Many of you know about the Cisco Secure Ops Solution that was announced in 2014, and that it has already been adopted by Shell to secure the company’s critical infrastructure, but may not have seen a demonstration or talked with a Cisco subject matter expert about it.
Cisco Live, San Diego, CA, USA
Well, here’s your chance. We have arranged for a booth in the industrial vertical area at the World of Solutions at Cisco Live in San Diego to show just that. We’re pleased to be accompanied by one of Cisco’s security partners to show new features and functionality that takes Secure Ops even deeper into the cybersecurity protection and surveillance arenas.
The Cybersecurity space is getting more and more alarming every day. As my colleague Peter Granger notes, we have gone from the quaint world of Sherlock Holmes…
Sherlock Holmes: I didn’t really ask, Dr. Franklyn, but what exactly do you do here?
Dr. Franklyn: Oh, Mr. Holmes, I’d love to tell you. But then of course, I’d have to kill you.
Sherlock Holmes: That would be tremendously ambitious of you.
…past the pseudo-high-tech world of James bond and closer to a more modern world reminiscent of Kiefer Sutherland’s character Jack Bauer in the TV series ’24’. Today’s Cyber attacks are not just disgruntled employees or simple mischief makers (although that’s bad enough), but can be carried out by powerful crime syndicates and hostile governments.
Now more and more attacks are becoming visible and reported (e.g. Stuxnet like ‘Havex’ malware strikes European SCADA Systems – June 2014) and whether they are a terrorist attack such as the data destruction attacks on Saudi Aramco and on Qatar’s RasGas gas company in 2012 or unintentional (the vast majority of reported cyber incidents are ‘accidental in nature’ as reported by the Repository of Industrial security incidents, 2011), billions of dollars are lost every year because of them. Night Dragon, Shamoon, Flame, and Duqu have joined Stuxnet in the past few years and more will come.
A study by Fox-IT reported that 60 percent of oil and gas companies do not have a cybersecurity incident response plan. In addition, only 11 percent are fully confident that they can address a cybersecurity breach appropriately. Twenty-three percent admitted that they are not actively monitoring their network for potential intrusions.
How can Cisco help your energy organization? You can find out more by visiting our cisco.com website, and check out the Security for Industrial Networks Overview/White Paper (don’t worry, it’s less than 3 pages!).
And, of course, you can also visit us Cisco Live: there you’ll see how the Cisco Secure Ops Solution is relevant to many industries and is helping tackle our customers’ security challenges. A combination of technology, software and services expertise, Secure Ops Solution can help you increase your security response levels significantly – before, during and after an attack, across the entire attack continuum.
Don’t forget our other presence there around the Collaborative Operations Solution, which my colleague Suresh Venkat talks about here: What does a Cisco Live Demonstration have to do with droughts, floods and fossil fuels?
We look forward to seeing you in the Process Manufacturing Secure Industrial Networks booth at the World of Solutions next week.
As always – comments are always appreciated and we respond to questions!
Tags: Cisco Secure Ops, cybersecurity, data, Digital transformation, Energy/Utilities, Internet of Everything, IoE, oil and gas, Secure Ops Solution, utilities
Kevin Collins, CEO and co-founder, Bit Stew
We’ve introduced several of the key figures within Bit Stew and shared with you the ways they are working to bring the IIoT to fruition, particularly within the energy sector.
I had a chat with Kevin Collins, CEO of Bit Stew to discuss the next opportunities for the company:
“It’s an exciting day at Bit Stew, with the announcement of additional funding from Cisco Investments and GE Ventures. With this support, we will continue to bring our experience in managing massive data sets and optimizing edge and fog computing to automate industrial operations in utilities and other industries as well.”
Kevin told me that the new funding will help fuel Bit Stew’s ongoing technology innovation and customer adoption: “This investment will open doors to new market opportunities for Bit Stew, and positions the company as a global leader in Software Defined Operations for IIoT. Bit Stew has quickly become the hot company to watch”.
Bit Stew was recently recognized to Greentech Media’s prestigious Grid Edge 20 list, as one of the top 20 innovators architecting the future of the electric power industry, along with Tesla, Duke Energy and SolarCity. “Making the Grid Edge 20 provides validation of our strong market traction, and is a tribute to what we’ve achieved since Bit Stew was incorporated in 2009. It also serves as a reminder of the responsibility we have to our utility customers, partners, and the industry as we work towards transforming the power sector to one that is more efficient, reliable and agile.”
Purpose-built for the Industrial Internet
The MIx Core platform is the culmination of years of industry-hardened machine learning derived from trillions of data points analyzed throughout the utility and oil and gas industries. Purpose-built for the Industrial Internet, MIx Core processes and analyzes greater volumes of data than most of the largest social networks in the world every day.
Bit Stew’s MIx Core takes full advantage of Cisco’s IOx technology, by embedding its core technology inside Cisco fog devices, providing data analysis at the edge of the network and in cloud-based systems – all in real-time. Running MIx Core in the “fog” brings a significant new advantage for organizations that are dealing with massive amounts of data running on complex networks in the IIoT
“Bit Stew’s collaboration with Cisco and the synergy between our Mix products and Cisco’s IOx platform has allowed us to utilize fog computing to completely revolutionize the way the energy sector operates,” Kevin said. “By using the edge of the network in the computing and analysis process, together we can create instant intelligence that is shared simultaneously in the operations center and in the field. This contextual analysis of industrial operations enables decision-making with a confidence that wasn’t necessarily available before. This expanded awareness results in increased up-time, faster issue resolution and optimized dispatch of resources,” adds Kevin.
Clearly Bit Stew is going places. And not just with utilities anymore. Find out more here: Read More »
Tags: Bit Stew, Bit Stew Systems, Fog computing, IIoT, IoT, IOx, MIx Core, MIx Director, oil and gas, utilities
In the first six months of 2013, 53 percent of cybersecurity incidents were in the energy sector, according to the Department of Homeland Security. As cyber-attacks are becoming increasingly prevalent in industries that support our critical infrastructure, it’s crucial that business leaders adopt security process designed to address these new threats. Are you ready?
While I was at CERAWeek last month, former US Secretary of Energy, Daniel B. Poneman, and Under Secretary, NPPD, US Department of Homeland Security, Suzanne Spaulding had a message to attendees. Their message was clear:
Cyber Security is a “C-Suite” topic of Enterprise Risk Management.
Their recommendations are strong: Security needs to be baked it in from the beginning! Physical and Cyber Security and Secure Coding of Software!
• Implement Layered Protection; we cannot depend on just a perimeter defense
• Apply Cyber Security Framework: 1. Assess, 2. Protect, 3. Detect, 4. Respond, 5. Recover
• Attend to the nexus of Physical and Cyber Security
• Test your response, including business recovery and continuity
Digital strategy and business strategy are becoming one and the same. Forward-looking energy firms see opportunity in today’s turbulent market and seek to pull ahead by changing their operating models through the Internet of Everything (IoE). Transformative digital technologies have to potential to deliver many advantages to O&G firms, including increased business agility and risk awareness, lower cost of operations, and reduced downtime. But before the industry can embrace these new strategies, an effective, end-to-end cybersecurity approach—including alignment between IT and OT—is needed.
Security a Catalyst for Transformation
Digital transformation means that a range of new and diverse devices are connecting to industrial oil and gas networks, generating greater amounts of data. When managed effectively, this data delivers the right information to the right place, at the right time, helping create a competitive advantage. However, as the IoE proliferates, the accompanying explosion of devices and applications will lend itself to increased areas of attack that criminals will seek exploit.
Oil and gas companies must replace traditional approaches like physical segmentation and security by obscurity. They need an integrated approach where information flows in real time to enable immediate action. Cybersecurity doesn’t need to be an inhibitor. It should be the catalyst for new ways of working. It can help oil and gas companies work more safely and better protect the environment by obtaining remote visibility and control over operations, including processes in refineries. It can make processes more efficient, increase production and reduce overall costs.
Addressing the Entire Threat Continuum
Cyber-attacks occur on a continuum of before, during, and after. The same digital hyper-connectivity that oil and gas managers use to collect data and control machines and processes, can also allow cyber attackers to get into system networks and steal or alter classified information, disrupt processes and cause damage to equipment. Threats to a company’s information systems and assets could come from anywhere. State and non-state actors from around the globe are constantly working to penetrate the networks of energy providers and other critical infrastructures in the U.S.
Energy firms must address this entire continuum with a visibility-driven, threat -focused, and platform-based framework:
- Visibility-driven means having an accurate, real-time view of the network fabric, endpoints, mobile devices, applications, virtual environments, the cloud, and their interrelationships. High visibility allows you to make sense of billions of devices, applications, and their associated information, while helping you see an attack coming, control the environment, and mitigate threats.
- Threat-focused means focusing on detecting, understanding, and stopping threats. Policies and controls reduce the surface area of attack, but threats still get through. Focusing on threats can help you identify threats and indicators of compromise based on a well-honed understanding of normal and abnormal behavior. This requires continuous analysis and real-time cybersecurity intelligence across all technologies. With contextual awareness, you can identify false-positives and assess the impact of a threat.
- Platform-based means we have an integrated system of agile and open platforms that cover the network, devices and the cloud. It is a true platform of scalable, easy-to-deploy services and applications. You gain powerful end-to-end visibility with centralized management for unified policy and consistent controls
Securely Converge IT and OT
As oil and gas companies embrace the IoE, they bring together the use of information technology (IT) and operational technology (OT). Security needs to be as pervasive and applied in a unified way across the extended network. Physical and cybersecurity solutions must work intelligently together to reduce unauthorized system access – in order to protect networks, devices, applications, users and data. For example, in many oil and gas companies today, upstream and downstream domains use different solutions for common tasks such as asset performance management. In addition, OT is often managed autonomously from IT, even for critical functions such as reliability and cybersecurity.
Cisco has the broadest set of solutions covering the broadest set of attack vectors, leveraging both global and local intelligence. Cisco’s Secure Ops Solution is helping oil and gas companies secure industrial control networks by combining on-premises technology, processes, and managed services. For example, Royal Dutch Shell (Shell) was challenged with increasing its security maturity level. By implementing the Secure Ops Solution, Shell was able to improve its cyber security and risk management, lowering costs of delivery while significantly reducing its costs of securing the process control systems that keep billions of pounds of toxic material under control. Cisco Secure Ops Solution provides remote proactive monitoring and Service-Level-Agreement (SLA) driven management of security, applications and infrastructure, making it easier to:
• Manage cyber-security risk.
• Support compliance.
• Secure the perimeter between enterprise and operational networks.
• Implement and maintain layered security controls
How can Cisco help your energy organization? Read More »
Tags: Cisco, Cisco Secure Ops, cybersecurity, data, Digital transformation, Energy/Utilities, Internet of Everything, IoE, oil and gas, utilities
Dan O’Malley talks about Cisco Systems offerings that are resonating in the Energy Industry and elsewhere. Cisco helps customers pre-plan for storms and to respond to disasters with sophisticated collaboration and device connectivity enabling technologies.
Many new technologies enable worker safety and visibility using 2-way radios, smart devices, and mobile broadband “connecting people and devices and work crews together smartly over the internet”. In the video Dan talks about the challenges customers face and how Cisco is helping them get ‘positive business outcomes’.
Yes – I know what you mean – what does that really mean? Well, mother nature doesn’t always cooperate, so getting outages dealt with as quickly as possible is one positive outcome. Keeping in touch with workers, especially those in dangerous areas, and warning them if safety issues occur is another. And maybe even having ‘wearable’ biometric devices attached to workers to see how they’re doing physically, and monitoring their vitals in real time by operations centers. That’s another.
Just keeping track of field workers is a challenge – and making best use of a constrained ‘expert pool’ might be another. Some newer ‘millennial’ devices are, of course, part of the architectural approach, but so are traditional two-way radios and other devices – so that everyone can communicate and collaborate to get the job done. And it’s getting the job done that really gives good business outcomes – ask any customer!
So, in the words of Dan:
It’s about smartly connecting people, and devices and work-crews together smartly over the internet. That’s what we do.
…and providing the best business outcomes possible: Read More »
Tags: business outcomes, incident response, IPICS, outage, safety, utilities
You may already have seen the announcement of the Cisco Industrial Operations kit (if not you can read about it here: New Cisco Offerings Help Unlock the Industrial Value of the Internet of Things).
As organizations such as utilities, oil, gas and energy companies, and municipalities, look to leverage new IoT applications, demand is growing for a quick and simple way to deploy Field Area Network (FAN) pilots, as well as reduce the cost of deploying a secure network infrastructure for medium and small size deployments
Gaurav Agarwal, Technical Marketing Engineer, Vertical Solutions, Cisco, provides a short introduction to the Cisco Industrial Operations Kit and how it virtualizes deployment to reduce setup time to days for Field Area Networks and Industrial Networks.
It’s all about Cisco helping customers start to deploy multi-service FAN solutions quickly and more cost-effectively. By actually virtualizing secure network services on a single Cisco Unified Computing Server, the Industrial Operations Kit can now be deployed in a matter of days, instead of weeks (or, in some cases, saving months!).
It’s based on the Connected Grid Network Management System and plays a critical role in creating efficient, secure and affordable industrial architectures for small to midsize organizations and large field area network pilots.
Here’s what Kip Compton, vice president of IoT Systems and Software, Cisco, had to say at the launch “The IE 4000 and Industrial Operations Kit demonstrate how Cisco is taking the lead in bringing IoT capabilities to customers of all sizes. The market is demanding new infrastructure capabilities, and Cisco’s leadership in Gigabit switching technologies and comprehensive, end-to-end field network deployment offerings puts us in a unique position to help organizations build out long term strategies that address the challenges of an IoT environment. We have developed these offerings to give customers the ability to accelerate their IoT innovations.”
For the technical amongst you, The kit includes a single headend router, bundled with Cisco PRIME Access Registrar software for authentication, authorization and accounting, and the Connected Grid Network Management System with Cisco Embedded Services Routers for zero-touch deployment, managing up to 300 industrial routers and 250,000 RF Mesh endpoints with a single server.
Jeff Carkhuff, vice president of global solutions marketing for electricity, Itron was quoted as saying: “…With the Cisco Industrial Operations Kit, we are able to offer our customers more choices to match their specific needs, giving them an easy path to more IoT-friendly environments.” Read More »
Tags: FAN, field area networks, Gaurav Agarwal, IoE, IoT, oil and gas, utilities