Cisco Blogs
Share

Cisco IoT Threat Defense: Securing the IoT at Scale

- May 23, 2017 - 1 Comment

Protect Vital Services in Advanced Medical Care, Automated Manufacturing, and Power Generation and Delivery

From time to time, I find it’s helpful to pause and take stock of why I do what I do.

Recently, I found myself talking with a CEO of a medical startup. Their goal was to improve the care of cancer patients through customized drug therapies. Their approach uses a patient’s genomic information, real-time health data, and current prescriptions to formulate a personalized medication regimen. That regimen helps give the appropriate combinations and dosage of the proper medications specifically for that individual to avoid negative side effects. The more he spoke, the more fascinated I became, and it hit me.

This is the why!

Cybersecurity is not going to improve patient care. It is not going to cure cancer. What it will do is help researchers continue their important work.  Imagine the impact of a ransomware attack against this company. What if the research data were manipulated to show false positives or negatives? What if the devices administering the medications were exploited by a malicious actor? And this is just one use case among many exemplifying the promise of the Internet of Things (IoT). That promise is being made real in healthcare, manufacturing, and utilities, to name a few. Yet, we’re just getting started with the IoT, and there is so much more to come.

We at Cisco are fully committed to the IoT, and we believe the IoT must be secured for its promise to be realized. Securing the IoT is easier said than done, though. The first complication is that most IoT devices can’t protect themselves. To be fair, there are a number of reasons why they can’t, but from a cybersecurity perspective, those reasons don’t matter. A vulnerability is a vulnerability is a vulnerability. And these vulnerabilities create ample opportunities for an attacker to exploit those devices and gain access to your network.

The second complicating factor is scale. We estimate that there will be 50 billion connected devices by 2020. That’s enough to give any security administrator heartburn.

Look. Enterprises are exposed now. And our customers are asking us how Cisco can protect them… now.

We are proud to announce Cisco IoT Threat Defense. Cisco IoT Threat Defense, first, securely segments IoT devices based on policy that provides an adaptable, extensible means of protecting vital services at IoT scale. Think connected medical care, power generation and delivery, automated manufacturing, and more. Segmentation puts those IoT devices out of reach of attackers, and if they are compromised, prevents these devices from being used as pivot points for attackers to move through the network.

Network segmentation is not new. Virtual Local Area Networks (VLANs) have been in use for decades. But with the expected explosion of connected things, the sheer scale of the IoT makes creating enough VLANs impractical, if not impossible.

Cisco has designed, deployed, and secured networks for over 25 years. We continue to build the equipment, invent the technologies, and develop the standards that help make the Internet possible.

We have invented an extensible, automated, policy-based technology to solve the problem of secure segmentation at scale for the IoT. It is supported across a wide range of Cisco equipment – ruggedized or non-ruggedized, in the data center or branch office.

Cisco IoT Threat Defense is built as a cybersecurity architecture, featuring a strong cast of integrated products, starting with Identity Services Engine (ISE) and TrustSec, which facilitate extensible, scalable segmentation using group- and device-based access policy throughout the network. These are layered with Stealthwatch, Umbrella and Next-Generation Firewall, as well as Cognitive Threat Analytics, AnyConnect VPN, and Advanced Malware Protection. Cisco Security Services puts real people into the solution to help organizations make decisions about protecting their environments, from medical facilities treating patients, to manufacturing plant operations, to power companies powering the electric grid.

Let’s be clear about something important. The last thing operators of critical networks want to hear about is automated cybersecurity. It may be fine for most IT networks, but certainly not for industrial control networks, and we know this. You can automate as much or as little as you want. It’s your network, and you control it. We help you do it more easily and securely.

Attacks do succeed, and people do make mistakes. We constantly analyze network traffic not just throughout your network, but also traffic entering and exiting your organization. We use our integrated portfolio to detect anomalies, block threats, identify compromised hosts, and help prevent user error.

Despite the technological advances that the IoT represents, the human factor is the most important. People develop these technologies to help people, to secure IoT environments. Our people are highly skilled experts with decades of experience, who can help businesses design, assess, secure, operate, and respond to incidents in all manner of networks. Incident readiness and response services allow organizations to respond to attacks and reduce damage, exposure, and network downtime.

So, who better to help meet the challenge of the IoT head on?

For more on Cisco IoT Threat Defense, check out our announcement and the Cisco IoT Threat Defense at-a-glance.

Tags:

All comments in this blog are held for moderation. Your comment will not display until it has been approved

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.

1 Comments

    Real truth: "Point products cannot provide the depth, breadth, or scale of protection customers need to defend their organization against IoT threats". And I think customers will have the right tool through "Cisco IoT Threat Defense", just a winner formula.

Share