Cisco Blogs


Cisco Blog > Security

To Succeed with Big Data, Enterprises Must Drop an IT-Centric Mindset; Securing IoT Networks Requires New Thinking

October 7, 2014 at 2:54 pm PST

To help organizations who aspire to apply the power of big data enterprise-wide, Cisco provides a powerful, efficient, and secure infrastructure and a wide array of analytics solutions. In our previous blogs, others have highlighted the benefits of Cisco’s ability to provide the scalability, ability to process both real-time data and historical data with predictable, high performance, and the comprehensive management automation enterprises will need to keep pace with big data in the IoE era. Today, I’d like to begin a conversation about how enterprises can secure their increasingly distributed networks – and the data that is being transported across them – as we operate in an environment comprised of 50 billion connected devices (in just five years from now).

One of the key drivers of Big Data is the Internet of Things (IoT), when every connected ‘thing’ will be capable of producing data. IoT has become a popular topic of discussion amongst security company executives, analysts, and other industry pundits. As they discuss the technical details, it quickly becomes evident that many of the most experienced security professionals still approach IoT with an IT-centric mindset. Of course, they are partially correct. Securing an escalating volume of data requires rethinking our approach to security. Not only do security devices need to be faster, they need to navigate issues very specific to data centers and complex data flows. They need to be inserted as close to the traffic flow as possible, such as being positioned inline into East/West traffic flowing across the data center. They need to be able to track and secure asymmetric traffic, often across multiple locations. They need to be able to blend corporate policy with public standards. Finally, they need to move seamlessly across physical, virtual, and cloud environments in order to ensure seamless policy enforcement. Gone are the days when we can just hairpin traffic out of the data center to be inspected elsewhere. Speed and agility do not allow for that sort of bottleneck.

However, IoT is not only about the billions of new connected objects and inspecting the data they are producing. While the dramatic increase in the number and types of connected objects certainly expands the attack surface and dramatically increases the diversity of threats, they are only part of the IoT security challenge. Another new challenge is the convergence of the organization’s existing IT network with the operational technology (OT) network (e.g., manufacturing floors, energy grids, transportation systems, and other industrial control systems.) These new environments, usually omitted from traditional IT thinking, expand the depth of security challenges, and makes threat remediation remarkably more complex.

Big Data is not just being generated by web-enabled toothbrushes or smart appliances. For Big Data to be useful, the data that is collected needs to be actionable. Converging data needs to be able to turn on or off water supplies, ramp up manufacturing floors, redirect traffic, or manage the flow of electricity during peak usage. As a result, while IT and OT were once separate networks, they are now simply different environments within a single extended network ‒ but by no means are they the same! The architectures, operational needs, platforms, and protocols are vastly different for each of them, and drive radically different security requirements. As a result, security architectures, solutions, and policies that have proven effective for years in the IT world often don’t apply in OT environments, so attempting to enforce consistent security policies across the extended network is doomed for failure.

Protecting data confidentiality, especially at high volume, is IT’s primary concern, so when faced with a threat, a common immediate response is to quarantine or shut down the affected system. But OT runs critical, 24×7 processes, including critical infrastructures, so data availability is their primary concern. Shutting down these processes can cost an organization millions of dollars, and actually put the public at risk, so the cost of remediation may be greater than simply dealing with the aftermath of an infection. In addition, because OT is a human-based operation in what can often be dangerous working conditions, their focus is also on the safety of their operation as well as their employees. Because of these main differences, IT and OT teams have traditionally approached security in completely different ways. While IT uses a variety of cybersecurity controls to defend the network against attack and to protect data confidentiality, OT views security more in terms of secure physical access, as well as operational and personnel safety.

Securing IoT networks that need to participate in and respond to the demands of Big Data must go beyond today’s thinking. Rather than focusing on individual security devices, solutions need to be networked so they can collaborate to process increasing volumes of data into comprehensive, actionable security intelligence. By combining numerous systems, including cyber and physical security solutions, IoT-enabled security driven by Big Data can protect the entire interconnected environment outside threats, monitor and secure critical data and infrastructure inside specific domains, and even improve employee safety. As a best practice, IT should maintain centralized management over the entire security solution, including the use of open standards in order to see and coordinate with public standards, but IT also needs to develop a high level of sensitivity to and understanding of the specific needs of OT. This will allow them to enforce differentiated security policies to meet the specific needs, of the different parts of their network and provide localized control over critical OT systems while dealing with the operational demands of Big Data.

At the end of the day, IT and OT need to work together for the common good of the entire IoT implementation – locally and globally –thereby driving truly pervasive, customized security across the extended network.

Cisco can help organizations deliver the security they need to succeed in the IoT and IoE eras. To hear more about Cisco’s big data story, join us for a webcast at 9 AM Pacific time on October 21st entitled ‘Unlock Your Competitive Edge with Cisco Big Data and Analytics Solutions.’ #UnlockBigData

As the pace of big data adoption increases, speeding delivery of new big data and analytics solutions will become increasingly important. To find out how Cisco is helping our customers do just that, watch for Mike Flannagan’s upcoming blog “Aligning Solutions to Meet Our Customers’ Data Challengesthis Thursday. #UnlockBigData

Tags: , , , , ,

Building Professional Skills for the Internet of Things

August 7, 2014 at 7:30 am PST

In my conversations with our customers and partners, one of most frequent topics is the need of aligning the skills of the Operational Technology (OT) and Information Technology (IT) professionals to the new capabilities offered by Internet of Things (IoT) related technologies and solutions, and the changing conditions and demands of the business.

There is plenty of training in the market about configuring and maintaining all the new smart objects that are coming to the market. But the specific nature of these devices radically changes the way the essential infrastructure that is needed to interconnect them should be planned, designed, deployed and maintained. These are not traditional networks.

The IoT network infrastructure for all these new “things” has to deal with several new challenges. For one, IoT devices are not traditional computing devices. There are literally hundreds of different protocols used by these devices.  They may have very specific needs in terms of speed and frequency of connectivity.  Many of them are super susceptible to changes in delay and latency, some of them connect intermittently, while some others just come in range from time to time.  Many operate 24x7 under the harshest conditions, and a lot of them where designed to operate in hierarchical and closed loop networks.

Read More »

Tags: , , , , ,

Writing a new chapter of my story: Taking on the Internet of Things opportunity at Cisco

This week I’m excited to participate in an event we are organizing in Chicago, home of the 2014 Internet of Things World Forum.  We’re meeting with some of our partners and customers as we make a few joint announcements – including a new IoE Innovation Center in Barcelona, and showcasing some new solutions built on our platform by some of our partners. Additionally, I’m getting a preview of some of the amazing smart & connected deployments in Chicago – a preview for the IoT World Forum.

I am writing this blog as I gear up to lead Cisco’s Internet of Things (IoT) Systems & Software Group. Over the last few weeks I’ve spent time getting to know the group and have been struck by the tremendous energy and focus on customers and partners the team has.  I’m also excited about how dynamic the Internet of Things space is.

While we’ve calculated the total economic value at stake for Internet of Everything by 2020 – $19T – and the number of potential connected devices – 50B – these nearly unfathomable numbers may, honestly, not pan out exactly to the decimal.  The Internet of Everything could be smaller or, more likely, much much larger – but the overall point is that more and more people, process, data, and things are connecting.  Professor Michael Nelson of Georgetown University has said that “Trying to determine the market size for the Internet of Things is like trying to calculate the market for plastics, circa 1940.”  At that time it would have been nearly unfathomable for the numbers of existing things – milk containers, furniture, industrial components – to be made into plastic.  And just as plastics have pervaded every part of our lives and enabled new industries, the connections created by Internet of Everything will too. I think that’s a great way to think about the untapped potential of this market. Read More »

Tags: , , , , , ,

HAVEX Proves (Again) that the Airgap is a Myth: Time for Real Cybersecurity in ICS Environments

July 3, 2014 at 7:00 am PST

The HAVEX worm is making the rounds again. As Cisco first reported back in September 2013, HAVEX specifically targets supervisory control and data acquisition (SCADA), industrial control system (ICS), and other operational technology (OT) environments. In the case of HAVEX, the energy industry, and specifically power plants based in Europe, seems to be the primary target. See Cisco’s security blog post for technical details on this latest variant.

When I discuss security with those managing SCADA, ICS and other OT environments, I almost always get the feedback that cybersecurity isn’t required, because their systems are physically separated from the open Internet. This practice, referred to in ICS circles as the “airgap”, is the way ICS networks have been protected since the beginning of time; and truth be told, it’s been tremendously effective for decades. The problem is, the reality of the airgap began to disappear several years ago, and today is really just a myth.

Today, networks of all types are more connected than ever before. Gone are the days where only information technology (IT) networks are connected, completely separated from OT networks.  OT networks are no longer islands unto themselves, cut off from the outside world. Technology trends such as the Internet of Things (IoT) have changed all of that. To gain business efficiencies and streamline operations, today’s manufacturing plants, field area networks, and other OT environments are connected to the outside world via wired and wireless communications – in multiple places throughout the system! As a result, these industrial environments are every bit as open to hackers and other cyber threats as their IT counterparts. The main difference, of course, is that most organizations have relatively weak cybersecurity controls in these environments because of the continued belief that an airgap segregates them from the outside world, thereby insulating them from cyber attacks. This naivety makes OT environments an easier target.

The authors of HAVEX certainly understand that OT environments are connected, since the method of transmission is via a downloadable Trojan installed on the websites of several ICS/SCADA manufacturers. What’s considered a very old trick in the IT world is still relatively new to those in OT.

It’s absolutely essential that organizations with ICS environments fully understand and embrace the fact that IT and OT are simply different environments within a single extended network. As such, cybersecurity needs to be implemented across both to produce a comprehensive security solution for the entire extended network. The most important way to securely embrace IoT is for IT and OT to work together as a team. By each relinquishing just a bit of control, IT can retain centralized control over the extended network – but with differentiated policies that recognize the specialized needs of OT environments.

We’ll never completely bulletproof our systems, but with comprehensive security solutions applied across the extended network that provide protection before, during, and after an attack, organizations can protect themselves from most of what’s out there. A significant step in the right direction is to understand that the airgap is gone forever; it’s time to protect our OT environments every bit as much as we protect our IT environments.

Tags: , , , , , , , , , , , , ,

Security and Collaboration – Top of mind for IT and OT (Operational Technologies) professionals

During the past ENTELEC event held in Houston, I had the opportunity to chat with Shawn Birch – Partner Development Consultant At Tait Communications to ask him about his impressions of the shows and what would be the key care-abouts of IT people during this Oil and Gas event.

Shawn Birch in the Cisco ENTELEC booth

Shawn Birch in the Cisco ENTELEC booth

Tait Communications is a multinational global radio communications company with headquarters based in Christchurch, New Zealand. The company has offices in 20 countries and employs approximately 1000 staff.  Tait develops voice and data radio technologies, exporting about 95% of products from its Christchurch manufacturing base.

Tait specializes in designing, deploying, supporting, and servicing complete mission-critical unified communication solutions in industries such as Oil and Gas and it is a Global Advance technology partner of Cisco around collaboration solutions and #IoT.

Here it is a short transcript of the things I found very relevant from our conversation:

ENTELEC ClaraA 2 compressed

Cisco booth during ENTELEC

From your experience and point of view what were the key concerns and topics of interest of the customers during ENTELEC?  “Convergence of voice, video and data and secure networks for digital oilfield.”

What did we showcase together in the show floor and the key benefits for the customers? “Tait showcased Unified Critical Communication two- way radio solutions integrated together as one through the power of Cisco IPICS (Interoperability and Collaboration System). This is a robust solution that enables and allows improvements in operational efficiency without compromising security. The approach of this solution is to protect the investment in legacy systems and migrate to the next generation of critical communications”

What was the overall reaction of the customers to our demo/presentation?  “Excited about the opportunity to blend state of the art Tait two-way radio solutions into the secure umbrella of the Cisco network in support of Unified Critical Communications with multi-modal integration of PTT, (Push to Talk) technology from anywhere, anytime and with any device.”

What will be a key takeaway/final thought you would like to share with our blog-readers? “Be prepared for the future, the IoT solutions will transform the way the people do business in digital oilfields as we continue to merge technologies trough unified critical communications.”

Cisco Focused on the same care-abouts: Security and Collaboration. You can read more about ENTELEC from Peter Granger (Heads up on What You’ll See) here, and Roberto De La Mora here (What Does it Mean to You?) . During the event Cisco showcased two new use case solutions as well,  but those topics deserve a whole blog. We will keep you posted!!!….

 

Tags: , , , , , , , ,