Cisco Blogs


Cisco Blog > Internet of Everything

A Turning Point for Oil and Gas: Managing Through Turbulence to Digital Transformation

This is a big week for the global energy industry, as thousands of energy leaders, experts, technologists, and policymakers gather in Houston, Texas, for the 34th annual CERAWeek conference, the premier international event for the industry. As a corporate sponsor of the event, it’s also a big week for Cisco.

Just last week, Cisco released a new report focused on the need for digital transformation in the oil and gas industry. Based on a survey of oil and gas executives, analysts, and consultants in 14 countries, the paper validates CERAWeek’s “oil day” theme, “Turning Point for the Oil Industry.” For forward-thinking oil and gas companies, the price volatility and turbulence in the market could represent a turning point toward true digital transformation. Read More »

Tags: , , , , , , , , , , , , , , , ,

Building Professional Skills for the Internet of Things

In my conversations with our customers and partners, one of most frequent topics is the need of aligning the skills of the Operational Technology (OT) and Information Technology (IT) professionals to the new capabilities offered by Internet of Things (IoT) related technologies and solutions, and the changing conditions and demands of the business.

There is plenty of training in the market about configuring and maintaining all the new smart objects that are coming to the market. But the specific nature of these devices radically changes the way the essential infrastructure that is needed to interconnect them should be planned, designed, deployed and maintained. These are not traditional networks.

The IoT network infrastructure for all these new “things” has to deal with several new challenges. For one, IoT devices are not traditional computing devices. There are literally hundreds of different protocols used by these devices.  They may have very specific needs in terms of speed and frequency of connectivity.  Many of them are super susceptible to changes in delay and latency, some of them connect intermittently, while some others just come in range from time to time.  Many operate 24×7 under the harshest conditions, and a lot of them where designed to operate in hierarchical and closed loop networks.

Read More »

Tags: , , , , ,

Writing a new chapter of my story: Taking on the Internet of Things opportunity at Cisco

This week I’m excited to participate in an event we are organizing in Chicago, home of the 2014 Internet of Things World Forum.  We’re meeting with some of our partners and customers as we make a few joint announcements – including a new IoE Innovation Center in Barcelona, and showcasing some new solutions built on our platform by some of our partners. Additionally, I’m getting a preview of some of the amazing smart & connected deployments in Chicago – a preview for the IoT World Forum.

I am writing this blog as I gear up to lead Cisco’s Internet of Things (IoT) Systems & Software Group. Over the last few weeks I’ve spent time getting to know the group and have been struck by the tremendous energy and focus on customers and partners the team has.  I’m also excited about how dynamic the Internet of Things space is.

While we’ve calculated the total economic value at stake for Internet of Everything by 2020 – $19T – and the number of potential connected devices – 50B – these nearly unfathomable numbers may, honestly, not pan out exactly to the decimal.  The Internet of Everything could be smaller or, more likely, much much larger – but the overall point is that more and more people, process, data, and things are connecting.  Professor Michael Nelson of Georgetown University has said that “Trying to determine the market size for the Internet of Things is like trying to calculate the market for plastics, circa 1940.”  At that time it would have been nearly unfathomable for the numbers of existing things – milk containers, furniture, industrial components – to be made into plastic.  And just as plastics have pervaded every part of our lives and enabled new industries, the connections created by Internet of Everything will too. I think that’s a great way to think about the untapped potential of this market. Read More »

Tags: , , , , , ,

HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments

The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary target. See Cisco’s security blog post for technical details on this latest variant.

When I discuss security with those managing SCADA, ICS and other OT environments, I almost always get the feedback that cybersecurity isn’t required, because their systems are physically separated from the open Internet. This practice, referred to in ICS circles as the “airgap”, is the way ICS networks have been protected since the beginning of time; and truth be told, it’s been tremendously effective for decades. The problem is, the reality of the airgap began to disappear several years ago, and today is really just a myth.

Today, networks of all types are more connected than ever before. Gone are the days where only information technology (IT) networks are connected, completely separated from OT networks.  OT networks are no longer islands unto themselves, cut off from the outside world. Technology trends such as the Internet of Things (IoT) have changed all of that. To gain business efficiencies and streamline operations, today’s manufacturing plants, field area networks, and other OT environments are connected to the outside world via wired and wireless communications – in multiple places throughout the system! As a result, these industrial environments are every bit as open to hackers and other cyber threats as their IT counterparts. The main difference, of course, is that most organizations have relatively weak cybersecurity controls in these environments because of the continued belief that an airgap segregates them from the outside world, thereby insulating them from cyber attacks. This naivety makes OT environments an easier target.

The authors of HAVEX certainly understand that OT environments are connected, since the method of transmission is via a downloadable Trojan installed on the websites of several ICS/SCADA manufacturers. What’s considered a very old trick in the IT world is still relatively new to those in OT.

It’s absolutely essential that organizations with ICS environments fully understand and embrace the fact that IT and OT are simply different environments within a single extended network. As such, cybersecurity needs to be implemented across both to produce a comprehensive security solution for the entire extended network. The most important way to securely embrace IoT is for IT and OT to work together as a team. By each relinquishing just a bit of control, IT can retain centralized control over the extended network – but with differentiated policies that recognize the specialized needs of OT environments.

We’ll never completely bulletproof our systems, but with comprehensive security solutions applied across the extended network that provide protection before, during, and after an attack, organizations can protect themselves from most of what’s out there. A significant step in the right direction is to understand that the airgap is gone forever; it’s time to protect our OT environments every bit as much as we protect our IT environments.

Tags: , , , , , , , , , , , , ,

Summary: The Extended Network Requires Security That’s the Same, Only Different

Information Technology (IT) and Operational Technology (OT) networks have historically been completely separate, with users of each living in blissful isolation. But the Internet of Things (IoT) is changing all of that! In the IoT paradigm, IT and OT professionals will need to work together to drive pervasive security across the extended network. The same security tools will need to be applied consistently across the extended network, but with differentiated policy enforcement to account for differences between the two environments.

Read the full blog post to learn more.

Tags: , ,