to the mobile endpoints and onto the factory floor.

Today, Cisco is announcing enhanced and embedded security solutions across the extended network and into the intelligent network infrastructure. These solutions extend security capabilities to more control points than ever before with Cisco FirePOWER, Cisco Cloud Web Security or Cisco Advanced Malware Protection. This is highlighted in Scott Harrell’s blog. We are also transforming the Cisco network into two roles: as a sensor and as an enforcer of security.

The role of the Network as a Sensor The network provides broad and deep visibility into network traffic flow patterns and rich threat intelligence information that allows more rapid identification of security threats. Cisco IOS NetFlow is at the heart of the network as a sensor, capturing comprehensive network flow data. You can think of NetFlow as analogous to the detail you get in your monthly cellular phone bill. It tells you who talked to whom, for every device and user, for how long, and what amount of data was transferred – it’s metadata for your network traffic.

Visibility to network traffic through NetFlow is critical for security, as it serves as a valuable tool to identify anomalous traffic on your network. Watching NetFlow, we gain an understanding of the baseline traffic on the network, and can alert on traffic that is out of the ordinary.  The network is generating NetFlow data from across the enterprise network all the way down to the virtual machines in the data center.  This gives us visibility across the entire network, from the furthest branch office down to the east-west traffic in the data center.  Read More »

Tags: , , , , , , , , , ,