Interest in industrial control systems (ICS) security has shot up in response to cyberattacks on organizations like the city of Oldsmar’s water utility, Honda, Merck, Maersk, and Johannesburg’s electric utility. New technologies have matured over the last few years to help build more advanced industrial security architectures. Assessing emerging solutions is always challenging—and ICS security is no exception.

So it’s timely that Forrester issued an independent analysis of the most significant ICS security solutions. Cisco was among the select companies that Forrester invited to participate in The Forrester Wave™: ICS Security Solutions, Q4 2021 evaluation, and I’m pleased to report that Cisco Industrial Threat Defense was named a Leader.



15+ year track record in industrial digitization

Cisco is best known for enterprise cybersecurity and networking. Fewer people know that for more than 15 years we’ve also been helping industrial organizations around the globe digitize their operations. Manufacturers, energy and water utilities, mines, ports, railways, roadways, and more. In fact, Cisco leads every segment of the industrial networking market. Behind that achievement is our deep understanding of operational technology (OT) requirements plus a leading cybersecurity portfolio. It’s a rare combination.

Picture a comprehensive, pre-integrated industrial cybersecurity solution

What sets Cisco Industrial Threat Defense apart? It’s not just a “point product” for one piece of the ICS security puzzle. Instead, it brings together everything you need to secure your industrial operations. Some of the highlights:

  • Visibility into industrial assets and how they communicate, helping you to understand your security posture and build the right security policies,
  • Macro-segmentation to isolate networks and prevent intrusions,
  • Micro-segmentation to dynamically enforce security policies based on zones and conduits defined by OT teams,
  • Endpoint detection and response (EDR) to protect industrial workstations and servers from malware,
  • Secure remote access to industrial networks or to distributed remote assets,
  • Industry-leading threat intelligence and incident response services,
  • Extended detection and response (XDR) for threat investigation and remediation orchestration across IT and OT domains.

All products in Industrial Threat Defense are pre-integrated to play well together. That’s a game changer. Most security teams already have 15 to 20 different cybersecurity tools—nobody wants the added complexity of integrating yet another point product. With Industrial Threat Defense you get everything you need in one solution family. It’s powerful, scalable, and also simple.

You might be thinking, “That’s great if you’re starting from scratch, but we’ve already invested in similar products. Can we still use them with Industrial Threat Defense?” Yes! We designed Industrial Threat Defense so that you can replace any component with an existing solution from another vendor. We’re committed to an open ecosystem. 

A shout out for zero-trust security

Cisco’s current offering scored among the top three in The Forrester Wave™ evaluation, and we received the highest score possible for our product strategy. The Forrester report states that Cisco’s “superior product strategy is to enable ICS asset owners to move towards a zero-trust model.”

The idea behind zero-trust is “guilty until proven innocent.” In other words, don’t grant access to a network or a service until you’ve established trust. Once you’ve confirmed the device is compliant with your security policies, give access only to the resources it needs to do its job. Trust isn’t permanent— continuously monitor the device to detect anomalous behaviors or any signs of compromise. For more, I recommend this white paper on how to extend zero-trust security to industrial settings.

Zero-trust is a smart approach to safely digitize industrial operations because the most critical parts of an industrial control system often lack the basic security mechanisms and now exchange even more data with enterprise and cloud applications. Cisco Industrial Threat Defense bridges the gap, helping IT and OT teams build a collaborative workflow where OT defines the zones of trust and IT enforces them to secure industrial operations.

Take the journey step by step

Industrial Threat Defense gives you the framework to move toward zero-trust at your own pace. Wherever you are in your ICS security journey—just starting out, looking to gain visibility, moving toward zero-trust, or on the way to a fully converged IT/OT security architecture—Industrial Threat Defense can help you get there faster. The journey goes smoothly because everything is pre-integrated. And there’s less risk because you can continue using whatever solutions you already have in place.

Learn more

– Read The Forrester Wave™: ICS Security Solutions, Q4 2021

– Explore Cisco Industrial Threat Defense

– Learn about extending zero-trust security to industrial operations

– Subscribe to our IoT/OT Security Newsletter


Ruben Lobo

Director, Product Management

Cisco Industrial IoT